End-of-Day report
Timeframe: Mittwoch 07-11-2018 18:00 - Donnerstag 08-11-2018 18:00
Handler: Stephan Richter
Co-Handler: Alexander Riepl
News
Beginner-s Guide to Open Source Intrusion Detection (IDS) Tools
Originally written by Joe Schreiber Re-written and edited by Trevor Giffen (Editorial Contractor) Re-re edited and expanded by Rich Langston Whether you need to monitor hosts or the networks connecting them to identify the ..
https://feeds.feedblitz.com/~/579108152/0/alienvault-blogs~Beginner%e2%80%99s-Guide-to-Open-Source-Intrusion-Detection-IDS-Tools
DJI Patches Forum Bug That Allowed Drone Account Takeovers
Bug opened door for malicious link attack, giving hacker access to stored DJI drone data of commercial and consumer customers.
https://threatpost.com/dji-patches-forum-bug-that-allowed-drone-account-takeovers/138922/
Sicherheitsupdates: Cisco entfernt Backdoor aus Business Switches
Es gibt wichtige Patches zu Absicherung von Hard- und Software von Cisco.
http://heise.de/-4216400
Vulnerabilities
Security updates for Thursday
Security updates have been issued by CentOS (python-paramiko and thunderbird), Debian (firefox-esr, libdatetime-timezone-perl, and mariadb-10.0), Fedora (curl, NetworkManager, and xorg-x11-server), openSUSE (kernel), Oracle (java-1.7.0-openjdk, ..
https://lwn.net/Articles/771129/
Synology-SA-18:58 Surveillance Station
A vulnerability allows remote attackers to execute arbitrary code via a susceptible version of Surveillance Station.
https://www.synology.com/en-global/support/security/Synology_SA_18_58
Synology-SA-18:59 VS960HD
A vulnerability allows remote attackers to execute arbitrary code via a susceptible version of VS960HD.
https://www.synology.com/en-global/support/security/Synology_SA_18_59
BlackBerry powered by Android Security Bulletin - November 2018
http://support.blackberry.com/kb/articleDetail?language=en_US&articleNumber=000052899
WP GDPR Compliance <= 1.4.2 - Unauthenticated Call Any Action or Update Any Option
https://wpvulndb.com/vulnerabilities/9144
IBM Security Bulletin: IBM Maximo Asset Management is vulnerable to cross-site scripting (CVE-2018-1872)
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-maximo-asset-management-is-vulnerable-to-cross-site-scripting-cve-2018-1872/
IBM Security Bulletin: IBM i is affected by networking BIND vulnerability CVE-2018-5740
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-i-is-affected-by-networking-bind-vulnerability-cve-2018-5740/
IBM Security Bulletin: Node.js as used in IBM QRadar Packet Capture is susceptible to multiple vulnerabilities
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-node-js-as-used-in-ibm-qradar-packet-capture-is-susceptible-to-multiple-vulnerabilities/
IBM Security Bulletin: An XML External Entity (XXE) processing vulnerability is exposed in Case Manager administration client (CVE-2018-1844)
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-an-xml-external-entity-xxe-processing-vulnerability-is-exposed-in-case-manager-administration-client-cve-2018-1844/