End-of-Shift report
Timeframe: Montag 19-06-2017 18:00 − Dienstag 20-06-2017 18:00
Handler: Robert Waldner
Co-Handler: n/a
Apache HTTPD Bugs Let Remote Users Deny Service and Bypass Authentication in Certain Cases
Fix Available: Yes Vendor Confirmed: Yes
Version(s): 2.2.0 - 2.2.32, 2.4.0 - 2.4.25
Description: Several vulnerabilities were reported in Apache HTTPD. A remote user can cause the target service to crash. A remote user can bypass authentication.
http://www.securitytracker.com/id/1038711
Bugtraq: [security bulletin] HPESBGN03758 rev.2 - HPE UCMDB, Remote Code Execution
http://www.securityfocus.com/archive/1/540745
McAfee Labs Threats Report Explores Malware Evasion Techniques, Digital Steganography, Password-Stealer Fareit
We got a little carried away in the McAfee Labs Threats Report: June 2017, published today. This quarter's report has expanded to a rather hefty 83 pages! It contains three highly educational topics, in addition to the usual set of threats statistics: We broadly examine evasion techniques and how malware authors use them to accomplish...
https://securingtomorrow.mcafee.com/mcafee-labs/mcafee-labs-threats-report-explores-malware-evasion-techniques-digital-steganography-password-stealer-fareit/
Glibc Stack/Heap Memory Allocation Error Lets Local Users Gain Elevated Privileges
A local user can supply specially crafted LD_LIBRARY_PATH values to trigger a stack memory allocation flaw in certain cases and execute arbitrary code on the target system with elevated privileges.
The stack guard-page memory gap can be "jumped" in cases where heap memory and stack memory are adjacent.
http://www.securitytracker.com/id/1038712
[2017-06-20] Multiple Reflected Cross Site Scripting (XSS) issues in Ubiquiti Networks products
Multiple Ubiquiti Networks products with firmware XM v6.0, SW v1.3.3 and AF24 v3.2 are affected by a POST-request based cross site scripting vulnerability. Malicious JavaScript code can be executed in the browser of the user and cookies can be stolen.
https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20170620-0_Ubiquiti_networks_Multiple_XSS_v10.txt
DFN-CERT-2017-1052/">Exim: Eine Schwachstelle ermöglicht die Ausführung beliebigen Programmcodes
Betroffene Software: Exim <= 4.89
In Exim existiert eine Schwachstelle, weil durch die Mehrfachverwendung von '-p' als Befehlszeilenargument Speicher reserviert werden kann, der nicht wieder freigegeben wird. Ein lokaler, nicht authentisierter Angreifer kann dies nur in Verbindung mit einer anderen Schwachstelle ausnutzen, um beliebigen Programmcode zur Ausführung zu bringen und möglicherweise auch eine Rechteerweiterung auf Root-Privilegien durchzuführen.
Debian stellt für die stabile Distribution Stretch und die alte stabile Distribution Jessie jeweils Backport-Sicherheitsupdates bereit.
CVE-2017-1000369
https://portal.cert.dfn.de/adv/DFN-CERT-2017-1052/
Oracle Security Alert for CVE-2017-3629
This Security Alert addresses CVE-2017-3629 and two other vulnerabilities affecting Oracle Solaris. These are local privilege escalation vulnerabilities that may only be exploited over a network with a valid username and password. Together, these vulnerabilities may allow privilege escalation to root.
http://www.oracle.com/technetwork/security-advisory/alert-cve-2017-3629-3757403.html
Vuln: SAP Business Objects DS Open Redirection Vulnerability
http://www.securityfocus.com/bid/99143
Xen Security Advisories
XSA-216: blkif responses leak backend stack data
XSA-217: page transfer may allow PV guest to elevate privilege
XSA-218: Races in the grant table unmap code
XSA-219: x86: insufficient reference counts during shadow emulation
XSA-220: x86: PKRU and BND* leakage between vCPU-s
XSA-221: NULL pointer deref in event channel poll
XSA-222: stale P2M mappings due to insufficient error checking
XSA-223: ARM guest disabling interrupt may crash Xen
XSA-224: grant table operations mishandle reference
https://lists.xen.org/archives/html/xen-announce/2017-06/
IBM Security Bulletins
IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM i.
http://www-01.ibm.com/support/docview.wss?uid=nas8N1022142
IBM Security Bulletin: The Elastic Storage Server and the GPFS Storage Server are affected by a vulnerability in IBM Spectrum Scale (CVE-2017-1304)
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1010230
IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM WebSphere MQ Internet Pass-Thru
http://www.ibm.com/support/docview.wss?uid=swg22001701
IBM Security Bulletin: Multiple security vulnerabilities have been identified in IBM WebSphere Application Server Liberty shipped with IBM Security Directory Suite (CVE-2016-0378, CVE-2016-5983 and CVE-2016-5986)
http://www.ibm.com/support/docview.wss?uid=swg22002049