End-of-Day report
Timeframe: Freitag 16-11-2018 18:00 - Montag 19-11-2018 18:00
Handler: Dimitri Robl
Co-Handler: Stephan Richter
News
Schwere Sicherheitslücken in GPS-Kinderuhren
Eigentlich sollten GPS-Uhren die Sicherheit der Kinder erhöhen. Nun werden sie selbst zum Risiko.
https://futurezone.at/digital-life/schwere-sicherheitsluecken-in-gps-kinderuhren/400326996
Vulnerabilities
Synaccess netBooter NP-0801DU 7.4 CSRF Add Admin Exploit
The application interface allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain actions with administrative privileges if a logged-in user visits a malicious web site.
http://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5501.php
Synaccess netBooter NP-02x/NP-08x 6.8 Authentication Bypass
netBooter suffers from an authentication bypass vulnerability due to missing control check when calling webNewAcct.cgi script while creating users. This allows an unauthenticated attacker to create admin user account and bypass authentication giving her the power to turn off a power supply to a resource.
http://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5500.php
Security updates for Monday
Security updates have been issued by Arch Linux (grafana and patch), Debian (chromium-browser), Fedora (cabextract, curl, elfutils, firefox, flatpak, glusterfs, kernel, kernel-headers, kernel-tools, kio-extras, libmspack, mariadb, mupdf, poppler, suricata, and wireshark), Mageia (hylafax+, jhead, libmspack/cabextract, nginx, sdl2/mingw-SDL2, and squid), openSUSE (amanda, apache-pdfbox, chromium, ImageMagick, LibreOffice and dependency libraries, libxkbcommon, openssh, systemd, and [...]
https://lwn.net/Articles/772522/
Serial number disclosure in the FortiOS PPTP server hostname protocol field
https://fortiguard.com/psirt/FG-IR-18-101
Cross-site scripting (XSS) vulnerability via DHCP Hostname parameter
https://fortiguard.com/psirt/FG-IR-18-121
IBM Security Bulletin: Vulnerability in IBM Java SDK Affects IBM Algo Credit Manager
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-vulnerability-in-ibm-java-sdk-affects-ibm-algo-credit-manager/
IBM Security Bulletin: IBM API Connect is affected by a denial of service vulnerability via large JSON payloads (CVE-2018-1779)
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-api-connect-is-affected-by-a-denial-of-service-vulnerability-via-large-json-payloads-cve-2018-1779/
IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Performance Management products
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilities-in-ibm-java-sdk-affect-ibm-performance-management-products/
IBM Security Bulletin: Multiple vulnerabilities in IBM® SDK, Java- Technology Edition affect IBM Operational Decision Manager
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilities-in-ibm-sdk-java-technology-edition-affect-ibm-operational-decision-manager-5/
IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Host On-Demand
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilities-in-ibm-java-runtime-affect-host-on-demand-2/
IBM Security Bulletin: Multiple vulnerabilities in WebSphere Application Server affect IBM Spectrum Control (formerly Tivoli Storage Productivity Center) (CVE-2018-1683, CVE-2018-8039)
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilities-in-websphere-application-server-affect-ibm-spectrum-control-formerly-tivoli-storage-productivity-center-cve-2018-1683-cve-2018-8039/
IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Tivoli Storage Manager FastBack (CVE-2018-1656, CVE-2018-12539)
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilities-in-ibm-java-runtime-affect-tivoli-storage-manager-fastback-cve-2018-1656-cve-2018-12539/