Tageszusammenfassung - Dienstag 8-11-2016

End-of-Shift report

Timeframe: Montag 07-11-2016 18:00 − Dienstag 08-11-2016 18:00 Handler: Robert Waldner Co-Handler: n/a

Android: Sicherheitsupdate für November lässt kritische Lücke offen

Linux-Kernel-Bug auf Nexus- und Pixel-Geräten noch nicht geschlossen - Update schließt Dutzende Sicherheitslücken

http://derstandard.at/2000047142975

Android Security Bulletin November 2016

The Android Security Bulletin contains details of security vulnerabilities affecting Android devices. Alongside the bulletin, we have released a security update to Google devices through an over-the-air (OTA) update.

https://source.android.com/security/bulletin/2016-11-01.html

DDoS attack halts heating in Finland amidst winter

The systems that were attacked tried to respond to the attack by rebooting the main control circuit. This was repeated over and over so that heating was never working.

http://metropolitan.fi/entry/ddos-attack-halts-heating-in-finland-amidst-winter

Security Updates for Adobe Connect (APSB16-35) and Adobe Flash Player (APSB16-37) Available

Adobe has published security bulletins for Adobe Connect (APSB16-35) and Adobe Flash Player (APSB16-37). Adobe recommends users update their product installations to the latest versions using the instructions referenced in the relevant bulletin.

https://blogs.adobe.com/psirt/?p=1420

MSRT November 2016: Unwanted software has nowhere to hide in this month's release

We came across a browser modifier that sports rootkit capabilities. Not only does the threat, detected as BrowserModifier:Win32/Soctuseer, cross the line that separates legitimate software from unwanted, it also takes staying under the radar to the next level. Rootkit capabilities, which make it difficult to detect and remove applications, are usually associated with malware.

https://blogs.technet.microsoft.com/mmpc/2016/11/08/msrt-november-2016-unwanted-software-has-nowhere-to-hide-in-this-months-release/

Vuln: phpMyAdmin CVE-2016-6610 Full Path Information Disclosure Vulnerability

http://www.securityfocus.com/bid/94118

BlackBerry powered by Android Security Bulletin November 2016

http://support.blackberry.com/kb/articleDetail?articleNumber=000038666

Vuln: Multiple D-Link DIR Routers CVE-2016-6563 Remote Stack Overflow Vulnerability

http://www.securityfocus.com/bid/94130

Piwik 2.16.0 PHP Object Injection

Affected Versions: Version 2.16.0 and prior versions. Vulnerability Description: The vulnerability can be triggered through the saveLayout() method defined in /plugins/Dashboard/Controller.php:

https://cxsecurity.com/issue/WLB-2016110055

f5 Security Advisories

Security Advisory: PHP vulnerabilities CVE-2015-6834, CVE-2015-6835, CVE-2015-6836, CVE-2015-6837, and CVE-2015-6838

https://support.f5.com:443/kb/en-us/solutions/public/17000/300/sol17377.html?ref=rss

IBM Security Bulletins

IBM Security Bulletin: Vulnerabilities in OpenSSL affect IBM Sterling Connect:Direct for HP NonStop (CVE-2016-2177, CVE-2016-6306, CVE-2016-2183)

http://www-01.ibm.com/support/docview.wss?uid=swg21993601

IBM Security Bulletin: Password Disclosure via application tracing in IBM Tivoli Storage Manager for Space Management (CVE-2016-0371)

http://www.ibm.com/support/docview.wss?uid=swg21990042

IBM Security Bulletin: Multiple Vulnerabilities in OpenSSL affect the BigFix Platform

http://www.ibm.com/support/docview.wss?uid=swg21993215

IBM Security Bulletin: Multiple vulnerabilities in OpenSSL affect the BigFix Platform

http://www.ibm.com/support/docview.wss?uid=swg21993210

IBM Security Bulletin: The BigFIx platform has a vulnerability where WebReports executes with unnecessary privileges (CVE-2016-0396)

http://www.ibm.com/support/docview.wss?uid=swg21993206

IBM Security Bulletin: BigFix Platform has a vulnerability allowing unrestricted file upload (CVE-2016-0214)

http://www.ibm.com/support/docview.wss?uid=swg21993203