[CERT-daily] Tageszusammenfassung - 02.06.2020

Tue Jun 2 18:36:42 CEST 2020

=====================
= End-of-Day report =
=====================

Timeframe:   Freitag 29-05-2020 18:00 − Dienstag 02-06-2020 18:00
Handler:     Thomas Pribitzer
Co-Handler:  Stephan Richter

=====================
=       News        =
=====================

∗∗∗ Critical Exim bugs being patched but many servers still at risk ∗∗∗
---------------------------------------------
Patching Exim mail servers is not going fast enough and members of the Russian hacker group Sandworm are actively exploiting three critical vulnerabilities that allow executing remote command or code remotely.
---------------------------------------------
https://www.bleepingcomputer.com/news/security/critical-exim-bugs-being-patched-but-many-servers-still-at-risk/


∗∗∗ How to scan email headers for phishing and malicious content ∗∗∗
---------------------------------------------
Phishing emails are one of the most common attack vectors used by cybercriminals. They can be used to deliver a malicious payload or steal user credentials from their target. Spearphishing emails are designed to be more specifically targeted and more believable to their intended victims. By crafting a pretext that is extremely personal to [...]
---------------------------------------------
https://resources.infosecinstitute.com/how-to-scan-email-headers-for-phishing-and-malicious-content/


∗∗∗ In-depth analysis of the new Team9 malware family ∗∗∗
---------------------------------------------
Publicly discovered in late April 2020, the Team9 malware family (also known as ‘Bazar [1]’) appears to be a new malware being developed by the group behind Trickbot. Even though the development of the malware appears to be recent, [...]
---------------------------------------------
https://blog.fox-it.com/2020/06/02/in-depth-analysis-of-the-new-team9-malware-family/


∗∗∗ Apple schließt kritische Lücke in Anmeldedienst "Sign in with Apple" ∗∗∗
---------------------------------------------
In Apples bequemem Anmeldedienst klaffte eine kritische Sicherheitslücke, mit der sich beliebige Nutzerkonten übernehmen ließen. Sie ist inzwischen geschlossen.
---------------------------------------------
https://heise.de/-4770560


∗∗∗ How I tricked Symantec with a Fake Private Key ∗∗∗
---------------------------------------------
Lately, some attention was drawn to a widespread problem with TLS certificates. Many people are accidentally publishing their private keys. Sometimes they are released as part of applications, in Github repositories or with common filenames on web servers.  If a private key is compromised, a certificate authority is obliged to revoke it. The Baseline Requirements – a set of rules that browsers and certificate authorities agreed upon – regulate this and say that in such a case a [...]
---------------------------------------------
https://blog.hboeck.de:443/archives/888-How-I-tricked-Symantec-with-a-Fake-Private-Key.html


=====================
=  Vulnerabilities  =
=====================

∗∗∗ Multiple Cisco UCS-Based Products UEFI Secure Boot Bypass Vulnerability ∗∗∗
---------------------------------------------
A vulnerability in the firmware of the Cisco UCS C-Series Rack Servers could allow an authenticated, physical attacker to bypass Unified Extensible Firmware Interface (UEFI) Secure Boot validation checks and load a compromised software image on an affected device. 
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200219-ucs-boot-bypass


∗∗∗ Cisco NX-OS Software Unexpected IP in IP Packet Processing Vulnerability ∗∗∗
---------------------------------------------
A vulnerability in the network stack of Cisco NX-OS Software could allow an unauthenticated, remote attacker to bypass certain security boundaries or cause a denial of service (DoS) condition on an affected device.The vulnerability is due to the affected device unexpectedly decapsulating and processing IP in IP packets that are destined to a locally configured IP address. An attacker could exploit this vulnerability by sending a crafted IP in IP packet to an affected device.
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ipip-dos-kCT9X4


∗∗∗ Security updates for Tuesday ∗∗∗
---------------------------------------------
Security updates have been issued by Arch Linux (ant, bind, freerdp, and unbound), CentOS (bind, freerdp, and git), Debian (python-httplib2), Fedora (ant, kernel, sqlite, and sympa), openSUSE (java-11-openjdk and qemu), Oracle (bind), Red Hat (freerdp), Scientific Linux (python-pip and python-virtualenv), Slackware (firefox), SUSE (qemu), and Ubuntu (Apache Ant, ca-certificates, flask, and freerdp2).
---------------------------------------------
https://lwn.net/Articles/822036/


∗∗∗ VMware Cloud Director Vulnerability Has Major Impact for Cloud Providers ∗∗∗
---------------------------------------------
A recently patched vulnerability affecting VMware Cloud Director has a major impact for cloud services providers as it can allow an attacker to take full control of all private clouds hosted on the same infrastructure, cybersecurity firm Citadelo revealed on Monday. 
---------------------------------------------
https://www.securityweek.com/vmware-cloud-director-vulnerability-has-major-impact-cloud-providers


∗∗∗ Androids June 2020 Patches Fix Critical RCE Vulnerabilities ∗∗∗
---------------------------------------------
Google has started rolling out the June 2020 security patches for the Android operating system, which address a total of 43 vulnerabilities, including several rated critical.
---------------------------------------------
https://www.securityweek.com/androids-june-2020-patches-fix-critical-rce-vulnerabilities


∗∗∗ [20200604] - Core - XSS in jQuery.htmlPrefilter ∗∗∗
---------------------------------------------
https://developer.joomla.org:443/security-centre/816-20200604-core-xss-in-jquery-htmlprefilter.html


∗∗∗ [20200603] - Core - XSS in com_modules tag options ∗∗∗
---------------------------------------------
https://developer.joomla.org:443/security-centre/815-20200603-core-xss-in-com-modules-tag-options.html


∗∗∗ [20200605] - Core - CSRF in com_postinstall ∗∗∗
---------------------------------------------
https://developer.joomla.org:443/security-centre/817-20200605-core-csrf-in-com-postinstall.html


∗∗∗ [20200602] - Core - Inconsistent default textfilter settings ∗∗∗
---------------------------------------------
https://developer.joomla.org:443/security-centre/814-20200602-core-inconsistent-default-textfilter-settings.html


∗∗∗ [20200601] - Core - XSS in modules heading tag option ∗∗∗
---------------------------------------------
https://developer.joomla.org:443/security-centre/813-20200601-core-xss-in-modules-heading-tag-option.html


∗∗∗ Security Bulletin: A vulnerability in IBM Java Runtime affects IBM Spectrum Conductor and IBM Spectrum Conductor with Spark ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-a-vulnerability-in-ibm-java-runtime-affects-ibm-spectrum-conductor-and-ibm-spectrum-conductor-with-spark/


∗∗∗ Security Bulletin: IBM has announced a release for IBM Security Identity Governance and Intelligence in response to security vulnerabilities. ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-has-announced-a-release-for-ibm-security-identity-governance-and-intelligence-in-response-to-security-vulnerabilities-3/


∗∗∗ Security Bulletin: CVE-2019-4667 Lack of Built in HSTS option ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-cve-2019-4667-lack-of-built-in-hsts-option-2/


∗∗∗ Security Bulletin: Vulnerabilities in Open Source Python affects IBM Tivoli Application Dependency Discovery Manager (CVE-2019-18348) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-in-open-source-python-affects-ibm-tivoli-application-dependency-discovery-manager-cve-2019-18348/


∗∗∗ Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Spectrum Conductor and IBM Spectrum Conductor with Spark ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-runtime-affect-ibm-spectrum-conductor-and-ibm-spectrum-conductor-with-spark-2/


∗∗∗ Security Bulletin: IBM has announced a release for IBM Security Identity Governance and Intelligence in response to security vulnerabilities ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-has-announced-a-release-for-ibm-security-identity-governance-and-intelligence-in-response-to-security-vulnerabilities-2/


∗∗∗ Security Bulletin: Vulnerability in Apache CXF affects WebSphere Application Server (CVE-2019-12406) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-apache-cxf-affects-websphere-application-server-cve-2019-12406-2/


∗∗∗ Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU – Jan 2020 – Includes Oracle Jan 2020 CPU minus CVE-2020-2585, CVE-2020-2654, and CVE-2020-2590 ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-sdk-java-technology-edition-quarterly-cpu-jan-2020-includes-oracle-jan-2020-cpu-minus-cve-2020-2585-cve-2020-2654-and-cve-2020-2590/


∗∗∗ Security Bulletin: CVE-2020-2654 may affect IBM® SDK, Java™ Technology Edition ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-cve-2020-2654-may-affect-ibm-sdk-java-technology-edition-3/


∗∗∗ Security Bulletin: WebSphere liberty is vulnerable to a DOS (CVE-2019-4720) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-websphere-liberty-is-vulnerable-to-a-dos-cve-2019-4720/


∗∗∗ Security Bulletin: Vulnerability in Apache CXF affects WebSphere Application Server Liberty (CVE-2019-12406) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-apache-cxf-affects-websphere-application-server-liberty-cve-2019-12406/


∗∗∗ Security Bulletin: IBM Planning Analytics Workspace is affected by security vulnerabilities ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-planning-analytics-workspace-is-affected-by-security-vulnerabilities/


∗∗∗ NTP vulnerability CVE-2020-11868 ∗∗∗
---------------------------------------------
https://support.f5.com/csp/article/K44305703?utm_source=f5support&utm_medium=RSS


∗∗∗ PEPPERL+FUCHS, PACTware: Two password vulnerabilities found ∗∗∗
---------------------------------------------
https://cert.vde.com/de-de/advisories/vde-2020-017


∗∗∗ PHOENIX CONTACT FL MGUARD, TC MGUARD, TC ROUTER and TC CLOUD CLIENT: PPPD vulnerable to CVE-2020-8597 ∗∗∗
---------------------------------------------
https://cert.vde.com/de-de/advisories/vde-2020-018


∗∗∗ Red Hat OpenShift Application Runtimes: Mehrere Schwachstellen ∗∗∗
---------------------------------------------
http://www.cert-bund.de/advisoryshort/CB-K20-0516

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily