Tageszusammenfassung - 22.12.2017

End-of-Day report

Timeframe: Donnerstag 21-12-2017 18:00 − Freitag 22-12-2017 18:00 Handler: Nina Bieringer Co-Handler: n/a

News

∗∗∗ Myloc/Webtropia: Offene VNC-Ports ermöglichten Angriffe auf Server ∗∗∗ Golem.de hat den Serverhoster Webtropia über eine kritische Schwachstelle informiert: Über eine Lücke in den Ports der Kontrollserver hätten Angreifer ohne Passwort die Kontrolle übernehmen können - zumindest bei einigen Systemen.

https://www.golem.de/news/myloc-webtropia-offene-vnc-ports-ermoeglichten-angriffe-auf-server-1712-131830-rss.html ∗∗∗ Conference review: Botconf 2017 ∗∗∗ Virus Bulletin researchers report back from a very interesting fifth edition of Botconf, the botnet fighting conference.

https://www.virusbulletin.com:443/blog/2017/12/conference-review-botconf-2017/ ∗∗∗ Opera: Version 50 soll vor Krypto-Mining im Browser schützen ∗∗∗ Auf immer mehr Webseiten lauern Skripte, die unbemerkt CPUs anzapfen, um Kryptowährungen zu schürfen. Die neue Opera-Version enthält mit "NoCoin" einen eingebauten Schutzmechanismus gegen diese Masche.

https://heise.de/-3926990 ∗∗∗ Thunderbird: Version 52.5.2 fixt Mailsploit und weitere Schwachstellen ∗∗∗ Mozilla reagiert auf unlängst von Forschern entdeckte Sicherheitsprobleme und bessert seinen Mail-Client nach. Nutzer sollten zeitnah auf die aktuelle Version umsteigen.

https://heise.de/-3927213

Vulnerabilities

∗∗∗ Moxa NPort W2150A and W2250A ∗∗∗ This advisory contains mitigation details for a credentials management vulnerability in Moxas NPort W2150A and W2250A serial network interface.

https://ics-cert.us-cert.gov/advisories/ICSA-17-355-01 ∗∗∗ Schneider Electric Pelco VideoXpert Enterprise ∗∗∗ This advisory contains mitigation details for path traversal and improper access control vulnerabilities in Schneider Electric’s Pelco VideoXpert Enterprise.

https://ics-cert.us-cert.gov/advisories/ICSA-17-355-02 ∗∗∗ The installer of Music Center for PC may insecurely load Dynamic Link Libraries ∗∗∗

http://jvn.jp/en/jp/JVN60695371/ ∗∗∗ The installer of Content Manager Assistant for PlayStation may insecurely load Dynamic Link Libraries ∗∗∗

http://jvn.jp/en/jp/JVN95423049/ ∗∗∗ Security Advisory - Remote Code Execution Vulnerability in Microsoft Windows Print Spooler Service ∗∗∗

http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20171222-01-windows-en ∗∗∗ Security Notice - Statement on Remote Code Execution Vulnerability in Huawei HG532 Product ∗∗∗

http://www.huawei.com/en/psirt/security-notices/2017/huawei-sn-20171130-01-hg532-en ∗∗∗ Security Advisory - Weak Cryptography Vulnerability in Some Huawei Products ∗∗∗

http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20171222-01-cryptography-en ∗∗∗ IBM Security Bulletin: Information Disclosure Vulnerability in IBM WebSphere Portal (CVE-2017-1698) ∗∗∗

http://www-01.ibm.com/support/docview.wss?uid=swg22011519 ∗∗∗ IBM Security Bulletin: Multiple security vulnerabilities have been fixed in products bundled with IBM Security Directory Suite 8.0.1 ∗∗∗

http://www-01.ibm.com/support/docview.wss?uid=swg22011971 ∗∗∗ IBM Security Bulletin: Rational Build Forge Security Advisory for Apache HTTPD, Apache Tomcat and OpenSSL Upgrade ∗∗∗

http://www-01.ibm.com/support/docview.wss?uid=swg22010523 ∗∗∗ IBM Security Bulletin: Security vulnerabilities have been identified in IBM Cognos Planning. ∗∗∗

http://www-01.ibm.com/support/docview.wss?uid=swg22011963 ∗∗∗ Citrix XenServer Lets Local Administrative Users on a Guest System Cause Denial of Service Conditions on the Host System ∗∗∗

http://www.securitytracker.com/id/1040031 ∗∗∗ SSA-323211 (Last Update 2017-12-22): Vulnerabilities in SIPROTEC 4 and SIPROTEC Compact Devices ∗∗∗

https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-323211.pdf Next End-of-Day report: 2017-12-27