End-of-Shift report
Timeframe: Mittwoch 15-06-2016 18:00 − Donnerstag 16-06-2016 18:00
Handler: Alexander Riepl
Co-Handler: Robert Waldner
Estonia - Cryptographic Algorithms Lifecycle Report 2016 published
Estonian Information System Authority (RIA) and Cybernetica have published the "Cryptographic Algorithms Lifecycle Report 2016".
https://www.enisa.europa.eu/about-enisa/structure-organization/national-liaison-office/news-from-the-member-states/estonia-cryptographic-algorithms-lifecycle-report-2016-published
TLS Certificate Validation Vulnerability in Citrix iOS Receiver
A vulnerability has been identified in Citrix iOS Receiver that could result in TLS certificates being incorrectly validated.
This vulnerability has been assigned the following CVE number:
CVE-2016-5433: TLS Certificate Validation Vulnerability in Citrix iOS Receiver.
This vulnerability affects all versions of Citrix iOS Receiver earlier than 7.0.
This vulnerability does not affect Citrix Receivers on any other platforms.
http://support.citrix.com/article/CTX213998
Citrix XenServer Security Update for CVE-2016-5302
A security vulnerability has been identified in XenServer 7.0 that may allow an attacker on the management network who is in possession of Active Directory credentials for an AD account that is not authorised to manage a XenServer host to compromise that host.
The following vulnerability has been addressed:
CVE-2016-5302 (Low): Incorrect host management AD authentication
http://support.citrix.com/article/CTX213549
Views - Less Critical - Access Bypass - SA-CONTRIB-2016-036
Project: Views (third-party module)
Version: 7.x
Date: 2016-June-15
Security risk: 7/25 ( Less Critical)
Vulnerability: Access bypass
DescriptionAn access bypass vulnerability exists in the Views module, where users without the "View content count" permission can see the number of hits collected by the Statistics module for results in the view.
https://www.drupal.org/node/2749333
Trend Micro: Sicherheitsfirma findet trojanisierte Teamviewer-Versionen
Wurde Teamviewer gehackt oder nicht? In den vergangenen Wochen beschwerten sich Hunderte Nutzer über Kriminelle, die über Teamviewer Konten plünderten. Der Hersteller selbst verwies auf schlechte Passwörter - eine Sicherheitsfirma hat jetzt eine weitere Idee.
http://www.golem.de/news/trend-micro-sicherheitsfirma-findet-trojanisierte-teamviewer-versionen-1606-121557-rss.html
Deep Discovery Inspector vulnerable to remote code execution
Deep Discovery Inspector provided by Trend Micro Incorporated contains a remote code execution vulnerability.
http://jvn.jp/en/jp/JVN55428526/
Facebook Privacy & Security Guide: Everything You Need to Know [Updated]
Facebook grew in the past years to become the largest online social network in the world. It spread so much that even our parents, neighbors and distant relatives, even from remote areas of the country, now constantly use it. It's the place where everybody is active, from friends, family, work colleagues, old school friends to ...
https://heimdalsecurity.com/blog/facebook-security-privacy-guide/
Bugtraq: [security bulletin] HPSBNS03625 rev.1 - HPE NonStop Application Server for Java (NSASJ) running SSL/TLS, Remote Disclosure of Information
[security bulletin] HPSBNS03625 rev.1 - HPE NonStop Application Server for Java (NSASJ) running SSL/TLS, Remote Disclosure of Information
http://www.securityfocus.com/archive/1/538693
Bugtraq: [security bulletin] HPSBGN03553 rev.1 - HP OneView Products using glibc and OpenSSL, Multiple Remote Vulnerabilties
[security bulletin] HPSBGN03553 rev.1 - HP OneView Products using glibc and OpenSSL, Multiple Remote Vulnerabilties
http://www.securityfocus.com/archive/1/538692
Drupal Core - Moderately Critical - Multiple Vulnerabilities - SA-CORE-2016-002
Project: Drupal core
Version: 7.x, 8.x
Security risk: 11/25 ( Moderately Critical)
Vulnerability: Access bypass, Multiple vulnerabilities
Description Saving user accounts can sometimes grant the user all roles
https://www.drupal.org/SA-CORE-2016-002
Cisco Security Advisories
Cisco RV110W, RV130W, and RV215W Routers HTTP Request Buffer Overflow Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160615-rv2
Cisco RV110W, RV130W, and RV215W Routers Cross-Site Scripting Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160615-rv1
Cisco RV110W, RV130W, and RV215W Routers Arbitrary Code Execution Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160615-rv
Cisco RV110W, RV130W, and RV215W Routers HTTP Request Buffer Overflow Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160615-rv3
IBM Security Bulletins
IBM Security Bulletin: Cross-Site Request Forgery Vulnerability in IBM WebSphere Portal (CVE-2016-2901)
http://www-01.ibm.com/support/docview.wss?uid=swg21983974
IBM Security Bulletin: IBM TRIRIGA Application platform is vulnerable to a cross-site scripting attack. (CVE-2016-2883)
http://www.ibm.com/support/docview.wss?uid=swg21985158
IBM Security Bulletin: Vulnerability in BeanShell affects IBM Leads (CVE-2016-2510)
http://www.ibm.com/support/docview.wss?uid=swg21982167
IBM Security Bulletin: Vulnerability in InstallAnywhere affects IBM InfoSphere Optim Performance Manager for DB2 on LUW and IBM InfoSphere Optim Configuration Manager on Windows Platform (CVE-2016-4560)
http://www-01.ibm.com/support/docview.wss?uid=swg21984067
IBM Security Bulletin: Vulnerability in InstallShield affects IBM Tivoli Storage Manager FastBack for Bare Machine Recovery (CVE-2016-2542)
http://www.ibm.com/support/docview.wss?uid=swg21984184
IBM Security Bulletin: Vulnerability in InstallShield affects IBM Tivoli Storage Manager FastBack (CVE-2016-2542)
http://www.ibm.com/support/docview.wss?uid=swg21982809
IBM Security Bulletin: Vulnerabilities in IBM Notes KeyView PDF Filters (CVE-2016-0301, CVE-2016-0278, CVE-2016-0279, CVE-2016-0277)
http://www.ibm.com/support/docview.wss?uid=swg21982277