Daily

daily@lists.cert.at

1 participants
3291 discussions

Tageszusammenfassung - 10.10.2018
by Daily end-of-shift report 10 Oct '18

10 Oct '18

===================== = End-of-Day report = ===================== Timeframe: Dienstag 09-10-2018 18:00 − Mittwoch 10-10-2018 18:00 Handler: Dimitri Robl Co-Handler: Stephan Richter ===================== = News = ===================== ∗∗∗ Zero-day exploit (CVE-2018-8453) used in targeted attacks ∗∗∗ --------------------------------------------- Yesterday, Microsoft published their security bulletin, which patches CVE-2018-8453, among others. It is a vulnerability in win32k.sys discovered by Kaspersky Lab in August. Microsoft confirmed the vulnerability and designated it CVE-2018-8453. --------------------------------------------- https://securelist.com/cve-2018-8453-used-in-targeted-attacks/88151/ ∗∗∗ Patchday: Zero-Day-Fix für Windows, kritische Exchange-Lücke ∗∗∗ --------------------------------------------- Im Oktober behebt Microsoft knapp 50 Sicherheitsprobleme. Darunter kritische Lücken in Windows-Komponenten und im Exchange Mail-Server. --------------------------------------------- http://heise.de/-4186268 ∗∗∗ Kritische Sicherheitslücke gefährdet Milliarden WhatsApp-Nutzer ∗∗∗ --------------------------------------------- Eine Sicherheitslücke in WhatsApp ermöglicht es, ein Smartphone mit einem einzigen Video-Call zu kapern. Potentiell betroffen sind Milliarden WhatsApp-Nutzer. --------------------------------------------- http://heise.de/-4186365 ∗∗∗ Patchday: Adobe stopft kritische Lücke in Digital Editions ∗∗∗ --------------------------------------------- Ein Sicherheitsupdate für Flash, das keins ist, und die Abwesenheit von Reader-Patches sorgen bei Adobe für einen eher untypischen Patchday. --------------------------------------------- http://heise.de/-4186327 ∗∗∗ IIS attacks surge from 2,000 to 1.7 million over last quarter ∗∗∗ --------------------------------------------- IIS, Drupal, and Oracle WebLogic web technologies experienced increased attacks in Q2 2018. According to a new threat report from eSentire, IIS attacks showed a massive increase, from 2,000 to 1.7 million, since last quarter. --------------------------------------------- https://www.helpnetsecurity.com/2018/10/10/iis-attacks-surge/ ∗∗∗ Magecart hacks Shopper Approved to simultaneously hit many e-commerce sites ∗∗∗ --------------------------------------------- The cybercriminal groups under the Magecart umbrella strike again and again, and one of them has apparently specialized in compromising third parties to more easily get in as many online shops as possible. The latest target of Magecart Group 5, as it has been dubbed by RiskIQ researcher Yonathan Klijnsma, is Shopper Approved, an organization that provides rating seals for online stores. --------------------------------------------- https://www.helpnetsecurity.com/2018/10/10/magecart-hacks-shopper-approved/ ∗∗∗ Kleinanzeigenbetrug mit Western Union Überweisungen ∗∗∗ --------------------------------------------- Vorsicht beim Kleinanzeigenverkauf! BetrügerInnen, die sich als KaufinteressentInnen ausgeben, behaupten, ihren Opfern überhöhte Geldbeträge überwiesen zu haben, die nur durch eine Western Union Transaktion an ein Speditionsunternehmen freigeschalten werden können. Führen Sie diese Transaktion nicht durch, denn Ihr Geld wäre verloren und die freizuschaltende Überweisung gibt es nicht! --------------------------------------------- https://www.watchlist-internet.at/news/kleinanzeigenbetrug-mit-western-unio… ===================== = Vulnerabilities = ===================== ∗∗∗ Security Bulletins Posted ∗∗∗ --------------------------------------------- Adobe has published security bulletins for Adobe Digital Editions (APSB18-27), Adobe Experience Manager (APSB18-36), Adobe Framemaker (APSB18-37) and Adobe Technical Communications Suite (APSB18-38). Adobe recommends users update their product installations to the latest versions using the instructions referenced [...] --------------------------------------------- https://blogs.adobe.com/psirt/?p=1633 ∗∗∗ jQuery-File-Upload < = v9.22.0 unauthenticated arbitrary file upload vulnerability ∗∗∗ --------------------------------------------- Topic: jQuery-File-Upload < = v9.22.0 unauthenticated arbitrary file upload vulnerability Risk: Medium Text:Title: jQuery-File-Upload < = v9.22.0 unauthenticated arbitrary file upload vulnerability Author: Larry W. Cashdollar [...] --------------------------------------------- https://cxsecurity.com/issue/WLB-2018100094 ∗∗∗ GE iFix ∗∗∗ --------------------------------------------- This advisory includes mitigations for an unsafe ActiveX control marked safe for scripting vulnerability in a Gigasoft component affecting GE’s iFix HMI products. --------------------------------------------- https://ics-cert.us-cert.gov/advisories/ICSA-18-282-01 ∗∗∗ Fuji Electric Energy Savings Estimator ∗∗∗ --------------------------------------------- This advisory includes mitigations for an uncontrolled search path element (DLL Hijacking) vulnerability in the Fuji Electric Energy Savings Estimator software. --------------------------------------------- https://ics-cert.us-cert.gov/advisories/ICSA-18-282-07 ∗∗∗ October 2018 Security Update Release ∗∗∗ --------------------------------------------- Today, we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found in the Security Update Guide. --------------------------------------------- https://blogs.technet.microsoft.com/msrc/2018/10/09/october-2018-security-u… ∗∗∗ October 2018 Microsoft Patch Tuesday, (Tue, Oct 9th) ∗∗∗ --------------------------------------------- Microsoft released patches for 48 vulnerabilities today and one advisory regarding a defense in depth update for Office. No Adobe updates are included so far, but Adobe has released updates to PDF Reader / Acrobat about a week ago. --------------------------------------------- https://isc.sans.edu/diary/rss/24186 ∗∗∗ VMSA-2018-0025 ∗∗∗ --------------------------------------------- VMware ESXi, Workstation, and Fusion workarounds address a denial-of-service vulnerability --------------------------------------------- https://www.vmware.com/security/advisories/VMSA-2018-0025.html ∗∗∗ USN-3787-1: Tomcat vulnerability ∗∗∗ --------------------------------------------- tomcat7, tomcat8 vulnerabilityA security issue affects these releases of Ubuntu and its derivatives:Ubuntu 16.04 LTSUbuntu 14.04 LTSSummaryTomcat could be made to redirect to arbitrary locations.Software Descriptiontomcat8 - Servlet and JSP enginetomcat7 - Servlet and JSP engineDetailsIt was discovered that Tomcat incorrectly handled returning redirects to adirectory. A remote attacker could possibly use this issue with a speciallycrafted URL to redirect to arbitrary URIs. --------------------------------------------- https://usn.ubuntu.com/3787-1/ ∗∗∗ October 2018 Office Update Release ∗∗∗ --------------------------------------------- The October 2018 Public Update releases for Office are now available! This month, there are 23 security updates and 17 non-security updates. All of the security and non-security updates are listed in KB article 4464656. A new version of Office 2013 Click-To-Run is available: 15.0.5075.1001 A new version of Office 2010 Click-To-Run is available: 14.0.7214.5000 --------------------------------------------- https://blogs.technet.microsoft.com/office_sustained_engineering/2018/10/09… ∗∗∗ Security updates for Wednesday ∗∗∗ --------------------------------------------- Security updates have been issued by Arch Linux (patch), CentOS (firefox, glusterfs, kernel, and nss), Debian (net-snmp), Oracle (firefox, glusterfs, kernel, and nss), Red Hat (glusterfs, kernel, and nss), Scientific Linux (firefox), SUSE (kernel), and Ubuntu (webkit2gtk). --------------------------------------------- https://lwn.net/Articles/768041/ ∗∗∗ BSRT 2018-004 Information Disclosure Vulnerability in Management Console Impacts UEM ∗∗∗ --------------------------------------------- http://support.blackberry.com/kb/articleDetail?language=en_US&articleNumber… ∗∗∗ Security Advisory - Improper Authentication Vulnerability on Smartphones ∗∗∗ --------------------------------------------- http://www.huawei.com/en/psirt/security-advisories/2018/huawei-sa-20181010-… ∗∗∗ IBM Security Bulletin: Multiple Vulnerabilities in WebSphere Application Server in IBM Cloud July 2018 CPU ∗∗∗ --------------------------------------------- https://www-01.ibm.com/support/docview.wss?uid=ibm10734161 ∗∗∗ IBM Security Bulletin: IBM FileNet Content Manager affected by Apache PDFBox security vulnerability ∗∗∗ --------------------------------------------- https://www.ibm.com/support/docview.wss?uid=ibm10716315 ∗∗∗ IBM Security Bulletin: Multiple security vulnerabilities affect IBM WebSphere Application Server in IBM Cloud ∗∗∗ --------------------------------------------- https://www-01.ibm.com/support/docview.wss?uid=ibm10734167 ∗∗∗ IBM Security Bulletin: Server Automation is affected by the following GSKit vulnerabilities (CVE-2018-1447, CVE-2018-1427, CVE-2018-1428) ∗∗∗ --------------------------------------------- http://www.ibm.com/support/docview.wss?uid=ibm10718773 -- CERT.at Daily mailing list Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily

1 0

Tageszusammenfassung - 09.10.2018
by Daily end-of-shift report 09 Oct '18

09 Oct '18

===================== = End-of-Day report = ===================== Timeframe: Montag 08-10-2018 18:00 − Dienstag 09-10-2018 18:00 Handler: Dimitri Robl Co-Handler: Stephan Richter ===================== = News = ===================== ∗∗∗ Millionen Xiongmai-Überwachungskameras durch Cloud-Feature unsicher (XMEye P2P Coud) ∗∗∗ --------------------------------------------- Über 9 Millionen IoT-Geräte des chinesischem OEM-Herstellers "Xiongmai" sind unsicher (selbst jene hinter einer Firewall), weil sie ein unsicheres Cloud-Feature namens "XMEye P2P cloud" standardmäßig aktiv haben. --------------------------------------------- https://www.sec-consult.com/blog/2018/10/millionen-xiongmai-ueberwachungska… ∗∗∗ Sicherheitsupdates: Kritische Lücken in Cisco DNA gefährden ganze Netzwerke ∗∗∗ --------------------------------------------- Cisco stellt Patches für verschiedene Produkte bereit und schließt damit viele Sicherheitslücken. --------------------------------------------- http://heise.de/-4184517 ∗∗∗ Oktober ist Europäischer Monat der Cyber-Sicherheit! ∗∗∗ --------------------------------------------- Auch diesen Oktober nimmt Österreich wieder an der EU-weiten Kampagne European Cyber Security Month (ECSM) teil. Im Fokus steht dabei die Bewusstseinsbildung für Risiken im Netz. --------------------------------------------- https://www.watchlist-internet.at/news/oktober-ist-europaeischer-monat-der-… ===================== = Vulnerabilities = ===================== ∗∗∗ [20181005] - Core - CSRF hardening in com_installer ∗∗∗ --------------------------------------------- Project: Joomla! SubProject: CMS Impact: Moderate Severity: Low Versions: 2.5.0 through 3.8.12 Exploit type: CSRF Reported Date: 2018-September-26 Fixed Date: 2018-October-02 CVE Number: CVE-2018-17858 Description Added additional CSRF hardening in com_installer actions in the backend. Affected Installs Joomla! CMS versions 2.5.0 through 3.8.12 Solution Upgrade to version 3.8.13 Contact The JSST at the Joomla! Security Centre. Reported By: Raviraj A. Powar --------------------------------------------- http://feeds.joomla.org/~r/JoomlaSecurityNews/~3/nfI3_UnJIrM/755-20181005-c… ∗∗∗ [20181004] - Core - ACL Violation in com_users for the admin verification ∗∗∗ --------------------------------------------- Project: Joomla! SubProject: CMS Impact: Moderate Severity: Low Versions: 1.5.0 through 3.8.12 Exploit type: ACL Violation Reported Date: 2017-December-27 Fixed Date: 2018-October-02 CVE Number: CVE-2018-17855 Description In case that an attacker gets access to the mail account of an user who can approve admin verifications in the registration process he can activate himself. Affected Installs Joomla! CMS versions 1.5.0 through 3.8.12 Solution Upgrade to version 3.8.13 --------------------------------------------- http://feeds.joomla.org/~r/JoomlaSecurityNews/~3/qGhSucxwoZo/754-20181004-c… ∗∗∗ [20181003] - Core - Access level Violation in com_tags ∗∗∗ --------------------------------------------- Project: Joomla! SubProject: CMS Impact: Moderate Severity: Low Versions: 3.1.0 through 3.8.12 Exploit type: ACL Violation Reported Date: 2018-June-20 Fixed Date: 2018-October-02 CVE Number: CVE-2018-17857 Description Inadequate checks on the tags search fields can lead to an access level violation. Affected Installs Joomla! CMS versions 3.1.0 through 3.8.12 Solution Upgrade to version 3.8.13 Contact The JSST at the Joomla! Security Centre. --------------------------------------------- http://feeds.joomla.org/~r/JoomlaSecurityNews/~3/nIIfD6jUDgU/753-20181003-c… ∗∗∗ [20181002] - Core - Inadequate default access level for com_joomlaupdate ∗∗∗ --------------------------------------------- Project: Joomla! SubProject: CMS Impact: High Severity: Low Versions: 2.5.4 through 3.8.12 Exploit type: Object Injection Reported Date: 2018-June-21 Fixed Date: 2018-October-02 CVE Number: CVE-2018-17856 Description Joomla’s com_joomlaupdate allows the execution of arbitrary code. The default ACL config enabled access of Administrator-level users to access com_joomlaupdate and trigger a code execution. Affected Installs Joomla! CMS versions 2.5.4 through 3.8.12 --------------------------------------------- http://feeds.joomla.org/~r/JoomlaSecurityNews/~3/MptbHWIJjXM/752-20181002-c… ∗∗∗ [20181001] - Core - Hardening com_contact contact form ∗∗∗ --------------------------------------------- Project: Joomla! SubProject: CMS Impact: Moderate Severity: Low Versions: 2.5.0 through 3.8.12 Exploit type: Incorrect Access Control Reported Date: 2018-September-17 Fixed Date: 2018-October-02 CVE Number: CVE-2018-17859 Description Inadequate checks in com_contact could allowed mail submission in disabled forms. Affected Installs Joomla! CMS versions 2.5.0 through 3.8.12 Solution Upgrade to version 3.8.13 Contact The JSST at the Joomla! Security Centre. Reported By: David Jardin (JSST) --------------------------------------------- http://feeds.joomla.org/~r/JoomlaSecurityNews/~3/lkwPYx4JflE/751-20181001-c… ∗∗∗ SAP Security Patch Day - October 2018 ∗∗∗ --------------------------------------------- On 9th of October 2018, SAP Security Patch Day saw the release of 11 Security Notes. Additionally, there were 4 updates to previously released security notes. --------------------------------------------- https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=500633095 ∗∗∗ SSA-347726: Denial-of-Service Vulnerability in SIMATIC S7-1500, SIMATIC S7-1500 Software Controller and SIMATIC ET 200SP Open Controller ∗∗∗ --------------------------------------------- Versions of SIMATIC S7-1500, SIMATIC S7-1500 Software Controller and SIMATIC ET 200 SP Open Controller are affected by a denial-of-service vulnerability. An attacker with network access to the PLC can cause a Denial-of-Service condition on the network stack. --------------------------------------------- https://cert-portal.siemens.com/productcert/txt/ssa-347726.txt ∗∗∗ SSA-254686: Foreshadow / L1 Terminal Fault Vulnerabilities in Industrial Products ∗∗∗ --------------------------------------------- Security researchers published information on vulnerabilities known as Foreshadow and L1 Terminal Fault (L1TF). These vulnerabilities affect many modern processors from different vendors to a varying degree. Several Siemens Industrial Products contain processors that are affected by the vulnerabilities. --------------------------------------------- https://cert-portal.siemens.com/productcert/txt/ssa-254686.txt ∗∗∗ SSA-464260: TLS ROBOT vulnerability in SCALANCE W1750D ∗∗∗ --------------------------------------------- The latest update for SCALANCE W1750D addresses a vulnerability known as _ROBOT Attack_. The vulnerability could allow an attacker to decrypt TLS traffic. Siemens provides a firmware update and recommends users to update to the new version. --------------------------------------------- https://cert-portal.siemens.com/productcert/txt/ssa-464260.txt ∗∗∗ SSA-493830: Privilege Escalation in ROX II ∗∗∗ --------------------------------------------- The latest update for ROX II fixes two vulnerabilities. One vulnerability could allow an attacker with a low-privileged user account to execute arbitrary commands. The other vulnerability could allow an attacker with a low-privileged user account to escalate his privileges. --------------------------------------------- https://cert-portal.siemens.com/productcert/txt/ssa-493830.txt ∗∗∗ SSA-507847: Cross-Site Request Forgery Vulnerability in SIMATIC S7-1200 CPU Family ∗∗∗ --------------------------------------------- The latest firmware update for S7-1200 CPU family version 4 fixes a Cross-Site Request Forgery vulnerability. Siemens recommends to update affected devices as soon as possible. --------------------------------------------- https://cert-portal.siemens.com/productcert/txt/ssa-507847.txt ∗∗∗ Security updates for Tuesday ∗∗∗ --------------------------------------------- Security updates have been issued by Arch Linux (git), Debian (kernel, samba, and tinc), Fedora (kernel-headers), Oracle (firefox), Red Hat (firefox and qemu-kvm-rhev), Scientific Linux (firefox), SUSE (java-1_8_0-ibm, kubernetes-salt, velum, libxml2, and postgresql10), and Ubuntu (libxkbcommon). --------------------------------------------- https://lwn.net/Articles/767948/ ∗∗∗ iCloud for Windows 7.7 ∗∗∗ --------------------------------------------- https://support.apple.com/kb/HT209141 ∗∗∗ iOS 12.0.1 ∗∗∗ --------------------------------------------- https://support.apple.com/kb/HT209162 ∗∗∗ Zimbra Collaboration Suite: Eine Schwachstelle ermöglicht das Darstellen falscher Informationen ∗∗∗ --------------------------------------------- https://adv-archiv.dfn-cert.de/adv/2018-2038/ ∗∗∗ IBM Security Bulletin: IBM Netcool/OMNIbus Probe DSL Factory Framework is affected by Apache Camel’s Core vulnerability ∗∗∗ --------------------------------------------- https://www-01.ibm.com/support/docview.wss?uid=ibm10731893 ∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in WebSphere application server affect IBM Workload Scheduler ∗∗∗ --------------------------------------------- http://www.ibm.com/support/docview.wss?uid=ibm10734305 ∗∗∗ Remote Code Execution via XMeye P2P Cloud in Xiongmai IP Cameras, NVRs and DVRs ∗∗∗ --------------------------------------------- https://www.sec-consult.com/en/blog/advisories/vulnerabilities-xiongmai-ip-… -- CERT.at Daily mailing list Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily

1 0

Tageszusammenfassung - 08.10.2018
by Daily end-of-shift report 08 Oct '18

08 Oct '18

===================== = End-of-Day report = ===================== Timeframe: Freitag 05-10-2018 18:00 − Montag 08-10-2018 18:00 Handler: Dimitri Robl Co-Handler: Stephan Richter ===================== = News = ===================== ∗∗∗ Git Project Patches Remote Code Execution Vulnerability in Git ∗∗∗ --------------------------------------------- The Git Project announced yesterday a critical arbitrary code execution vulnerability in the Git command line client, Git Desktop, and Atom that could allow malicious repositories to remotely execute commands on a vulnerable machine. --------------------------------------------- https://www.bleepingcomputer.com/news/security/git-project-patches-remote-c… ∗∗∗ Sony Smart TV Bug Allows Remote Access, Root Privileges ∗∗∗ --------------------------------------------- Software patching becomes a new reality for smart TV owners. --------------------------------------------- https://threatpost.com/sony-smart-tv-bug-allows-remote-access-root-privileg… ∗∗∗ ENISA publishes annual report on trust services security incidents 2017 ∗∗∗ --------------------------------------------- ENISA publishes the first full-year annual report on security incidents with electronic trust services, covering 2017. --------------------------------------------- https://www.enisa.europa.eu/news/enisa-news/enisa-publishes-annual-report-o… ∗∗∗ Sicherheitsupdate: D-Link Central WiFi Manager anfällig für Schadcode ∗∗∗ --------------------------------------------- In der Windows-Version von D-Link Central WiFi Manager klaffen mehrere Sicherheitslücken. Mindestens eine davon gilt als kritisch. Ein Patch schafft Abhilfe. --------------------------------------------- http://heise.de/-4183206 ∗∗∗ macOS: Code-Signing teilweise aushebelbar ∗∗∗ --------------------------------------------- Gatekeeper soll dafür sorgen, dass bekannte Malware auf dem Mac nicht startet. Überprüft wird aber oft nur ein Mal, warnt ein Sicherheitsforscher. --------------------------------------------- http://heise.de/-4182870 ===================== = Vulnerabilities = ===================== ∗∗∗ VU#176301: Auto-Maskin DCU 210E RP 210E and Marine Pro Observer App ∗∗∗ --------------------------------------------- Vulnerability Note VU#176301 Auto-Maskin DCU 210E RP 210E and Marine Pro Observer App Original Release date: 06 Oct 2018 | Last revised: 08 Oct 2018 Overview Auto-Maskin RP remote panels and DCU controls units are used to monitor and control ship engines. The units have several authentication and encryption vulnerabilities which can allow attackers to access the units and control connected engines. Description CWE 798: Use of Hard-Coded Credentials - CVE–2018-5399 [...] --------------------------------------------- http://www.kb.cert.org/vuls/id/176301 ∗∗∗ FLIR Systems FLIR Thermal Traffic Cameras Websocket Device Manipulation ∗∗∗ --------------------------------------------- FLIR thermal traffic cameras suffer from an unauthenticated device manipulation vulnerability utilizing the websocket protocol. The affected FLIR Intelligent Transportation Systems - ITS models use an insecure implementation of websocket communication used for administering the device. Authentication and authorization bypass via referencing a direct object allows an attacker to directly modify running configurations, disclose information or initiate a denial of service (DoS) scenario with [...] --------------------------------------------- http://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5490.php ∗∗∗ FLIR Systems FLIR Thermal Traffic Cameras RTSP Stream Disclosure ∗∗∗ --------------------------------------------- FLIR thermal traffic cameras suffer from an unauthenticated and unauthorized live RTSP video stream access. --------------------------------------------- http://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5489.php ∗∗∗ Security updates for Monday ∗∗∗ --------------------------------------------- Security updates have been issued by Debian (adplug, git, php-horde, php-horde-core, and php-horde-kronolith), Fedora (firefox, liblouis, libmad, mediawiki, opensc, php-horde-horde, php-horde-Horde-Core, php-horde-kronolith, and rust), Gentoo (imagemagick, openssh, and sox), openSUSE (ghostscript, gitolite, java-1_8_0-openjdk, kernel, php5, php7, python, thunderbird, tomcat, and unzip), Red Hat (firefox and rh-haproxy18-haproxy), and SUSE (ImageMagick, java-1_8_0-openjdk, kernel, qpdf, [...] --------------------------------------------- https://lwn.net/Articles/767873/ ∗∗∗ IBM Security Bulletin: IBM Security Key Lifecycle Manager Misses Authentication for Critical Function (CVE-2018-1745) ∗∗∗ --------------------------------------------- https://www-01.ibm.com/support/docview.wss?uid=ibm10733355 ∗∗∗ IBM Security Bulletin: IBM Security Key Lifecycle Manager is vulnerable to Improper Authentication (CVE-2018-1738) ∗∗∗ --------------------------------------------- http://www.ibm.com/support/docview.wss?uid=ibm10733309 ∗∗∗ IBM Security Bulletin: IBM Tivoli Netcool Impact is affected by an Information disclosure of stack trace vulnerability (CVE-2018-1553) ∗∗∗ --------------------------------------------- https://www-01.ibm.com/support/docview.wss?uid=ibm10733541 ∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli Netcool Impact ∗∗∗ --------------------------------------------- https://www-01.ibm.com/support/docview.wss?uid=ibm10733543 ∗∗∗ IBM Security Bulletin: Vulnerabilities in NTP, OpenSSL and Intel CPU’s affect IBM Netezza Firmware Diagnostics. ∗∗∗ --------------------------------------------- https://www-01.ibm.com/support/docview.wss?uid=swg22016330 -- CERT.at Daily mailing list Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily

1 0

Tageszusammenfassung - 05.10.2018
by Daily end-of-shift report 05 Oct '18

05 Oct '18

===================== = End-of-Day report = ===================== Timeframe: Donnerstag 04-10-2018 18:00 − Freitag 05-10-2018 18:00 Handler: Dimitri Robl Co-Handler: Stefan Lenzhofer ===================== = News = ===================== ∗∗∗ Fallout Exploit Kit Now Installing the Kraken Cryptor Ransomware ∗∗∗ --------------------------------------------- The Fallout Exploit has been distributing the GandCrab Ransomware for the past few weeks, but has now switched its payload to the Kraken Cryptor Ransomware. --------------------------------------------- https://www.bleepingcomputer.com/news/security/fallout-exploit-kit-now-inst… ∗∗∗ 365 Days Later: Finding and Exploiting Safari Bugs using Publicly Available Tools ∗∗∗ --------------------------------------------- Posted by Ivan Fratric, Google Project ZeroAround a year ago, we published the results of research about the resilience of modern browsers against DOM fuzzing, a well-known technique for finding browser bugs. Together with the bug statistics we also published Domato, our DOM fuzzing tool that was used to find those bugs.Given that in the previous research, Apple Safari, or more specifically, WebKit (its DOM engine) did noticeably worse than other browsers, we decided to revisit it after a year [...] --------------------------------------------- https://googleprojectzero.blogspot.com/2018/10/365-days-later-finding-and-e… ∗∗∗ ThreatList: 83% of Routers Contain Vulnerable Code ∗∗∗ --------------------------------------------- Five out of six name brand routers, such as Linksys, NETGEAR and D-Link, contain known open-source vulnerabilities. --------------------------------------------- https://threatpost.com/threatlist-83-of-routers-contain-vulnerable-code/137… ∗∗∗ Domain Name System: Vorsichtsmaßnahmen für den DNS-Schlüsseltausch ∗∗∗ --------------------------------------------- Der kryptografische Hauptschlüssel des DNS wird in einer Woche gewechselt. Für unvorbereitete Provider kann das fatale Folgen haben. --------------------------------------------- http://heise.de/-4179793 ===================== = Vulnerabilities = ===================== ∗∗∗ Carestream Vue RIS ∗∗∗ --------------------------------------------- This advisory includes mitigations for an information exposure through an error message vulnerability in the Carestream Vue RIS, a web-based radiology information system. --------------------------------------------- https://ics-cert.us-cert.gov/advisories/ICSMA-18-277-01 ∗∗∗ Change Healthcare PeerVue Web Server ∗∗∗ --------------------------------------------- This advisory includes mitigations for an information exposure through an error message vulnerability in the Change Healthcare PeerVue Web Server. --------------------------------------------- https://ics-cert.us-cert.gov/advisories/ICSMA-18-277-02 ∗∗∗ WECON PI Studio ∗∗∗ --------------------------------------------- This advisory includes information on stack-based buffer overflow, out-of-bounds write, and out-of-bounds read vulnerabilities in WECON’s PI Studio HMI project programmer. --------------------------------------------- https://ics-cert.us-cert.gov/advisories/ICSA-18-277-01 ∗∗∗ Security Advisory 2018-06: Security Update for OTRS Framework ∗∗∗ --------------------------------------------- October 05, 2018 — Please read carefully and check if the version of your OTRS system is affected by this vulnerability. Please send information regarding vulnerabilities in OTRS to: security(a)otrs.org PGP Key pub 2048R/9C227C6B 2011-03-21 [expires at: 2020-11-16] uid OTRS Security Team GPG Fingerprint E330 4608 DA6E 34B7 1551 C244 7F9E 44E9 9C22The post Security Advisory 2018-06: Security Update for OTRS Framework appeared first on | community.otrs.com. --------------------------------------------- https://community.otrs.com/security-advisory-2018-06-security-update-for-ot… ∗∗∗ VMSA-2018-0024.1 ∗∗∗ --------------------------------------------- VMware Workspace ONE Unified Endpoint Management Console (AirWatch Console) update resolves SAML authentication bypass vulnerability --------------------------------------------- https://www.vmware.com/security/advisories/VMSA-2018-0024.html ∗∗∗ Security updates for Friday ∗∗∗ --------------------------------------------- Security updates have been issued by Debian (kernel), Fedora (lcms2, php-tcpdf, and udisks2), openSUSE (ImageMagick, libX11, openssl-1_0_0, openssl-1_1, and otrs), SUSE (kernel, php5, php53, php7, and python), and Ubuntu (apparmor and imagemagick). --------------------------------------------- https://lwn.net/Articles/767689/ ∗∗∗ IBM Security Bulletin: A vulnerability in yum-utils affects PowerKVM ∗∗∗ --------------------------------------------- http://www.ibm.com/support/docview.wss?uid=ibm10728307 ∗∗∗ IBM Security Bulletin: Vulnerabilities in docker affect PowerKVM ∗∗∗ --------------------------------------------- http://www.ibm.com/support/docview.wss?uid=ibm10725649 ∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Rational DOORS Web Access ∗∗∗ --------------------------------------------- https://www.ibm.com/support/docview.wss?uid=ibm10733857 ∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Rational Application Developer for WebSphere Software ∗∗∗ --------------------------------------------- https://www-01.ibm.com/support/docview.wss?uid=ibm10733905 ∗∗∗ IBM Security Bulletin: IBM Security Key Lifecycle Manager generates Application Error (CVE-2018-1753) ∗∗∗ --------------------------------------------- http://www.ibm.com/support/docview.wss?uid=ibm10733359 ∗∗∗ IBM Security Bulletin: IBM Security Key Lifecycle Manager is vulnerable to Incorrect Permission Assignment for Critical Resource (CVE-2018-1750) ∗∗∗ --------------------------------------------- http://www.ibm.com/support/docview.wss?uid=ibm10733311 ∗∗∗ IBM Security Bulletin: IBM Security Key Lifecycle Manager is vulnerable to Hazardous Input Validation ( CVE-2018-1749) ∗∗∗ --------------------------------------------- http://www.ibm.com/support/docview.wss?uid=ibm10733303 ∗∗∗ IBM Security Bulletin: IBM Security Key Lifecycle Manager is vulnerable to Information Exposure (CVE-2018-1743) ∗∗∗ --------------------------------------------- http://www.ibm.com/support/docview.wss?uid=ibm10733351 ∗∗∗ IBM Security Bulletin: IBM Security Key Lifecycle Manager Uses Hard-coded Credentials (CVE-2018-1742) ∗∗∗ --------------------------------------------- http://www.ibm.com/support/docview.wss?uid=ibm10733419 ∗∗∗ IBM Security Bulletin: IBM Security Key Lifecycle Manager is vulnerable to Improper Control of Interaction Frequency (CVE-2018-1741) ∗∗∗ --------------------------------------------- http://www.ibm.com/support/docview.wss?uid=ibm10733425 ∗∗∗ Security vulnerabilities fixed in Thunderbird 60.2.1 ∗∗∗ --------------------------------------------- https://www.mozilla.org/en-US/security/advisories/mfsa2018-25/ -- CERT.at Daily mailing list Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily

1 0

Tageszusammenfassung - 04.10.2018
by Daily end-of-shift report 04 Oct '18

04 Oct '18

===================== = End-of-Day report = ===================== Timeframe: Mittwoch 03-10-2018 18:00 − Donnerstag 04-10-2018 18:00 Handler: Stephan Richter Co-Handler: Dimitri Robl ===================== = News = ===================== ∗∗∗ Phishing Attacks Distributed Through CloudFlares IPFS Gateway ∗∗∗ --------------------------------------------- Yesterday we reported on a phishing attack that utilizes Azure Blob storage in order to have login forms secured by a Microsoft issued SSL certificate. After reviewing the URLs used by the same attacker, BleepingComputer has discovered that these same bad actors are utilizing the Cloudflare IPFS gateway for the same purpose. --------------------------------------------- https://www.bleepingcomputer.com/news/security/phishing-attacks-distributed… ∗∗∗ Nicht bei conquerconsoles.com, konsolenkammer24.de oder konsolenstation24.com kaufen ∗∗∗ --------------------------------------------- Die Fakeshops conquerconsoles.com, konsolenkammer24.de und konsolenstation24.com vertreiben Spielkonsolen und Spiele zu unschlagbaren Preisen. Die Fakeshops locken mit Angeboten, wo Sie eine PlayStation 4 samt Spiel und Controller kostengünstig erwerben können. Sie können nur im Voraus per Banküberweisung bezahlen, erhalten aber keine Ware! --------------------------------------------- https://www.watchlist-internet.at/news/nicht-bei-conquerconsolescom-konsole… ===================== = Vulnerabilities = ===================== ∗∗∗ Printer, email and PDF versions - Highly critical - Remote Code Execution - SA-CONTRIB-2018-063 ∗∗∗ --------------------------------------------- Project: Printer, email and PDF versionsVersion: 7.x-2.x-devDate: 2018-October-03Security risk: Highly critical 20∕25 AC:None/A:None/CI:All/II:All/E:Theoretical/TD:UncommonVulnerability: Remote Code ExecutionDescription: This module provides printer-friendly versions of content, including send by e-mail and PDF versions.The module doesnt sufficiently sanitize the arguments passed to the wkhtmltopdf executable, allowing a remote attacker to execute arbitrary shell commands. --------------------------------------------- https://www.drupal.org/sa-contrib-2018-063 ∗∗∗ Security updates for Thursday ∗∗∗ --------------------------------------------- Security updates have been issued by Arch Linux (firefox and python-django), Debian (dnsmasq, firefox-esr, imagemagick, and linux-4.9), Fedora (haproxy), openSUSE (bitcoin, firefox, and texlive), SUSE (openslp), and Ubuntu (apache2). --------------------------------------------- https://lwn.net/Articles/767611/ ∗∗∗ Cisco Digital Network Architecture Center Unauthenticated Access Vulnerability ∗∗∗ --------------------------------------------- A vulnerability in Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated, remote attacker to bypass authentication and have direct unauthorized access to critical management functions.The vulnerability is due to an insecure default configuration of the affected system. An attacker could exploit this vulnerability by directly connecting to the exposed services. An exploit could allow the attacker to retrieve and modify critical system files. --------------------------------------------- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco… ∗∗∗ Cisco Digital Network Architecture Center Authentication Bypass Vulnerability ∗∗∗ --------------------------------------------- A vulnerability in the identity management service of Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated, remote attacker to bypass authentication and take complete control of identity management functions.The vulnerability is due to insufficient security restrictions for critical management functions. An attacker could exploit this vulnerability by sending a valid identity management request to the affected system. --------------------------------------------- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco… ∗∗∗ More Cisco Security Advisories ∗∗∗ --------------------------------------------- https://tools.cisco.com/security/center/publicationListing.x ∗∗∗ Red Hat JBoss Web Server: Eine Schwachstelle ermöglicht das Erlangen von Benutzerrechten ∗∗∗ --------------------------------------------- https://adv-archiv.dfn-cert.de/adv/2018-1992/ ∗∗∗ Apache Tomcat: Eine Schwachstelle ermöglicht das Darstellen falscher Informationen ∗∗∗ --------------------------------------------- https://adv-archiv.dfn-cert.de/adv/2018-2000/ ∗∗∗ ClamAV: Mehrere Schwachstellen ermöglichen verschiedene Denial-of-Service-Angriffe ∗∗∗ --------------------------------------------- https://adv-archiv.dfn-cert.de/adv/2018-2008/ ∗∗∗ IBM Security Bulletins ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/ -- CERT.at Daily mailing list Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily

1 0

Tageszusammenfassung - 03.10.2018
by Daily end-of-shift report 03 Oct '18

03 Oct '18

===================== = End-of-Day report = ===================== Timeframe: Dienstag 02-10-2018 18:00 − Mittwoch 03-10-2018 18:00 Handler: Dimitri Robl Co-Handler: Stephan Richter ===================== = News = ===================== ∗∗∗ Phishing Attack Uses Azure Blob Storage to Impersonate Microsoft ∗∗∗ --------------------------------------------- A new Office 365 phishing attack utilizes an interesting method of storing their phishing form hosted on Azure Blob Storage in order to be secured by a Microsoft SSL certificate. --------------------------------------------- https://www.bleepingcomputer.com/news/security/phishing-attack-uses-azure-b… ∗∗∗ ct deckt auf: Enigmail verschickt Krypto-Mails im Klartext ∗∗∗ --------------------------------------------- In der verbreiteten Thunderbird-Erweiterung Enigmail steckt ein fataler Fehler. Das Problem betrifft den Junior-Modus, der seit April standardmäßig aktiv ist. --------------------------------------------- https://heise.de/-4180405 ∗∗∗ Popular TP-Link wireless home router open to remote hijacking ∗∗∗ --------------------------------------------- By concatenating a known improper authentication flaw with a newly discovered CSRF vulnerability, remote unauthenticated attackers can obtain full control over TP-Link TL-WR841N, a popular wireless consumer router used worldwide. "This type of remote attack can also compromise routers behind a network address translator (NAT) and those not exposed to the public wide area network (WAN) as the vulnerability is remotely reflected off a locally connected host, rather than coming directly over [...] --------------------------------------------- https://www.helpnetsecurity.com/2018/10/03/tp-link-wireless-home-router-hij… ===================== = Vulnerabilities = ===================== ∗∗∗ Delta Electronics ISPSoft ∗∗∗ --------------------------------------------- This advisory includes mitigations for a stack-based buffer overflow vulnerability in the Delta Electronics ISPSoft software. --------------------------------------------- https://ics-cert.us-cert.gov/advisories/ICSA-18-275-01 ∗∗∗ GE Communicator ∗∗∗ --------------------------------------------- This advisory includes mitigations for a heap-based buffer overflow vulnerability in GEs Communicator, an application for programming and monitoring supported metering devices. --------------------------------------------- https://ics-cert.us-cert.gov/advisories/ICSA-18-275-02 ∗∗∗ Entes EMG 12 ∗∗∗ --------------------------------------------- This advisory includes mitigations for improper authentication and information exposure through query strings in GET request vulnerabilities in the Entes EMG 12 Ethernet Modbus Gateway. --------------------------------------------- https://ics-cert.us-cert.gov/advisories/ICSA-18-275-03 ∗∗∗ Security updates for Wednesday ∗∗∗ --------------------------------------------- Security updates have been issued by Fedora (elfutils), Gentoo (firefox), Red Hat (instack-undercloud, openstack-tripleo-heat-templates and openstack-nova), Slackware (mozilla), SUSE (ghostscript, ImageMagick, kernel, mgetty, qemu, and unzip), and Ubuntu (firefox, haproxy, kernel, liblouis, and webkit2gtk). --------------------------------------------- https://lwn.net/Articles/767539/ ∗∗∗ ZDI-18-1107: (0Day) Wecon PIStudio screendata HSC Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability ∗∗∗ --------------------------------------------- http://www.zerodayinitiative.com/advisories/ZDI-18-1107/ ∗∗∗ ZDI-18-1106: (0Day) Wecon PIStudio xmlparser LoadXMLFile XML External Entity Processing Information Disclosure Vulnerability ∗∗∗ --------------------------------------------- http://www.zerodayinitiative.com/advisories/ZDI-18-1106/ ∗∗∗ ZDI-18-1109: (0Day) Wecon PIStudio basedll TextContent Stack-based Buffer Overflow Remote Code Execution Vulnerability ∗∗∗ --------------------------------------------- http://www.zerodayinitiative.com/advisories/ZDI-18-1109/ ∗∗∗ ZDI-18-1108: (0Day) Wecon PIStudio cximageu Image Parsing Out-Of-Bounds Read Information Disclosure Vulnerability ∗∗∗ --------------------------------------------- http://www.zerodayinitiative.com/advisories/ZDI-18-1108/ ∗∗∗ IBM Security Bulletins ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/ ∗∗∗ HPESBGN03900 rev.1 - HPE enhanced Internet Usage Manager (eIUM) Remote Unauthorized Disclosure of Information vulnerability and Remote Bypass Security Restrictions ∗∗∗ --------------------------------------------- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_n… ∗∗∗ Security vulnerabilities fixed in Firefox 62.0.3 and Firefox ESR 60.2.2 ∗∗∗ --------------------------------------------- https://www.mozilla.org/en-US/security/advisories/mfsa2018-24/ -- CERT.at Daily mailing list Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily

1 0

Tageszusammenfassung - 02.10.2018
by Daily end-of-shift report 02 Oct '18

02 Oct '18

===================== = End-of-Day report = ===================== Timeframe: Montag 01-10-2018 18:00 − Dienstag 02-10-2018 18:00 Handler: Stephan Richter Co-Handler: n/a ===================== = News = ===================== ∗∗∗ Security Update for Foxit PDF Reader Fixes 118 Vulnerabilities ∗∗∗ --------------------------------------------- It has not been a good week for PDF programs. We had an Adobe Acrobat & Reader update released yesterday that fixed 86 vulnerabilities, including numerous critical ones. Not to be beaten, an update for Foxit PDF Reader and Foxit PhantomPDF was released last Friday that fixes a whopping 116 vulnerabilities. --------------------------------------------- https://www.bleepingcomputer.com/news/security/security-update-for-foxit-pd… ∗∗∗ Nine NAS Bugs Open LenovoEMC, Iomega Devices to Attack ∗∗∗ --------------------------------------------- Rated as high-risk vulnerabilities, these privilege-escalation flaws could allow an unauthenticated attacker to access protected content. --------------------------------------------- https://threatpost.com/nine-nas-bugs-open-lenovoemc-iomega-devices-to-attac… ∗∗∗ Keine Rechnung von ibostream.de und sobastream.de zahlen ∗∗∗ --------------------------------------------- Die Abo-Fallen ibostream.de und sobastream.de sehen für ihre Nutzung eine kostenlose Registrierung vor. Fünf Tagen nach der Registrierung erhalten Konsument/innen von der Ibo Das Limited oder der Stream It Limited eine Rechnung von 359,88- Euro. Nutzer/innen müssen die Summe nicht bezahlen, denn zwischen ihnen und ibostream.de oder sobastream.de gibt es keinen Vertrag. --------------------------------------------- https://www.watchlist-internet.at/news/keine-rechnung-von-ibostreamde-und-s… ===================== = Vulnerabilities = ===================== ∗∗∗ Kritische Sicherheitslücken in Adobe Acrobat und Reader - Patches verfügbar ∗∗∗ --------------------------------------------- Adobe hat ausserhalb des monatlichen Patch-Zyklus Updates für Acrobat und Reader veröffentlicht, mit denen teils kritische Sicherheitslücken geschlossen werden. --------------------------------------------- https://www.cert.at/warnings/all/20181002.html ∗∗∗ Android Security Bulletin - October 2018 ∗∗∗ --------------------------------------------- The Android Security Bulletin contains details of security vulnerabilities affecting Android devices. [...] The most severe of these issues is a critical security vulnerability in Framework that could enable a remote attacker using a specially crafted file to execute arbitrary code within the context of a privileged process. --------------------------------------------- https://source.android.com/security/bulletin/2018-10-01.html ∗∗∗ Security updates for Tuesday ∗∗∗ --------------------------------------------- Security updates have been issued by Arch Linux (lib32-libxml2, libxml2, mosquitto, and ntp), Debian (kernel and strongswan), Fedora (firefox), openSUSE (zsh), Oracle (kernel), Red Hat (ceph-iscsi-cli), SUSE (openssl-1_0_0), and Ubuntu (kernel, linux, linux-aws, linux-gcp, linux-kvm, linux-oem, linux-raspi2, linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon, linux-hwe, linux-gcp, linux-lts-trusty, linux-lts-xenial, linux-aws, and strongswan). --------------------------------------------- https://lwn.net/Articles/767467/ ∗∗∗ Vuln: LibTIFF CVE-2018-17795 Heap Based Buffer Overflow Vulnerability ∗∗∗ --------------------------------------------- http://www.securityfocus.com/bid/105445 ∗∗∗ Red Hat JBoss A-MQ, Red Hat JBoss Fuse: Eine Schwachstelle ermöglicht das Erlangen von Benutzerrechten ∗∗∗ --------------------------------------------- https://adv-archiv.dfn-cert.de/adv/2018-1989/ ∗∗∗ IBM Security Bulletin: Multiple security vulnerabilities in GSKit used by Edge Caching proxy of WebSphere Application Server ∗∗∗ --------------------------------------------- https://www-01.ibm.com/support/docview.wss?uid=ibm10732391 ∗∗∗ IBM Security Bulletin: Cross-site scripting vulnerability in OAuth ear in WebSphere Application Server (CVE-2018-1794) ∗∗∗ --------------------------------------------- https://www-01.ibm.com/support/docview.wss?uid=ibm10729571 ∗∗∗ IBM Security Bulletin: Cross-site scripting vulnerability in SAML ear in WebSphere Application Server (CVE-2018-1793) ∗∗∗ --------------------------------------------- https://www-01.ibm.com/support/docview.wss?uid=ibm10729563 ∗∗∗ IBM Security Bulletin: Multiple Security Vulnerabilities affect IBM® Cloud Private (CVE-2018-0739,CVE-2017-17512, CVE-2018-1000122) ∗∗∗ --------------------------------------------- http://www.ibm.com/support/docview.wss?uid=ibm10719199 ∗∗∗ IBM Security Bulletin: IBM b-type Network/Storage switches are affected by Sweet32: Birthday attacks on 64-bit block ciphers in TLS and OpenVPN (openssl ,redhat,openVPN) vulnerabilities. ∗∗∗ --------------------------------------------- http://www.ibm.com/support/docview.wss?uid=ssg1S1010724 ∗∗∗ Password disclosure vulnerability & XSS in PTC ThingWorx ∗∗∗ --------------------------------------------- https://www.sec-consult.com/en/blog/advisories/password-disclosure-vulnerab… ∗∗∗ HPESBHF03897 rev.1 - HPE Switches and Routers using OpenSSL, and Intelligent Management Center (iMC) PLAT, Remote Denial of Service ∗∗∗ --------------------------------------------- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_n… -- CERT.at Daily mailing list Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily

1 0

Tageszusammenfassung - 01.10.2018
by Daily end-of-shift report 01 Oct '18

01 Oct '18

===================== = End-of-Day report = ===================== Timeframe: Freitag 28-09-2018 18:00 − Montag 01-10-2018 18:00 Handler: Stephan Richter Co-Handler: n/a ===================== = News = ===================== ∗∗∗ IC3 Issues Alert Regarding Remote Desktop Protocol (RDP) Attacks ∗∗∗ --------------------------------------------- The Internet Crime Complaint Center (IC3), in collaboration with the Department of Homeland Security and the FBI, have issued a security alert regarding attacks being conducted through the Windows Remote Desktop Protocol. --------------------------------------------- https://www.bleepingcomputer.com/news/security/ic3-issues-alert-regarding-r… ∗∗∗ FBI löst Rätsel um 15 Jahre alte Malware ∗∗∗ --------------------------------------------- Jahrelang spionierte die Fruitfly-Malware unbemerkt Mac-User aus. Nun wurde bekannt, wie die Schadsoftware verbreitet wurde. --------------------------------------------- https://futurezone.at/digital-life/fbi-loest-raetsel-um-15-jahre-alte-malwa… ∗∗∗ Dark Web Azorult Generator Offers Free Binaries to Cybercrooks ∗∗∗ --------------------------------------------- The Gazorp online builder makes it easy to start stealing passwords, credit-card information, cryptocurrency wallet data and more. --------------------------------------------- https://threatpost.com/dark-web-azorult-generator-offers-free-binaries-to-c… ∗∗∗ 70+ different types of home routers(all together 100,000+) are being hijacked by GhostDNS ∗∗∗ --------------------------------------------- note:We have informed various ISPs on the IoC list, and OVH, ORACLE, Google have taken down the related IPs and some others are working on it (Thanks!)Background introductionDNSchanger is not something new and was quite active years ago [1], we occasionally encountered one every once in a [...] --------------------------------------------- http://blog.netlab.360.com/70-different-types-of-home-routers-all-together-… ∗∗∗ Oktober ist Cyber Security-Monat! ∗∗∗ --------------------------------------------- Unter dem Titel "Cyber Security is a Shared Responsibility" findet im Oktober die inzwischen 7. Kampagne der EU zur Verbesserung der allgemeinen Informationssicherheit statt: Der Europäische Cybersicherheitsmonat (ECSM) ist ein breit koordiniertes und umfangreich aufgestelltes Veranstaltungsformat, das Bewusstsein fördern und Kenntnisse vermitteln will. So werden Schritte aufzeigt, die alle Bürger*innen und Organisationen zum Schutz von persönlichen, finanziellen [...] --------------------------------------------- https://www.ikarussecurity.com/at/ueber-ikarus/security-blog/oktober-ist-cy… ∗∗∗ Facebook-Hack: Kombination aus mehreren Software-Lücken war schuld ∗∗∗ --------------------------------------------- Drei Lücken exponierten Millionen Facebook-Konten, darunter das von Mark Zuckerberg. Womöglich waren auch Drittanbieter-Dienste per Facebook-Login betroffen. --------------------------------------------- https://heise.de/-4178569 ∗∗∗ Explosion of look-alike domains aims to steal sensitive data from online shoppers ∗∗∗ --------------------------------------------- Venafi released research on the explosion of look-alike domains, which are routinely used to steal sensitive data from online shoppers. Venafi's research analyzed suspicious domains targeting the top 20 retailers in five key markets: the U.S., U.K., France, Germany and Australia. --------------------------------------------- https://www.helpnetsecurity.com/2018/10/01/look-alike-domains/ ∗∗∗ Erpressung mit intimen Videomaterial ∗∗∗ --------------------------------------------- Kriminelle versenden eine E-Mail, in der es heißt, dass sie das Empfänger/innen-Konto übernommen haben und sein Passwort kennen. Opfer sollen 600 US-Dollar in Bitcoins zahlen, damit die Verbrecher/innen kein intimes Videomaterial veröffentlichen. Konsument/innen können die Nachricht ignorieren und müssen nur ihr Passwort ändern. Eine Zahlung ist nicht erforderlich. --------------------------------------------- https://www.watchlist-internet.at/news/erpressung-mit-intimen-videomaterial/ ===================== = Vulnerabilities = ===================== ∗∗∗ Skype On Debian Microsoft Apt Repo Addition ∗∗∗ --------------------------------------------- Topic: Skype On Debian Microsoft Apt Repo Addition Risk: High Text:Level: Critical Description: The Skype debian packege for Skype (even when not installed via their offical repo) [...] --------------------------------------------- https://cxsecurity.com/issue/WLB-2018090274 ∗∗∗ UPDATED: Security Bulletins Posted ∗∗∗ --------------------------------------------- [...] UPDATE: As of September 28, Adobe is aware of a report that CVE-2018-15961 is being actively exploited in the wild. The updates for ColdFusion 2018 and ColdFusion 2016 announced in APSB18-33 have been elevated to Priority 1, and Adobe recommends customers update to the latest version as soon as possible. --------------------------------------------- https://blogs.adobe.com/psirt/?p=1607 ∗∗∗ Security updates for Monday ∗∗∗ --------------------------------------------- Security updates have been issued by Arch Linux (mediawiki), CentOS (389-ds-base, firefox, flatpak, kernel, mod_perl, nss, spice and spice-gtk, and spice-gtk and spice-server), Debian (389-ds-base, ghostscript, mosquitto, and python3.5), Fedora (ca-certificates, firefox, glusterfs, kernel-headers, kernel-tools, libxkbcommon, udisks2, and zchunk), Mageia (firefox), openSUSE (gd, gnutls, mgetty, openssl, and yast2-smt), Oracle (firefox and kernel), Scientific Linux (firefox), SUSE (libX11 and [...] --------------------------------------------- https://lwn.net/Articles/767373/ ∗∗∗ Security Advisory - FRP Bypass Vulnerability in MyCloud APP of Huawei Smart Phones ∗∗∗ --------------------------------------------- http://www.huawei.com/en/psirt/security-advisories/2018/huawei-sa-20180930-… ∗∗∗ IBM Security Bulletin: IBM Security Guardium is affected by a Publicly disclosed Apache Struts vulnerability ∗∗∗ --------------------------------------------- https://www-01.ibm.com/support/docview.wss?uid=ibm10732783 ∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM i ∗∗∗ --------------------------------------------- https://www-01.ibm.com/support/docview.wss?uid=ibm10731329 ∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Security Guardium ∗∗∗ --------------------------------------------- https://www-01.ibm.com/support/docview.wss?uid=ibm10732785 ∗∗∗ IBM Security Bulletin: Cross-site scripting vulnerabilities affect multiple IBM Rational products based on IBM Jazz technology ∗∗∗ --------------------------------------------- http://www.ibm.com/support/docview.wss?uid=ibm10732477 ∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Tivoli Netcool/OMNIbus (Multiple CVEs) ∗∗∗ --------------------------------------------- https://www-01.ibm.com/support/docview.wss?uid=ibm10733457 ∗∗∗ IBM Security Bulletin: IBM Security Guardium is affected by a Using Components with Known Vulnerabilities vulnerability ∗∗∗ --------------------------------------------- https://www-01.ibm.com/support/docview.wss?uid=ibm10730313 ∗∗∗ IBM Security Bulletin: IBM Security Guardium is affected by a Improper Certificate Validation vulnerability ∗∗∗ --------------------------------------------- http://www.ibm.com/support/docview.wss?uid=ibm10730321 ∗∗∗ IBM Security Bulletin: IBM Security Guardium is affected by a Using Components with Known Vulnerabilities vulnerabilities ∗∗∗ --------------------------------------------- https://www-01.ibm.com/support/docview.wss?uid=ibm10730329 ∗∗∗ IBM Security Bulletin: IBM Security Guardium is affected by a Missing Security Control vulnerability ∗∗∗ --------------------------------------------- https://www-01.ibm.com/support/docview.wss?uid=ibm10730323 ∗∗∗ IBM Security Bulletin: IBM Security Guardium is affected by a Password in Clear Text vulnerability ∗∗∗ --------------------------------------------- https://www-01.ibm.com/support/docview.wss?uid=ibm10730317 -- CERT.at Daily mailing list Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily

1 0

Tageszusammenfassung - 28.09.2018
by Daily end-of-shift report 28 Sep '18

28 Sep '18

===================== = End-of-Day report = ===================== Timeframe: Donnerstag 27-09-2018 18:00 − Freitag 28-09-2018 18:00 Handler: Robert Waldner Co-Handler: Alexander Riepl ===================== = News = ===================== ∗∗∗ New Iot Botnet Torii Uses Six Methods for Persistence, Has No Clear Purpose ∗∗∗ --------------------------------------------- Security researchers discovered a new IoT botnet that is in a league superior to the Mirai variants .. --------------------------------------------- https://www.bleepingcomputer.com/news/security/new-iot-botnet-torii-uses-si… ∗∗∗ Out of sight but not invisible: Defeating fileless malware with behavior monitoring, AMSI, and next-gen AV ∗∗∗ --------------------------------------------- Removing the need for files is the next progression of attacker techniques. While fileless techniques used to be employed almost exclusively in sophisticated cyberattacks, they are now becoming widespread in common malware, .. --------------------------------------------- https://cloudblogs.microsoft.com/microsoftsecure/2018/09/27/out-of-sight-bu… ∗∗∗ Credential Leak Flaws in Windows PureVPN Client ∗∗∗ --------------------------------------------- Using a VPN (Virtual Private Network) can bring many advantages, particularly when you want to .. --------------------------------------------- https://trustwave.com/Resources/SpiderLabs-Blog/Credential-Leak-Flaws-in-Wi… ∗∗∗ DNSSEC Key Signing Key Rollover ∗∗∗ --------------------------------------------- Original release date: September 27, 2018 On October 11, 2018, the Internet Corporation for Assigned Names and Numbers (ICANN) will be changing the Root Zone Key Signing Key (KSK) used in the Domain Name System (DNS) Security .. --------------------------------------------- https://www.us-cert.gov/ncas/current-activity/2018/09/27/DNSSEC-Key-Signing… ∗∗∗ [SANS ISC] More Excel DDE Code Injection ∗∗∗ --------------------------------------------- I published the following diary on isc.sans.edu: “More Excel DDE Code Injection“: The “DDE code injection” technique is not brand new. DDE stands for “Dynamic Data Exchange”. It has already been discussed by many security researchers. Just a quick .. --------------------------------------------- https://blog.rootshell.be/2018/09/28/sans-isc-more-excel-dde-code-injection/ ∗∗∗ Stellungnahme des BSI zur Schadsoftware "LoJax" ∗∗∗ --------------------------------------------- https://www.bsi.bund.de/DE/Presse/Pressemitteilungen/Presse2018/LoJax-Schad… ===================== = Vulnerabilities = ===================== ∗∗∗ Emerson AMS Device Manager ∗∗∗ --------------------------------------------- This advisory includes mitigations for improper access control and improper privilege management vulnerabilities in the Emerson AMS Device Manager software. --------------------------------------------- https://ics-cert.us-cert.gov/advisories/ICSA-18-270-01 ∗∗∗ Fuji Electric Alpha5 Smart Loader ∗∗∗ --------------------------------------------- This advisory includes information on classic buffer overflow and heap-based buffer overflow vulnerabilities in Fuji Electrics Alpha5 Smart Loader servo drive. --------------------------------------------- https://ics-cert.us-cert.gov/advisories/ICSA-18-270-02 ∗∗∗ Fuji Electric FRENIC Devices ∗∗∗ --------------------------------------------- This advisory includes information on buffer over-read, out-of-bounds read, and stack-based buffer overflow vulnerabilities in Fuji Electrics FRENIC HVAC drive devices. --------------------------------------------- https://ics-cert.us-cert.gov/advisories/ICSA-18-270-03 ∗∗∗ OpenSSH vulnerability CVE-2018-15473 ∗∗∗ --------------------------------------------- OpenSSH vulnerability CVE-2018-15473. Security Advisory. Security Advisory Description. OpenSSH through 7.7 is prone ... --------------------------------------------- https://support.f5.com/csp/article/K28942395 ∗∗∗ ZDI-18-1093: Delta Industrial Automation PMSoft rtl60 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability ∗∗∗ --------------------------------------------- http://www.zerodayinitiative.com/advisories/ZDI-18-1093/ ∗∗∗ Foxit Reader, Foxit PhantomPDF: Mehrere Schwachstellen ermöglichen u. a. die Ausführung beliebigen Programmcodes ∗∗∗ --------------------------------------------- https://adv-archiv.dfn-cert.de/adv/2018-1972/ ∗∗∗ IBM Security Bulletin: PowerKVM has released fixes in response to the vulnerabilities known as Foreshadow ∗∗∗ --------------------------------------------- http://www.ibm.com/support/docview.wss?uid=ibm10733108 ∗∗∗ IBM Security Bulletin: Security Misconfiguration during Combined Cumulative Fix Installation Affects IBM WebSphere Portal (CVE-2018-1420) ∗∗∗ --------------------------------------------- https://www-01.ibm.com/support/docview.wss?uid=swg22014276 -- CERT.at Daily mailing list Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily

1 0

Tageszusammenfassung - 27.09.2018
by Daily end-of-shift report 27 Sep '18

27 Sep '18

===================== = End-of-Day report = ===================== Timeframe: Mittwoch 26-09-2018 18:00 − Donnerstag 27-09-2018 18:00 Handler: Robert Waldner Co-Handler: n/a ===================== = News = ===================== ∗∗∗ Upcoming Security Updates for Adobe Acrobat and Reader (APSB18-30) ∗∗∗ --------------------------------------------- A prenotification security advisory (APSB18-30) has been posted regarding upcoming Adobe Acrobat and Reader updates scheduled for Tuesday, October 02, 2018. --------------------------------------------- https://blogs.adobe.com/psirt/?p=1621 ∗∗∗ Password Managers Can Be Tricked Into Believing That Malicious Android Apps Are Legitimate ∗∗∗ --------------------------------------------- A new academic study published today reveals that Android-based password managers have a hard time distinguishing between legitimate and fake applications, leading to easy phishing scenarios. From a report: The study looked at how password managers work on modern versions of the Android OS, and which of the OS features attackers can abuse to collect user credentials via phishing attacks carried out via fake, lookalike apps. --------------------------------------------- https://it.slashdot.org/story/18/09/26/1534203/password-managers-can-be-tri… ∗∗∗ LoJax: First UEFI rootkit found in the wild, courtesy of the Sednit group ∗∗∗ --------------------------------------------- Some UEFI rootkits have been presented as proofs of concept; some are known to be at the disposal of (at least some) governmental agencies. However, no UEFI rootkit has ever been detected in the wild – until we discovered a campaign by the Sednit APT group that successfully deployed a malicious UEFI module on a victim’s system. --------------------------------------------- https://www.welivesecurity.com/2018/09/27/lojax-first-uefi-rootkit-found-wi… ∗∗∗ Geldmacherei mit e-Visum für Ägypten ∗∗∗ --------------------------------------------- Konsument/innen, die nach Ägypten einreisen möchten, müssen ein e-Visum beantragen. Auf der offiziellen Regierungswebsite visa2egypt.gov.eg kostet es für eine einmalige Einreise als Tourist/in 25 US-Dollar. Das ist der günstigste Preis für das e-Visum. Andere Anbieter/innen verlangen dafür wesentlich höhere Kosten. Aus diesem Grund ist bei der Beantragung Vorsicht geboten. --------------------------------------------- https://www.watchlist-internet.at/news/geldmacherei-mit-e-visum-fuer-aegypt… ===================== = Vulnerabilities = ===================== ∗∗∗ Security updates for Thursday ∗∗∗ --------------------------------------------- Security updates have been issued by Debian (asterisk, otrs2, and strongswan), Fedora (kernel-headers, moodle, ntp, visualboyadvance-m, and yaml-cpp), Mageia (rsyslog), openSUSE (ant, libzypp, zypper, shadow, and tiff), Oracle (389-ds-base, flatpak, kernel, nss, and openssl), Red Hat (rh-perl524-mod_perl and rh-perl526-mod_perl), Scientific Linux (389-ds-base, flatpak, kernel, and nss), SUSE (firefox, gd, glibc, kernel, mgetty, php7, and wireshark), and Ubuntu (udisks2). --------------------------------------------- https://lwn.net/Articles/766959/ ∗∗∗ WebKitGTK+ and WPE WebKit Security Advisory WSA-2018-0007 ∗∗∗ --------------------------------------------- Several vulnerabilities were discovered in WebKitGTK+ and WPE WebKit. ... We recommend updating to the latest stable versions of WebKitGTK+ and WPE WebKit. It is the best way to ensure that you are running safe versions of WebKit. --------------------------------------------- https://webkitgtk.org/security/WSA-2018-0007.html ∗∗∗ Cisco Catalyst 6800 Series Switches ROM Monitor Software Secure Boot Bypass Vulnerability ∗∗∗ --------------------------------------------- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco… ∗∗∗ Cisco IOS XE Software Web UI Denial of Service Vulnerability ∗∗∗ --------------------------------------------- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco… ∗∗∗ Cisco IOS XE Software HTTP Denial of Service Vulnerability ∗∗∗ --------------------------------------------- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco… ∗∗∗ Cisco IOS and IOS XE Software VLAN Trunking Protocol Denial of Service Vulnerability ∗∗∗ --------------------------------------------- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco… ∗∗∗ Cisco IOS and IOS XE Software TACACS+ Client Denial of Service Vulnerability ∗∗∗ --------------------------------------------- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco… ∗∗∗ Cisco IOS and IOS XE Software SM-1T3/E3 Service Module Denial of Service Vulnerability ∗∗∗ --------------------------------------------- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco… ∗∗∗ Cisco IOS XE Software NAT Session Initiation Protocol Application Layer Gateway Denial of Service Vulnerability ∗∗∗ --------------------------------------------- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco… ∗∗∗ Cisco IOS XE Software Shell Access Authentication Bypass Vulnerability ∗∗∗ --------------------------------------------- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco… ∗∗∗ Cisco IOS Software Precision Time Protocol Denial of Service Vulnerability ∗∗∗ --------------------------------------------- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco… ∗∗∗ Cisco IOS XE Software Privileged EXEC Mode Root Shell Access Vulnerability ∗∗∗ --------------------------------------------- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco… ∗∗∗ Cisco IOS and IOS XE Software Plug and Play Agent Memory Leak Vulnerability ∗∗∗ --------------------------------------------- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco… ∗∗∗ Cisco IOS and IOS XE Software OSPFv3 Denial of Service Vulnerability ∗∗∗ --------------------------------------------- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco… ∗∗∗ Cisco IOS XE Software MACsec MKA Using EAP-TLS Authentication Bypass Vulnerability ∗∗∗ --------------------------------------------- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco… ∗∗∗ Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers Arbitrary Memory Write Vulnerabilities ∗∗∗ --------------------------------------------- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco… ∗∗∗ Cisco IOS and IOS XE Software IPv6 Hop-by-Hop Options Denial of Service Vulnerability ∗∗∗ --------------------------------------------- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco… ∗∗∗ Cisco IOS XE Software and Cisco ASA 5500-X Series Adaptive Security Appliance IPsec Denial of Service Vulnerability ∗∗∗ --------------------------------------------- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco… ∗∗∗ Cisco IOS XE Software Command Injection Vulnerabilities ∗∗∗ --------------------------------------------- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco… ∗∗∗ Cisco IOS XE Software Errdisable Denial of Service Vulnerability ∗∗∗ --------------------------------------------- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco… ∗∗∗ Cisco IOS XE Software Digital Signature Verification Bypass Vulnerability ∗∗∗ --------------------------------------------- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco… ∗∗∗ Cisco IOS and IOS XE Software Cluster Management Protocol Denial of Service Vulnerability ∗∗∗ --------------------------------------------- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco… ∗∗∗ Cisco IOS XE Software Cisco Discovery Protocol Memory Leak Vulnerability ∗∗∗ --------------------------------------------- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco… ∗∗∗ Cisco IOS and IOS XE Software Cisco Discovery Protocol Denial of Service Vulnerability ∗∗∗ --------------------------------------------- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco… ∗∗∗ IBM Security Bulletin: A vulnerability in PostgreSQL affects PowerKVM ∗∗∗ --------------------------------------------- http://www.ibm.com/support/docview.wss?uid=ibm10730491 ∗∗∗ IBM Security Bulletin: A vulnerability in gnupg2 affects PowerKVM ∗∗∗ --------------------------------------------- http://www.ibm.com/support/docview.wss?uid=ibm10720353 ∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect Rational Performance Tester ∗∗∗ --------------------------------------------- https://www-01.ibm.com/support/docview.wss?uid=ibm10732455 ∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect Rational Service Tester ∗∗∗ --------------------------------------------- https://www-01.ibm.com/support/docview.wss?uid=ibm10732457 ∗∗∗ IBM Security Bulletin: Vulnerabilities in the Linux kernel affect PowerKVM ∗∗∗ --------------------------------------------- http://www.ibm.com/support/docview.wss?uid=ibm10716879 ∗∗∗ IBM Security Bulletin: Multiple Security Vulnerabilities affect IBM® Cloud Private and IBM Cloud Private Cloud Foundry (CVE-2018-7167, CVE-2018-7164, CVE-2018-7162, CVE-2018-1000168, CVE-2018-7161) ∗∗∗ --------------------------------------------- https://www-01.ibm.com/support/docview.wss?uid=ibm10718901 ∗∗∗ IBM Security Bulletin: Arbitrary URL Redirection (CVE-2018-1704) affects IBM Platform Symphony, IBM Spectrum Symphony ∗∗∗ --------------------------------------------- https://www-01.ibm.com/support/docview.wss?uid=ibm10719671 ∗∗∗ IBM Security Bulletin: XML Entity Expansion vulnerability (CVE-2018-1702) affects IBM Platform Symphony, IBM Spectrum Symphony ∗∗∗ --------------------------------------------- https://www-01.ibm.com/support/docview.wss?uid=ibm10719659 ∗∗∗ IBM Security Bulletin: A vulnerability in policycoreutils affects PowerKVM ∗∗∗ --------------------------------------------- http://www.ibm.com/support/docview.wss?uid=ibm10728473 ∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect Rational Developer for i and Rational Developer for AIX and Linux Security Bulletin ∗∗∗ --------------------------------------------- http://www.ibm.com/support/docview.wss?uid=ibm10730623 ∗∗∗ HPESBST03884 rev.1 - HPE ConvergedSystem 700 Solutions Using HPE 3PAR Service Processor, Multiple Vulnerabilities ∗∗∗ --------------------------------------------- https://support.hpe.com/hpsc/doc/public/display?docLocale=en&docId=emr_na-h… ∗∗∗ HPESBHF03890 rev.1 - HPE Service Governance Framework (SGF) - Remote Unauthorized Disclosure of Information ∗∗∗ --------------------------------------------- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_n… ∗∗∗ HPESBHF03901 rev.1 - HPE intelligence Management Center (iMC) PLAT, Remote Code Execution ∗∗∗ --------------------------------------------- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_n… ∗∗∗ HPESBHF03902 rev.1 - HPE Intelligent Management Center (iMC) PLAT, Remote Code Execution ∗∗∗ --------------------------------------------- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_n… ∗∗∗ HPESBST03884 rev.2 - HPE ConvergedSystem 700 Solutions Using HPE 3PAR Service Processor, Multiple Vulnerabilities ∗∗∗ --------------------------------------------- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_n… -- CERT.at Daily mailing list Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily

1 0

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

Daily