End-of-Shift report
Timeframe: Montag 08-05-2017 18:00 − Dienstag 09-05-2017 18:00
Handler: Stephan Richter
Co-Handler: n/a
SAP Security Patch Day - May 2017
This post by SAP Product Security Response Team shares information on Patch Day Security Notes* that are released on second Tuesday of every month and fix vulnerabilities discovered in SAP products. SAP strongly recommends that [...]
https://blogs.sap.com/2017/05/09/sap-security-patch-day-may-2017/
Project Zero: Microsofts Antivirensoftware gefährdet Windows-Nutzer
Googles Project Zero hat eine schwerwiegende Sicherheitslücke in der Anti-Viren-Engine von Microsoft entdeckt. Schuld daran ist die simulierte Ausführung von Javascript-Code ohne Sandbox.
https://www.golem.de/news/project-zero-microsofts-antivirensoftware-gefaehrdet-windows-nutzer-1705-127705-rss.html
Defeating Magento security mechanisms: Attacks used in the real world
DefenseCode recently discovered and reported multiple stored cross-site scripting and cross-site request forgery vulnerabilities in Magento 1 and 2 which will be addressed in one of the future patches. In light of these findings, this article describes examples of several attacks used in the real world that combine common vulnerabilities with faulty security mechanisms in Magento, leading to an unfavourable outcome. Examples will be aimed at Magento 2, but most of them can be applied [...]
https://www.helpnetsecurity.com/2017/05/09/defeating-magento-security/
Zeit für eine AMTshandlung?
Letzte Woche veröffentlichte Intel ein Advisory über eine Schwachstelle in "Intel Active Management Technology", kurz AMT. Besagte Schwachstelle erlaubt einem Angreifer, auf einem Rechner mit aktiviertem AMT, die Zugriffskontrollen für eben jenes auszuhebeln, und so administrativen Zugriff zu erlangen - [...]
http://www.cert.at/services/blog/20170508175554-1982.html
[2017-05-09] Multiple vulnerabilities in I, Librarian PDF manager
https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20170509-0_I_Librarian_Multiple_vulnerabilities_v10.txt
Bugtraq: ESA-2017-035: EMC Mainframe Enablers ResourcePak Base privilege management vulnerability
http://www.securityfocus.com/archive/1/540531
Security Update for Microsoft Malware Protection Engine
The update addresses a vulnerability that could allow remote code execution if the Microsoft Malware Protection Engine scans a specially crafted file. An attacker who successfully exploited this vulnerability could execute arbitrary code in the security context of the LocalSystem account and take control of the system.
https://technet.microsoft.com/en-us/library/security/4022344
Security Bulletin posted for Adobe Flash Player and Adobe Experience Manager Forms
Adobe has published security bulletins for Adobe Flash Player (APSB17-15) and Adobe Experience Manager Forms (APSB17-16). Adobe recommends users update their product installations to the latest versions using the instructions referenced in the relevant bulletin.
https://blogs.adobe.com/psirt/?p=1465
Vuln: Trend Micro Threat Discovery Appliance CVE-2016-8591 Command Injection Vulnerability
http://www.securityfocus.com/bid/98343
Vuln: Trend Micro Threat Discovery Appliance CVE-2016-8592 Command Injection Vulnerability
http://www.securityfocus.com/bid/98345
Cisco IOS and IOS XE Software Simple Network Management Protocol Subsystem Denial of Service Vulnerability
A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition.The vulnerability is due to a race condition that could occur when the affected software processes an SNMP read request that contains certain criteria for a specific object ID (OID) and an active crypto session is disconnected on an affected device. An attacker who can authenticate [...]
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-ios-xe-snmp
F5 Security Advisories
NTP vulnerability CVE-2017-6451
https://support.f5.com/csp/article/K32262483
NTP vulnerability CVE-2017-6462
https://support.f5.com/csp/article/K07082049
NTP vulnerability CVE-2017-6458
https://support.f5.com/csp/article/K99254031
NTP vulnerability CVE-2017-6460
https://support.f5.com/csp/article/K31310492
NTP vulnerability CVE-2017-6464
https://support.f5.com/csp/article/K96670746
IBM Security Bulletins
IBM Security Bulletin: Multiple vulnerabilities may affect IBM SDK, Java Technology Edition
https://www.ibm.com/support/docview.wss?uid=swg22002169
IBM Security Bulletin: Security vulnerability affects the Lifecycle Query Engine (LQE) that is shipped with Jazz Reporting Service (CVE-2017-1095)
http://www-01.ibm.com/support/docview.wss?uid=swg22001006
IBM Security Bulletin: Security vulnerability affects the Lifecycle Query Engine (LQE) that is shipped with Jazz Reporting Service (CVE-2017-1094)
http://www-01.ibm.com/support/docview.wss?uid=swg22001002
IBM Security Bulletin: There are multiple vulnerabilities in IBM Java Runtime and Apache Tomcat that affect IBM Cognos Business Viewpoint
http://www.ibm.com/support/docview.wss?uid=swg22003122
IBM Security Bulletin: Secure properties can be shown in plain text in IBM UrbanCode Deploy (CVE-2016-9007)
http://www-01.ibm.com/support/docview.wss?uid=swg2C1000236
IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect Rational Business Developer
http://www.ibm.com/support/docview.wss?uid=swg22002667
IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Rational Application Developer for WebSphere Software
http://www-01.ibm.com/support/docview.wss?uid=swg22003145
IBM Security Bulletin: A vulnerability in the SQLite component of the Response Time agent affects IBM Performance Management products (CVE-2016-6153)
http://www.ibm.com/support/docview.wss?uid=swg22000836