End-of-Shift report
Timeframe: Freitag 16-06-2017 18:00 − Montag 19-06-2017 18:00
Handler: Robert Waldner
Co-Handler: Alexander Riepl
Bugtraq: ESA-2017-041: EMC VNX1 and VNX2 Family Multiple Vulnerabilities in VNX Control Station
http://www.securityfocus.com/archive/1/540738
VU#768399: HPE SiteScope contains multiple vulnerabilities
HPEs SiteScope is vulnerable to several cryptographic issues, insufficiently protected credentials, and missing authentication. Description HPEs SiteScope is vulnerable to several vulnerabilities.
http://www.kb.cert.org/vuls/id/768399
Analysis of the Shadow Brokers release and mitigation with Windows 10 virtualization-based security
On April 14, a group calling themselves the Shadow Brokers caught the attention of the security community by releasing a set of weaponized exploits. Shortly thereafter, one of these exploits ..
https://blogs.technet.microsoft.com/mmpc/2017/06/16/analysis-of-the-shadow-brokers-release-and-mitigation-with-windows-10-virtualization-based-security/
DSA-3884 gnutls28 - security update
Hubert Kario discovered that GnuTLS, a library implementing the TLS and SSL protocols, does not properly decode a status response TLS extension,allowing a remote attacker to cause an application using the GnuTLS library to crash (denial of service).
https://www.debian.org/security/2017/dsa-3884
In eigener Sache: Umstellung der Tageszusammenfassungen
In eigener Sache: Umstellung der Tageszusammenfassungen19. Juni 2017In der Woche vom 3.-7. 7. 2017 werden wir das Format unserer Tageszusammenfassungen anpassen. Inhaltlich bleibt alles wie gewohnt, wir werden aber der besseren Übersichtlichkeit halber den Inhalt in mehrere Sektionen unterteilen. Damit sollte es ..
http://www.cert.at/services/blog/20170619121641-2037.html
D-Link DSL-2640U - Unauthenticated DNS Change
The vulnerability exist in the web interface, which is accessible without authentication. Once modified, systems use foreign DNS servers, which are usually set up by cybercriminals. Users with ..
https://www.exploit-db.com/exploits/42195/
-Link DSL-2640B - Unauthenticated Remote DNS Change
The vulnerability exist in the web interface, which is accessible without authentication. Once modified, systems use foreign DNS servers, which are usually set up by cybercriminals. Users with ..
https://www.exploit-db.com/exploits/42197/
IBM Security Bulletin: IBM MQ Trace enablement could cause denial of service (CVE-2017-1117)
http://www-01.ibm.com/support/docview.wss?uid=swg22001468
IoT Malware Activity Already More Than Doubled 2016 Numbers
The number of new malware samples in the wild this year targeting connected internet-of-things (IoT) devices has already more than doubled last year’s total.
http://threatpost.com/iot-malware-activity-already-more-than-doubled-2016-numbers/126350/