End-of-Shift report
Timeframe: Dienstag 04-10-2016 18:00 − Mittwoch 05-10-2016 18:00
Handler: Robert Waldner
Co-Handler: Stephan Richter
Security Advisory: XSS vulnerability in the BIG-IP and Enterprise Manager Configuration utilities CVE-2015-1470
https://support.f5.com:443/kb/en-us/solutions/public/16000/800/sol16838.html?ref=rss
Android Security Bulletin October 2016
The Android Security Bulletin contains details of security vulnerabilities affecting Android devices. Alongside the bulletin, we have released a security update to Nexus devices through an over-the-air (OTA) update.
https://source.android.com/security/bulletin/2016-10-01.html
Security Advisory: OpenSSL vulnerability CVE-2016-2183
https://support.f5.com:443/kb/en-us/solutions/public/k/13/sol13167034.html?ref=rss
WordPress Hack Modifies Core Files to Share Spam
One of the worst feelings a website owner can experience is discovering that your site has been hacked. Without proper security measures in place, even website owners with the best intentions can lose control of their website. When hackers gain access to your site, they can use it to host phishing content, distribute malware, steal sensitive information and more. In this analysis, we look at a website that was unintentionally sharing spam content in the form of Windows keys.
https://blog.sucuri.net/2016/10/wordpress-hack-shares-spam-when-core-modified.html
Researchers spot remote code execution flaw in FreeImage
Cisco Talos researchers spotted a remote code execution vulnerability in the FreeImage Library XMP Image Handling affecting version 3.17.0.
http://www.scmagazine.com/remote-code-execution-flaw-spotted-in-freeimage-library/article/526888/
Security Advisory: OpenSSL vulnerability CVE-2016-6303
https://support.f5.com:443/kb/en-us/solutions/public/k/35/sol35543324.html?ref=rss
INDAS Web SCADA Path Traversal Vulnerability
This advisory contains mitigation details for a path traversal vulnerability in the INDAS Web SCADA application.
https://ics-cert.us-cert.gov/advisories/ICSA-16-278-01
Beckhoff Embedded PC Images and TwinCAT Components Vulnerabilities
This advisory contains mitigation details for vulnerabilities in Beckhoff's Embedded PC Images and TwinCAT Components.
https://ics-cert.us-cert.gov/advisories/ICSA-16-278-02
Siemens SIMATIC WinCC, PCS 7, and WinCC Runtime Professional Vulnerabilities (Update B)
This updated advisory is a follow-up to the advisory update titled ICSA-16-208-01A Siemens SIMATIC WinCC, PCS 7, and WinCC Runtime Professional Vulnerabilities that was published August 16, 2016, on the NCCIC/ICS-CERT web site. This advisory contains mitigation details for two vulnerabilities in the Siemens SIMATIC WinCC, PCS 7, and WinCC Runtime Professional.
https://ics-cert.us-cert.gov/advisories/ICSA-16-208-01
Lets not meet up with JPEG 2000 - researchers find security hole in image codec
Wont it be strange when were all fully pwned? Researchers are warning about a newly discovered security vulnerability in a popular open-source JPEG 2000 parser that could let corrupted image files trigger remote code execution.
http://go.theregister.com/feed/www.theregister.co.uk/2016/10/04/jpeg_2000_security_hole/
DressCode-Malware: 400 Trojaner-Apps infiltrieren Google Play
Sicherheitsforscher warnen vor getarnten Android-Spionage-Apps, die aus Firmen-Netzwerken Informationen absaugen sollen.
https://heise.de/-3340921
Xen Security Advisory CVE-2016-7777 / XSA-190 version 5: CR0.TS and CR0.EM not always honored for x86 HVM guests
A malicious unprivileged guest user may be able to obtain or corrupt sensitive information (including cryptographic material) in other programs in the same guest.
http://xenbits.xen.org/xsa/advisory-190.html
IBM Security Bulletins
IBM Security Bulletin: Vulnerability in IBM Financial Transaction Manager for Corporate Payment Services (CVE-2016-5920)
http://www.ibm.com/support/docview.wss?uid=swg21989062
IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Rational Directory Server (Tivoli) and Rational Directory Administrator
http://www.ibm.com/support/docview.wss?uid=swg21989495
IBM Security Bulletin: IBM Security Guardium is affected by Open Source XMLsoft Libxml2 Vulnerabilities (CVE-2016-3705)
http://www-01.ibm.com/support/docview.wss?uid=swg21990231
IBM Security Bulletin: IBM Security Guardium Database Activity Monitor is affected by Open Source XMLsoft Libxml2 Vulnerabilities (CVE-2016-3627)
http://www-01.ibm.com/support/docview.wss?uid=swg21991063
IBM Security Bulletin: Vulnerabilities in Open Source GNU glibc affect IBM Workload Deployer (CVE-2014-9761, CVE-2015-8778, CVE-2015-8779)
http://www.ibm.com/support/docview.wss?uid=swg21991777
IBM Security Bulletin: Vulnerability in Open Source GNU glibc affects IBM Workload Deployer. (CVE-2015-8776)
http://www.ibm.com/support/docview.wss?uid=swg21991465
IBM Security Bulletin: Cross-Site Scripting Vulnerability (CVE-2016-0243) Affects IBM Connections Mail
http://www.ibm.com/support/docview.wss?uid=swg21991265
IBM Security Bulletin: IBM Security Guardium is affected by Cross-Site Scripting vulnerability (CVE-2016-0246)
http://www-01.ibm.com/support/docview.wss?uid=swg21990377