Tageszusammenfassung - 08.11.2017

End-of-Day report

Timeframe: Dienstag 07-11-2017 18:00 − Mittwoch 08-11-2017 18:00 Handler: Nina Bieringer Co-Handler: Robert Waldner

News

∗∗∗ SSH Server "Time to Live"? Less than a cup of coffee!, (Wed, Nov 8th) ∗∗∗ After the stories I posted last week on SSH, I had some folks ask me about putting an SSH server on the public internet - apparently lots of lots of folks still think that's a safe thing to do.

https://isc.sans.edu/diary/rss/23020 ∗∗∗ BSI veröffentlicht Bericht zur Lage der IT-Sicherheit in Deutschland 2017 ∗∗∗ Der Lagebericht der nationalen Cyber-Sicherheitsbehörde beschreibt und analysiert die aktuelle IT-Sicherheitslage, die Ursachen von Cyber-Angriffen sowie die verwendeten Angriffsmittel und -methoden. Daraus abgeleitet zeigt das BSI Lösungsansätze zur Verbesserung der IT-Sicherheit in Deutschland auf.

https://www.bsi.bund.de/DE/Presse/Pressemitteilungen/Presse2017/Bericht_zur_Lage_der_IT-Sicherheit_in_Deutschland_08112017.html ∗∗∗ Amazon Updates AWS Dashboard to Warn Admins When Theyre Exposing S3 Buckets ∗∗∗ Following a long string of data leaks caused by misconfigured S3 servers, Amazon has decided to add a visible warning to the AWS backend dashboard panel that will let server admins know if one of their buckets (storage environments) is publicly accessible and exposing potentially sensitive data on the Internet. [...]

https://www.bleepingcomputer.com/news/security/amazon-updates-aws-dashboard-to-warn-admins-when-theyre-exposing-s3-buckets/ ∗∗∗ Windows 10: Microsoft stellt Sicherheitsrichtlinien für Windows-PCs auf ∗∗∗ Ein aktueller Prozessor, UEFI 2.4 und am besten ein TPM-Chip: Neue Sicherheitsrichtlinien machen Systeme mit Fall Creators Update laut Microsoft erst sicher. Die 8-GByte-RAM-Regel kann jedoch etwa das eigene Surface Pro teils nicht einhalten. (Windows 10, Microsoft)

https://www.golem.de/news/windows-10-microsoft-stellt-sicherheitsrichtlinien-fuer-windows-pcs-auf-1711-131025-rss.html

Vulnerabilities

∗∗∗ Security Advisory - Denial of Service Vulnerability on Huawei Smartphones ∗∗∗ There is a denial of service vulnerability on Huawei Smartphones. An attacker could make an loop exit condition that cannot be reached by sending the crafted 3GPP message. Successful exploit could cause the device to reboot. (Vulnerability ID: HWPSIRT-2017-09085) This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2017-15345. Huawei has released software updates to fix this vulnerability.

http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20171108-01-smartphone-en ∗∗∗ Security Advisory - Information Leak Vulnerability in Huawei FusionSphere OpenStack ∗∗∗

http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20171108-01-fusionsphere-en ∗∗∗ Security Advisory - Three Buffer Overflow Vulnerabilities in Some Huawei Products ∗∗∗

http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20171108-02-http-en ∗∗∗ Security Advisory - Command Injection Vulnerability in OpsMonitor ∗∗∗

http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20171108-01-opsmonitor-en ∗∗∗ IBM Security Bulletin: IBM Tivoli Netcool Impact affected by IBM® SDK Java™ Technology Edition Quarterly CPU – Jul 2017 – Includes Oracle Jul 2017 CPU vulnerabilities in IBM WebSphere Application Server ∗∗∗

http://www-01.ibm.com/support/docview.wss?uid=swg22010162 ∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM InfoSphere Guardium Data Redaction (multiple CVEs) ∗∗∗

http://www-01.ibm.com/support/docview.wss?uid=swg22008888 ∗∗∗ IBM Security Bulletin: IBM Security Access Manager appliances are affected by kernel vulnerabilities ∗∗∗

http://www.ibm.com/support/docview.wss?uid=swg22010223 ∗∗∗ Kernel vulnerabilities CVE-2017-12192 and CVE-2017-15274 ∗∗∗

https://support.f5.com/csp/article/K33567812 ∗∗∗ Java vulnerability CVE-2017-10118 ∗∗∗

https://support.f5.com/csp/article/K42185012