master.show-navigation
Meldungen
Services
Vorfall melden
Meldungen
Downloads
Feeds
Mailinglisten
Links
Daten feeds
Emails von uns
Crawler
Statistic Survey
Downloads
Über uns
Leitbild
Zuständigkeit
Das Management Team
Kontakt
Projekte
RFC 2350
Job-Angebote
Circa
Partner
CERT-Beirat
Pressematerial
Austrian Trust Circle
Austrian Energy Cert
FAQ
Impressum
Datenschutzerklärung
Haftungsausschluss
Berichte
Deutsch
English
Meldungen
Warnungen
Aktuelles
Tagesberichte
Blog
Spezielles
Services
Vorfall melden
Meldungen
Downloads
Feeds
Mailinglisten
Links
Daten feeds
Emails von uns
Crawler
Statistic Survey
Downloads
Berichte
Software
Papers
Pressematerial
Über uns
Leitbild
Zuständigkeit
Das Management Team
Kontakt
Projekte
RFC 2350
Job-Angebote
Circa
Partner
CERT-Beirat
Pressematerial
Austrian Trust Circle
Austrian Energy Cert
FAQ
Impressum
Datenschutzerklärung
Haftungsausschluss
Berichte
Jahresbericht 2023
Jahresbericht 2022
Jahresbericht 2021
Jahresbericht 2020
Jahresbericht 2019
Jahresbericht 2018
Jahresbericht 2017
Jahresbericht 2016
Jahresbericht 2015
Jahresbericht 2014
Jahresbericht 2013
DE
Deutsch
English
›
Meldungen
›
Tagesberichte
›
Show
Warnungen
Aktuelles
Tagesberichte
Blog
Spezielles
Tageszusammenfassung - 20.10.2017
End-of-Day report
Timeframe: Donnerstag 19-10-2017 18:00 − Freitag 20-10-2017 18:00 Handler: Robert Waldner Co-Handler: n/a
News
∗∗∗ KRACK-Entdecker: "Sicherheitsupdates einfordern" ∗∗∗ Der belgische Sicherheitsforscher Mathy Vanhoef, der die Sicherheitslücke KRACK in WLAN-Netzwerken entdeckt hat, geht davon aus, dass viele Geräte kein Update erhalten werden.
https://futurezone.at/digital-life/krack-entdecker-sicherheitsupdates-einfordern/293.205.260
∗∗∗ Canadian spooks release their own malware detection tool ∗∗∗ Canuck NSA/GCHQ equivalent open-sources Assemblyline, to make us all as safe as Canada Canadas Communications Security Establishment has open-sourced its own malware detection tool.…
http://go.theregister.com/feed/www.theregister.co.uk/2017/10/20/canadian_communications_security_establishment_open_sources_assemblyline/
Vulnerabilities
∗∗∗ Boston Scientific ZOOM LATITUDE PRM Vulnerabilities ∗∗∗ This advisory contains compensating controls for use of hard-coded cryptographic key and missing encryption of sensitive data vulnerabilities in Boston Scientific’s ZOOM LATITUDE Programmer/Recorder/Monitor Model 3120.
https://ics-cert.us-cert.gov/advisories/ICSMA-17-292-01
∗∗∗ SpiderControl MicroBrowser ∗∗∗ This advisory contains mitigation details for an uncontrolled search path element vulnerability in SpiderControls MicroBrowser.
https://ics-cert.us-cert.gov/advisories/ICSA-17-292-01
∗∗∗ Cisco Nexus Series Switches CLI Command Injection Vulnerability ∗∗∗ A vulnerability in the CLI of Cisco NX-OS System Software running on Cisco Nexus Series Switches could allow an authenticated, local attacker to perform a command injection attack.The vulnerability is due to insufficient input validation of command arguments. An attacker could exploit this vulnerability by injecting crafted command arguments into a vulnerable CLI command.
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-nss
∗∗∗ Cisco-Updates schließen mehrere Lücken ∗∗∗ Mit aktuellen Updates schließt Cisco insgesamt 17 Sicherheitslücken. Eine davon ist kritisch und erlaubt den Remote-Zugriff auf die Cloud Services Platform (CSP) 2100.
https://heise.de/-3865704
∗∗∗ Oracle Critical Patch Update Advisory - October 2017 ∗∗∗
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
∗∗∗ Security Notice - Statement on App Lock Bypass Vulnerability in Huawei EMUI ∗∗∗
http://www.huawei.com/en/psirt/security-notices/2017/huawei-sn-20170922-01-emui-en
∗∗∗ IBM Security Bulletin: A vulnerability in libsoup affects PowerKVM ∗∗∗
http://www.ibm.com/support/docview.wss?uid=isg3T1025834
∗∗∗ IBM Security Bulletin: Vulnerabilities in Apache HTTPD affect PowerKVM ∗∗∗
http://www.ibm.com/support/docview.wss?uid=isg3T1025773
∗∗∗ IBM Security Bulletin: Multiple security vulnerabilities affect Liberty for Java for IBM Bluemix (CVE-2017-1583, CVE-2011-4343) ∗∗∗
http://www.ibm.com/support/docview.wss?uid=swg22009704
∗∗∗ IBM Security Bulletin: Vulnerabilities in MariaDB affect PowerKVM ∗∗∗
http://www.ibm.com/support/docview.wss?uid=isg3T1025771
∗∗∗ IBM Security Bulletin: Vulnerabilities in the Linux kernel affect PowerKVM ∗∗∗
http://www-01.ibm.com/support/docview.wss?uid=isg3T1025779
∗∗∗ IBM Security Bulletin: Vulnerabilities in TigerVNC affect PowerKVM ∗∗∗
http://www.ibm.com/support/docview.wss?uid=isg3T1025772
∗∗∗ IBM Security Bulletin: Vulnerabilities in glibc affect PowerKVM ∗∗∗
http://www.ibm.com/support/docview.wss?uid=isg3T1025781
∗∗∗ IBM Security Bulletin: Vulnerabilities in PostgreSQL affect PowerKVM ∗∗∗
http://www.ibm.com/support/docview.wss?uid=isg3T1025764
∗∗∗ IBM Security Bulletin: A vulnerability in OpenLDAP affects PowerKVM ∗∗∗
http://www.ibm.com/support/docview.wss?uid=isg3T1025766
∗∗∗ IBM Security Bulletin: Vulnerabilities in git affect PowerKVM ∗∗∗
http://www.ibm.com/support/docview.wss?uid=isg3T1025756
∗∗∗ IBM Security Bulletin: A vulnerability in Spice affects PowerKVM ∗∗∗
http://www.ibm.com/support/docview.wss?uid=isg3T1025754
∗∗∗ IBM Security Bulletin: Vulnerabilities in tcpdump affect PowerKVM ∗∗∗
http://www.ibm.com/support/docview.wss?uid=isg3T1025768
∗∗∗ IBM Security Bulletin: Multiple Security Vulnerabilities exist in IBM Planning Analytics Express and IBM Cognos Express. ∗∗∗
http://www.ibm.com/support/docview.wss?uid=swg22009518
∗∗∗ SafeNet External Network HSM script vulnerability CVE-2017-6165 ∗∗∗
https://support.f5.com/csp/article/K74759095