[CERT-daily] Tageszusammenfassung - 13.11.2020

Fri Nov 13 18:28:11 CET 2020

=====================
= End-of-Day report =
=====================

Timeframe:   Donnerstag 12-11-2020 18:00 − Freitag 13-11-2020 18:00
Handler:     Dimitri Robl
Co-Handler:  Stephan Richter

=====================
=       News        =
=====================

∗∗∗ Ubuntu Linux schließt Lücken: Im Handumdrehen zum Systemverwalter ∗∗∗
---------------------------------------------
Ein Sicherheitsforscher stolperte über eine Lücken-Kombo, mit der einfache Nutzer einen Account mit Sudo-Rechten anlegen konnten. Ubuntu hat diese nun gefixt.
---------------------------------------------
https://heise.de/-4960051


∗∗∗ Unbreak My Heart: What I Learned About Building Better Medical Devices While Troubleshooting My Pacemaker ∗∗∗
---------------------------------------------
This blog outlines the story of Veronica Schmitts journey to fixing her ICD/Pacemaker using Medical Device Forensics.
---------------------------------------------
https://www.sans.org/blog/unbreak-my-heart-what-i-learned-about-building-better-medical-devices-while-troubleshooting-my-pacemaker


∗∗∗ A new skimmer uses WebSockets and a fake credit card form to steal sensitive data ∗∗∗
---------------------------------------------
A new skimmer attack was discovered this week, targeting various online e-commerce sites built with different frameworks. As of the writing of this blog post, the attack is still active and exfiltrating data.
---------------------------------------------
https://blogs.akamai.com/2020/11/a-new-skimmer-uses-websockets-and-a-fake-credit-card-form-to-steal-sensitive-data.html


∗∗∗ DNS Cache Poisoning Attack Reloaded: Revolutions with Side Channels ∗∗∗
---------------------------------------------
SAD DNS is a revival of the classic DNS cache poisoning attack (which no longer works since 2008) leveraging novel network side channels that exist in all modern operating systems, including Linux, Windows, macOS, and FreeBSD. This represents an important milestone -- the first weaponizable network side channel attack that has serious security impacts. The attack allows an off-path attacker to inject a malicious DNS record into a DNS cache (e.g., in BIND, Unbound, dnsmasq).
---------------------------------------------
https://www.saddns.net/


∗∗∗ Surviving college distance learning during the pandemic: a cybersecurity guide ∗∗∗
---------------------------------------------
Students in higher education are exposed to online risks more than ever. Keep yourself secure while distance learning from home with this practical guide.
---------------------------------------------
https://blog.malwarebytes.com/how-tos-2/2020/11/surviving-college-distance-learning-during-the-pandemic-a-cybersecurity-guide/


=====================
=  Vulnerabilities  =
=====================

∗∗∗ Schneider Electric sichert diverse ICS-Komponenten gegen Schwachstellen ab ∗∗∗
---------------------------------------------
Für Hard- und Software zur Konfiguration und Verwaltung industrieller Steuerungssysteme von Schneider Electric sind wichtige Sicherheitsupdates verfügbar.
---------------------------------------------
https://heise.de/-4959299


∗∗∗ ICS Advisory (ICSA-20-317-01) Mitsubishi Electric MELSEC iQ-R Series ∗∗∗
---------------------------------------------
A denial-of-service vulnerability due to uncontrolled resource consumption exists in MELSEC iQ-R series CPU modules. This vulnerability does not affect products when the "To Use or Not to Use Web Server" parameter of CPU modules is set to "Not Use." The default setting is "Not Use."
---------------------------------------------
https://us-cert.cisa.gov/ics/advisories/icsa-20-317-01


∗∗∗ PostgreSQL 13.1, 12.5, 11.10, 10.15, 9.6.20, and 9.5.24 Released! ∗∗∗
---------------------------------------------
The PostgreSQL Global Development Group has released an update to all supported versions of our database system, including 13.1, 12.5, 11.10, 10.15, 9.6.20, and 9.5.24. This release closes three security vulnerabilities and fixes over 65 bugs reported over the last three months. 
Due to the nature of CVE-2020-25695, we advise you to update as soon as possible. 
Additionally, this is the second-to-last release of PostgreSQL 9.5. If you are running PostgreSQL 9.5 in a production environment, we [...]
---------------------------------------------
https://www.postgresql.org/about/news/postgresql-131-125-1110-1015-9620-and-9524-released-2111/


∗∗∗ Security updates for Friday ∗∗∗
---------------------------------------------
Security updates have been issued by Debian (libproxy, pacemaker, and thunderbird), Fedora (nss), openSUSE (kernel), Oracle (curl, librepo, qt and qt5-qtbase, and tomcat), Red Hat (firefox), SUSE (firefox, java-1_7_0-openjdk, and openldap2), and Ubuntu (apport, libmaxminddb, openjdk-8, openjdk-lts, and slirp).
---------------------------------------------
https://lwn.net/Articles/837105/


∗∗∗ Citrix Hypervisor Security Update ∗∗∗
---------------------------------------------
A security issue has been identified in Citrix Hypervisor that may allow privileged code running in a guest VM to infer details of some computations occurring in other VMs on the host. This may, for example, be used to infer a secret encryption key used [...]
---------------------------------------------
https://support.citrix.com/article/CTX285937


∗∗∗ Citrix SDWAN Center Security Update ∗∗∗
---------------------------------------------
Multiple vulnerabilities have been discovered in Citrix SD-WAN Center that, if exploited, could allow an unauthenticated attacker with network access to SD-WAN Center to perform arbitrary code execution as root.
---------------------------------------------
https://support.citrix.com/article/CTX285061


∗∗∗ Security Bulletin: App Connect Enterprise Certified Container Designer instances may be vulnerable to CVE-2020-7760 ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-app-connect-enterprise-certified-container-designer-instances-may-be-vulnerable-to-cve-2020-7760/


∗∗∗ Security Bulletin: Novalink is impacted by Vulnerability in Hibernate Validator affects WebSphere Application Server Liberty (CVE-2020-10693) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-novalink-is-impacted-by-vulnerability-in-hibernate-validator-affects-websphere-application-server-liberty-cve-2020-10693/


∗∗∗ Security Bulletin: Novalink is impacted running oauth-2.0 or openidConnectServer-1.0 server features vulnerability in WebSphere Application Server Liberty (CVE-2020-4590) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-novalink-is-impacted-running-oauth-2-0-or-openidconnectserver-1-0-server-features-vulnerability-in-websphere-application-server-liberty-cve-2020-4590/


∗∗∗ Security Bulletin: Vulnerability in icu CVE-2020-10531. ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-icu-cve-2020-10531/


∗∗∗ Security Bulletin: Vulnerability in Open Source Python affect IBM Tivoli Application Dependency Discovery Manager (CVE-2020-8492) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-open-source-python-affect-ibm-tivoli-application-dependency-discovery-manager-cve-2020-8492/


∗∗∗ Security Bulletin: Vulnerabilities in IBM Java SDK affecting IBM Application Discovery and Delivery Intelligence V5.1.0.7 and V5.1.0.8 ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-in-ibm-java-sdk-affecting-ibm-application-discovery-and-delivery-intelligence-v5-1-0-7-and-v5-1-0-8/


∗∗∗ Security Bulletin: Vulnerabilities in Tivoli Netcool/OMNIbus ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-in-tivoli-netcool-omnibus/


∗∗∗ Security Bulletin: Vulnerability in OpenSSL affects IBM Integrated Analytics System ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-openssl-affects-ibm-integrated-analytics-system-2/


∗∗∗ Security Bulletin: Samba for IBM i is affected by CVE-2020-14323 and CVE-2020-14318 ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-samba-for-ibm-i-is-affected-by-cve-2020-14323-and-cve-2020-14318-2/


∗∗∗ Security Bulletin: Vulnerabilities in Node.js affect IBM Spectrum Control (CVE-2020-8201, CVE-2020-8252) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-in-node-js-affect-ibm-spectrum-control-cve-2020-8201-cve-2020-8252/


∗∗∗ Security Bulletin: CVE-2020-4482 ADD SNAPSHOT STATUS REST CALL DOESN'T CHECK THE USER ROLE ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-cve-2020-4482-add-snapshot-status-rest-call-doesnt-check-the-user-role/


∗∗∗ Security Bulletin: Apache Struts (Publicly disclosed vulnerability) affects Content Collector for Email, Content Collector for File Systems, Content Collector for Microsoft SharePoint and Content Collector for IBM Connections ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-apache-struts-publicly-disclosed-vulnerability-affects-content-collector-for-email-content-collector-for-file-systems-content-collector-for-microsoft-sharepoint-and-content-col-4/


∗∗∗ Security Bulletin: CVE-2018-10886 ant before version 1.9.12 unzip and untar targets allows the extraction of files outside the target directory. ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-cve-2018-10886-ant-before-version-1-9-12-unzip-and-untar-targets-allows-the-extraction-of-files-outside-the-target-directory/


∗∗∗ Security Bulletin: IBM Security Directory Suite is affected by a security vulnerability (CVE-2018-4441) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-directory-suite-is-affected-by-a-security-vulnerability-cve-2018-4441/


∗∗∗ Security Bulletin: IBM Security Guardium Insights is affected by IBM SDK, Java Technology Edition Quarterly CPU – Apr 2020 vulnerabilities ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-guardium-insights-is-affected-by-ibm-sdk-java-technology-edition-quarterly-cpu-apr-2020-vulnerabilities-2/


∗∗∗ Security Bulletin:Security Bulletin: IBM Content Navigator is affected by a vulnerability in Apache HttpClient ( CVE-2020-13956) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletinsecurity-bulletin-ibm-content-navigator-is-affected-by-a-vulnerability-in-apache-httpclient-cve-2020-13956/


∗∗∗ Security Bulletin: A vulnerability in Ruby on Rails affects IBM License Metric Tool v9 (CVE-2019-16779). ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-a-vulnerability-in-ruby-on-rails-affects-ibm-license-metric-tool-v9-cve-2019-16779/


∗∗∗ macOS Big Sur 11.0.1 ∗∗∗
---------------------------------------------
https://support.apple.com/kb/HT211931


∗∗∗ Security Update 2020-006 High Sierra, Security Update 2020-006 Mojave ∗∗∗
---------------------------------------------
https://support.apple.com/kb/HT211946


∗∗∗ Safari 14.0.1 ∗∗∗
---------------------------------------------
https://support.apple.com/kb/HT211934

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily