End-of-Day report
Timeframe: Montag 01-10-2018 18:00 - Dienstag 02-10-2018 18:00
Handler: Stephan Richter
Co-Handler: n/a
News
Security Update for Foxit PDF Reader Fixes 118 Vulnerabilities
It has not been a good week for PDF programs. We had an Adobe Acrobat & Reader update released yesterday that fixed 86 vulnerabilities, including numerous critical ones. Not to be beaten, an update for Foxit PDF Reader and Foxit PhantomPDF was released last Friday that fixes a whopping 116 vulnerabilities.
https://www.bleepingcomputer.com/news/security/security-update-for-foxit-pdf-reader-fixes-118-vulnerabilities/
Nine NAS Bugs Open LenovoEMC, Iomega Devices to Attack
Rated as high-risk vulnerabilities, these privilege-escalation flaws could allow an unauthenticated attacker to access protected content.
https://threatpost.com/nine-nas-bugs-open-lenovoemc-iomega-devices-to-attack/137829/
Keine Rechnung von ibostream.de und sobastream.de zahlen
Die Abo-Fallen ibostream.de und sobastream.de sehen für ihre Nutzung eine kostenlose Registrierung vor. Fünf Tagen nach der Registrierung erhalten Konsument/innen von der Ibo Das Limited oder der Stream It Limited eine Rechnung von 359,88- Euro. Nutzer/innen müssen die Summe nicht bezahlen, denn zwischen ihnen und ibostream.de oder sobastream.de gibt es keinen Vertrag.
https://www.watchlist-internet.at/news/keine-rechnung-von-ibostreamde-und-sobastreamde-zahlen/
Vulnerabilities
Kritische Sicherheitslücken in Adobe Acrobat und Reader - Patches verfügbar
Adobe hat ausserhalb des monatlichen Patch-Zyklus Updates für Acrobat und Reader veröffentlicht, mit denen teils kritische Sicherheitslücken geschlossen werden.
https://www.cert.at/warnings/all/20181002.html
Android Security Bulletin - October 2018
The Android Security Bulletin contains details of security vulnerabilities affecting Android devices. [...] The most severe of these issues is a critical security vulnerability in Framework that could enable a remote attacker using a specially crafted file to execute arbitrary code within the context of a privileged process.
https://source.android.com/security/bulletin/2018-10-01.html
Security updates for Tuesday
Security updates have been issued by Arch Linux (lib32-libxml2, libxml2, mosquitto, and ntp), Debian (kernel and strongswan), Fedora (firefox), openSUSE (zsh), Oracle (kernel), Red Hat (ceph-iscsi-cli), SUSE (openssl-1_0_0), and Ubuntu (kernel, linux, linux-aws, linux-gcp, linux-kvm, linux-oem, linux-raspi2, linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon, linux-hwe, linux-gcp, linux-lts-trusty, linux-lts-xenial, linux-aws, and strongswan).
https://lwn.net/Articles/767467/
Vuln: LibTIFF CVE-2018-17795 Heap Based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/105445
Red Hat JBoss A-MQ, Red Hat JBoss Fuse: Eine Schwachstelle ermöglicht das Erlangen von Benutzerrechten
https://adv-archiv.dfn-cert.de/adv/2018-1989/
IBM Security Bulletin: Multiple security vulnerabilities in GSKit used by Edge Caching proxy of WebSphere Application Server
https://www-01.ibm.com/support/docview.wss?uid=ibm10732391
IBM Security Bulletin: Cross-site scripting vulnerability in OAuth ear in WebSphere Application Server (CVE-2018-1794)
https://www-01.ibm.com/support/docview.wss?uid=ibm10729571
IBM Security Bulletin: Cross-site scripting vulnerability in SAML ear in WebSphere Application Server (CVE-2018-1793)
https://www-01.ibm.com/support/docview.wss?uid=ibm10729563
IBM Security Bulletin: Multiple Security Vulnerabilities affect IBM® Cloud Private (CVE-2018-0739,CVE-2017-17512, CVE-2018-1000122)
http://www.ibm.com/support/docview.wss?uid=ibm10719199
IBM Security Bulletin: IBM b-type Network/Storage switches are affected by Sweet32: Birthday attacks on 64-bit block ciphers in TLS and OpenVPN (openssl ,redhat,openVPN) vulnerabilities.
http://www.ibm.com/support/docview.wss?uid=ssg1S1010724
Password disclosure vulnerability & XSS in PTC ThingWorx
https://www.sec-consult.com/en/blog/advisories/password-disclosure-vulnerability-xss-in-ptc-thingworx/
HPESBHF03897 rev.1 - HPE Switches and Routers using OpenSSL, and Intelligent Management Center (iMC) PLAT, Remote Denial of Service
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03897en_us