End-of-Day report
Timeframe: Freitag 05-10-2018 18:00 - Montag 08-10-2018 18:00
Handler: Dimitri Robl
Co-Handler: Stephan Richter
News
Git Project Patches Remote Code Execution Vulnerability in Git
The Git Project announced yesterday a critical arbitrary code execution vulnerability in the Git command line client, Git Desktop, and Atom that could allow malicious repositories to remotely execute commands on a vulnerable machine.
https://www.bleepingcomputer.com/news/security/git-project-patches-remote-code-execution-vulnerability-in-git/
Sony Smart TV Bug Allows Remote Access, Root Privileges
Software patching becomes a new reality for smart TV owners.
https://threatpost.com/sony-smart-tv-bug-allows-remote-access-root-privileges/138063/
ENISA publishes annual report on trust services security incidents 2017
ENISA publishes the first full-year annual report on security incidents with electronic trust services, covering 2017.
https://www.enisa.europa.eu/news/enisa-news/enisa-publishes-annual-report-on-trust-services-security-incidents-2017
Sicherheitsupdate: D-Link Central WiFi Manager anfällig für Schadcode
In der Windows-Version von D-Link Central WiFi Manager klaffen mehrere Sicherheitslücken. Mindestens eine davon gilt als kritisch. Ein Patch schafft Abhilfe.
http://heise.de/-4183206
macOS: Code-Signing teilweise aushebelbar
Gatekeeper soll dafür sorgen, dass bekannte Malware auf dem Mac nicht startet. Überprüft wird aber oft nur ein Mal, warnt ein Sicherheitsforscher.
http://heise.de/-4182870
Vulnerabilities
VU#176301: Auto-Maskin DCU 210E RP 210E and Marine Pro Observer App
Vulnerability Note VU#176301 Auto-Maskin DCU 210E RP 210E and Marine Pro Observer App Original Release date: 06 Oct 2018 | Last revised: 08 Oct 2018 Overview Auto-Maskin RP remote panels and DCU controls units are used to monitor and control ship engines. The units have several authentication and encryption vulnerabilities which can allow attackers to access the units and control connected engines. Description CWE 798: -Use of Hard-Coded Credentials - CVE-2018-5399 [...]
http://www.kb.cert.org/vuls/id/176301
FLIR Systems FLIR Thermal Traffic Cameras Websocket Device Manipulation
FLIR thermal traffic cameras suffer from an unauthenticated device manipulation vulnerability utilizing the websocket protocol. The affected FLIR Intelligent Transportation Systems - ITS models use an insecure implementation of websocket communication used for administering the device. Authentication and authorization bypass via referencing a direct object allows an attacker to directly modify running configurations, disclose information or initiate a denial of service (DoS) scenario with [...]
http://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5490.php
FLIR Systems FLIR Thermal Traffic Cameras RTSP Stream Disclosure
FLIR thermal traffic cameras suffer from an unauthenticated and unauthorized live RTSP video stream access.
http://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5489.php
Security updates for Monday
Security updates have been issued by Debian (adplug, git, php-horde, php-horde-core, and php-horde-kronolith), Fedora (firefox, liblouis, libmad, mediawiki, opensc, php-horde-horde, php-horde-Horde-Core, php-horde-kronolith, and rust), Gentoo (imagemagick, openssh, and sox), openSUSE (ghostscript, gitolite, java-1_8_0-openjdk, kernel, php5, php7, python, thunderbird, tomcat, and unzip), Red Hat (firefox and rh-haproxy18-haproxy), and SUSE (ImageMagick, java-1_8_0-openjdk, kernel, qpdf, [...]
https://lwn.net/Articles/767873/
IBM Security Bulletin: IBM Security Key Lifecycle Manager Misses Authentication for Critical Function (CVE-2018-1745)
https://www-01.ibm.com/support/docview.wss?uid=ibm10733355
IBM Security Bulletin: IBM Security Key Lifecycle Manager is vulnerable to Improper Authentication (CVE-2018-1738)
http://www.ibm.com/support/docview.wss?uid=ibm10733309
IBM Security Bulletin: IBM Tivoli Netcool Impact is affected by an Information disclosure of stack trace vulnerability (CVE-2018-1553)
https://www-01.ibm.com/support/docview.wss?uid=ibm10733541
IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli Netcool Impact
https://www-01.ibm.com/support/docview.wss?uid=ibm10733543
IBM Security Bulletin: Vulnerabilities in NTP, OpenSSL and Intel CPU-s affect IBM Netezza Firmware Diagnostics.
https://www-01.ibm.com/support/docview.wss?uid=swg22016330