[CERT-daily] Tageszusammenfassung - 08.09.2021
Daily end-of-shift report
team at cert.at
Wed Sep 8 18:24:07 CEST 2021
=====================
= End-of-Day report =
=====================
Timeframe: Dienstag 07-09-2021 18:00 − Mittwoch 08-09-2021 18:00
Handler: Dimitri Robl
Co-Handler: Robert Waldner
=====================
= News =
=====================
∗∗∗ vaxcontrolgroup.com: Nutzlose Studie und Scheckkarte für Nichtgeimpfte ∗∗∗
---------------------------------------------
Auf vaxcontrolgroup.com bewirbt die „Vaccine Control Group“ eine angebliche Studie, in der Nichtgeimpfte auf der ganzen Welt als Kontrollgruppe herangezogen werden sollen. Die Studie ist wissenschaftlich als unbrauchbar zu bewerten. Ein beworbener Ausweis im Scheckkartenformat, der eine Verpflichtung zur Nichtimpfung bestätigen soll, ist kostenpflichtig und nutzlos!
---------------------------------------------
https://www.watchlist-internet.at/news/vaxcontrolgroupcom-nutzlose-studie-und-scheckkarte-fuer-nichtgeimpfte/
=====================
= Vulnerabilities =
=====================
∗∗∗ HAProxy Found Vulnerable to Critical HTTP Request Smuggling Attack ∗∗∗
---------------------------------------------
A critical security vulnerability has been disclosed in HAProxy, a widely used open-source load balancer and proxy server, that could be abused by an adversary to possibly smuggle HTTP requests, resulting in unauthorized access to sensitive data and execution of arbitrary commands, effectively opening the door to an array of attacks. Tracked as CVE-2021-40346..
---------------------------------------------
https://thehackernews.com/2021/09/haproxy-found-vulnerable-to-critical.html
∗∗∗ ZDI: Mehrere Lücken in Parallels Desktop ∗∗∗
---------------------------------------------
Toolgate Uncontrolled Memory Allocation Privilege Escalations:
* CVE-2021-34869 http://www.zerodayinitiative.com/advisories/ZDI-21-1057/
* CVE-2021-34868 http://www.zerodayinitiative.com/advisories/ZDI-21-1056/
* CVE-2021-34867 http://www.zerodayinitiative.com/advisories/ZDI-21-1055/
---------------------------------------------
∗∗∗ Fortinet Security Advisories September 2021 ∗∗∗
---------------------------------------------
Fortinet hat eine Reihe von Security Advisories zu diversen Problemen/Produkten veröffentlicht. Eine Übersicht findet sich auf der Fortinet PSIRT Webseite.
---------------------------------------------
https://www.fortiguard.com/psirt-monthly-advisory/september-2021-vulnerability-advisories
∗∗∗ September 7, 2021 TNS-2021-15 [R1] Nessus Agent 8.3.1 Fixes Multiple Vulnerabilities ∗∗∗
---------------------------------------------
Nessus Agent 8.3.0 and earlier were found to contain multiple local privilege escalation vulnerabilities which could allow an authenticated, local administrator to run specific executables on the Nessus Agent host.
---------------------------------------------
http://www.tenable.com/security/tns-2021-15
∗∗∗ Android Security Bulletin - September 2021 ∗∗∗
---------------------------------------------
The Android Security Bulletin contains details of security vulnerabilities affecting Android devices. Security patch levels of 2021-09-05 or later address all of these issues.
---------------------------------------------
https://source.android.com/security/bulletin/2021-09-01
∗∗∗ Xen XSA-384 - Another race in XENMAPSPACE_grant_table handling ∗∗∗
---------------------------------------------
A malicious guest may be able to elevate its privileges to that of the host, cause host or guest Denial of Service (DoS), or cause information leaks.
All Xen versions from 4.0 onwards are affected. Xen versions 3.4 and older are not affected.
---------------------------------------------
https://xenbits.xen.org/xsa/advisory-384.html
∗∗∗ Citrix Hypervisor Security Update ∗∗∗
---------------------------------------------
Several security issues have been discovered in Citrix Hypervisor that, collectively, may allow privileged code in a guest VM to compromise or crash the host.
Citrix has released hotfixes to address these issues. Citrix recommends that affected customers install these hotfixes as their patching schedule allows
---------------------------------------------
https://support.citrix.com/article/CTX325319
∗∗∗ Microsoft Releases Mitigations and Workarounds for CVE-2021-40444 ∗∗∗
---------------------------------------------
Microsoft has released mitigations and workarounds to address a remote code execution vulnerability (CVE-2021-40444) in Microsoft Windows. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system. This vulnerability has been detected in exploits in the wild.
---------------------------------------------
https://us-cert.cisa.gov/ncas/current-activity/2021/09/07/microsoft-releases-mitigations-and-workarounds-cve-2021-40444
∗∗∗ Zoho Releases Security Update for ADSelfService Plus ∗∗∗
---------------------------------------------
Zoho has released a security update on a vulnerability (CVE-2021-40539) affecting ManageEngine ADSelfService Plus builds 6113 and below. CVE-2021-40539 has been detected in exploits in the wild. A remote attacker could exploit this vulnerability to take control of an affected system. ManageEngine ADSelfService Plus is a self-service password management and single sign-on solution for Active Directory and cloud apps.
---------------------------------------------
https://us-cert.cisa.gov/ncas/current-activity/2021/09/07/zoho-releases-security-update-adselfservice-plus
∗∗∗ Security Bulletin: CVE-2021-2161 may affect IBM® SDK, Java™ Technology Edition for Content Collector for Email, Content Collector for File Systems, Content Collector for Microsoft SharePoint and Content Collector for IBM Connections ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-cve-2021-2161-may-affect-ibm-sdk-java-technology-edition-for-content-collector-for-email-content-collector-for-file-systems-content-collector-for-microsoft-sharepoin-4/
∗∗∗ Security Bulletin: Vulnerabilities in IBM Java Runtime affect IBM Integration Bus and IBM App Connect Enterpise v11, v12 (CVE-2020-2773) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-in-ibm-java-runtime-affect-ibm-integration-bus-and-ibm-app-connect-enterpise-v11-v12-cve-2020-2773/
∗∗∗ Security Bulletin: A security vulnerability has been fixed in IBM Security Identity Manager Virtual Appliance (CVE-2018-15494) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-a-security-vulnerability-has-been-fixed-in-ibm-security-identity-manager-virtual-appliance-cve-2018-15494/
∗∗∗ Security Bulletin: Vulnerabilities in IBM Java Runtime affect IBM Integration Bus and IBM App Connect Enterpise v11, v12 (CVE-2020-14782) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-in-ibm-java-runtime-affect-ibm-integration-bus-and-ibm-app-connect-enterpise-v11-v12-cve-2020-14782/
∗∗∗ Security Bulletin: CVE-2021-2161 may affect IBM® SDK, Java™ Technology Edition for Content Collector for Email, Content Collector for File Systems, Content Collector for Microsoft SharePoint and Content Collector for IBM Connections ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-cve-2021-2161-may-affect-ibm-sdk-java-technology-edition-for-content-collector-for-email-content-collector-for-file-systems-content-collector-for-microsoft-sharepoin-3/
∗∗∗ Security Bulletin: CVE-2021-2161 may affect IBM® SDK, Java™ Technology Edition for Content Collector for Email, Content Collector for File Systems, Content Collector for Microsoft SharePoint and Content Collector for IBM Connections ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-cve-2021-2161-may-affect-ibm-sdk-java-technology-edition-for-content-collector-for-email-content-collector-for-file-systems-content-collector-for-microsoft-sharepoin-2/
∗∗∗ Security Bulletin: Security vulnerabilities have been fixed in IBM Security Identity Manager (CVE-2021-29687, CVE-2021-29688) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-security-vulnerabilities-have-been-fixed-in-ibm-security-identity-manager-cve-2021-29687-cve-2021-29688-2/
∗∗∗ Security Bulletin: IBM Security Identity Manager Password Synchronization Plug-in for Windows AD affected by multiple vulnerabilities (CVE-2021-20483, CVE-2021-20488) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-identity-manager-password-synchronization-plug-in-for-windows-ad-affected-by-multiple-vulnerabilities-cve-2021-20483-cve-2021-20488-3/
∗∗∗ Security Bulletin: Vulnerabilities in IBM Java Runtime affect IBM Integration Bus and IBM App Connect Enterpise v11, v12 (CVE-2020-14781) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-in-ibm-java-runtime-affect-ibm-integration-bus-and-ibm-app-connect-enterpise-v11-v12-cve-2020-14781/
∗∗∗ Security Bulletin: CVE-2021-2161 may affect IBM® SDK, Java™ Technology Edition for Content Collector for Email, Content Collector for File Systems, Content Collector for Microsoft SharePoint and Content Collector for IBM Connections ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-cve-2021-2161-may-affect-ibm-sdk-java-technology-edition-for-content-collector-for-email-content-collector-for-file-systems-content-collector-for-microsoft-sharepoin/
∗∗∗ Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect Content Collector for Email, Content Collector for File Systems, Content Collector for Microsoft SharePoint and Content Collector for IBM Connections ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-sdk-affect-content-collector-for-email-content-collector-for-file-systems-content-collector-for-microsoft-sharepoint-and-content-collector-for-25/
∗∗∗ Security Bulletin: Multiple vulnerabilities in OpenSSL may affect IBM Workload Scheduler ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-openssl-may-affect-ibm-workload-scheduler-6/
∗∗∗ Security Bulletin: CVE-2020-1971 vulnerability in OpenSSL may affect IBM Workload Scheduler ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-cve-2020-1971-vulnerability-in-openssl-may-affect-ibm-workload-scheduler-2/
∗∗∗ Security Bulletin: Security vulnerabilitiy has been fixed in IBM Security Identity Manager (93519) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-security-vulnerabilitiy-has-been-fixed-in-ibm-security-identity-manager-93519/
∗∗∗ Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect Content Collector for Email, Content Collector for File Systems, Content Collector for Microsoft SharePoint and Content Collector for IBM Connections ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-sdk-affect-content-collector-for-email-content-collector-for-file-systems-content-collector-for-microsoft-sharepoint-and-content-collector-for-24/
∗∗∗ Security Bulletin: IBM Security Identity Manager deprecated Self Service UI contains Struts V1 (CVE-2016-1182) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-identity-manager-deprecated-self-service-ui-contains-struts-v1-cve-2016-1182-2/
∗∗∗ Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect Content Collector for Email, Content Collector for File Systems, Content Collector for Microsoft SharePoint and Content Collector for IBM Connections ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-sdk-affect-content-collector-for-email-content-collector-for-file-systems-content-collector-for-microsoft-sharepoint-and-content-collector-for-23/
∗∗∗ Security Bulletin: Multiple vulnerabilities in OpenSSL may affect IBM Workload Scheduler ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-openssl-may-affect-ibm-workload-scheduler-5/
∗∗∗ Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect Content Collector for Email, Content Collector for File Systems, Content Collector for Microsoft SharePoint and Content Collector for IBM Connections ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-sdk-affect-content-collector-for-email-content-collector-for-file-systems-content-collector-for-microsoft-sharepoint-and-content-collector-for-22/
∗∗∗ Security Bulletin: Multiple security vulnerabilities affect Liberty for Java for IBM Cloud ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-multiple-security-vulnerabilities-affect-liberty-for-java-for-ibm-cloud-2/
--
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily
More information about the Daily
mailing list