End-of-Day report
Timeframe: Montag 10-12-2018 18:00 - Dienstag 11-12-2018 18:00
Handler: Dimitri Robl
Co-Handler: Stephan Richter
News
MySQL-Frontend: Lücke in PhpMyAdmin erlaubt Datendiebstahl
Eine Sicherheitslücke im MySQL-Frontend PhpMyAdmin erlaubt es, lokale Dateien auszulesen. Dafür benötigt man jedoch einen bereits existierenden Login. (MySQL, PHP)
https://www.golem.de/news/mysql-frontend-luecke-in-phpmyadmin-erlaubt-datendiebstahl-1812-138193-rss.html
Warnung vor schlossauf.at
Die Website schlossauf.at wirbt mit einem seriösen und preiswerter Schlüsseldienst, der in 20min vor Ort bei Kund/innen ist. Konsument/innen, die den Dienst nutzen, nehmen in Wahrheit Kontakt mit der deutschen Gesellschaft MK Notservice GmbH auf. Sie vermittelt Schlosser/innen. Die Dienste vor Ort sind laut Kund/innenmeinungen mit langen Wartezeiten verbunden und sehr teuer.
https://www.watchlist-internet.at/news/warnung-vor-schlossaufat/
Augen auf beim digitale Vignetten-Kauf!
Die digitale Vignette können Sie an unterschiedlichsten Stellen erstehen. Neben der ASFINAG, dem ÖAMTC oder dem ARBÖ vertreiben nämlich auch andere unbekanntere Anbieter die digitale Vignette. Achtung: Hier werden zum Teil zusätzliche Kosten verrechnet, die Sie leicht vermeiden können, indem Sie einen kurzen Vergleich anstellen.
https://www.watchlist-internet.at/news/augen-auf-beim-digitale-vignetten-kauf/
Vulnerabilities
Security updates available for Adobe Acrobat and Reader (APSB18-41)
Adobe has published a security bulletin for Adobe Acrobat and Reader (APSB18-41). The updates referenced in the bulletin address critical and important vulnerabilities, and Adobe recommends users update their product installations to the latest versions using the instructions referenced in the bulletin.
https://blogs.adobe.com/psirt/?p=1674
Decoupled Router - Critical - Access bypass - SA-CONTRIB-2018-071
Project: Decoupled RouterVersion: 8.x-1.18.x-1.0Date: 2018-October-31Security risk: Critical 15-25 AC:None/A:None/CI:Some/II:None/E:Theoretical/TD:AllVulnerability: Access bypassDescription: This module enables you to resolve the provided Drupal path in order to find the canonical path and information about the resolved entity. This information includes entity type ID, entity ID, entity UUID and entity label.The module doesnt sufficiently check access before displaying entity labels.
https://www.drupal.org/sa-contrib-2018-071
TYPO3 9.5.2, 8.7.21 and 7.6.32 security releases published
We are announcing the release of the following TYPO3 updates:
* TYPO3 9.5.2 LTS
* TYPO3 8.7.21 LTS
* TYPO3 7.6.32 LTS
All versions are security releases and contain important security fixes.
https://typo3.org/article/typo3-952-8721-and-7632-security-releases-published/
SAP Security Patch Day - December 2018
On 11th of December 2018, SAP Security Patch Day saw the release of 9 Security Notes. Additionally, there were 3 updates to previously released security notes.
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=508559699
Security updates for Tuesday
Security updates have been issued by Debian (php7.0), Fedora (keepalived, kernel, kernel-headers, kernel-tools, mingw-uriparser, and uriparser), openSUSE (pdns-recursor), Oracle (kernel), SUSE (compat-openssl098, glibc, java-1_8_0-ibm, kernel, opensc, python, python-base, python-cryptography, python-pyOpenSSL, samba, and soundtouch), and Ubuntu (cups).
https://lwn.net/Articles/774590/
SSA-982399: Missing Authentication in TIM 1531 IRC Modules
https://cert-portal.siemens.com/productcert/txt/ssa-982399.txt
SSA-181018: Heap Overflow Vulnerability in SCALANCE X switches, RUGGEDCOM WiMAX, RFID 181-EIP, and SIMATIC RF182C
https://cert-portal.siemens.com/productcert/txt/ssa-181018.txt
SSA-674165: Vulnerability in McAfee MACC product for SINAMICS PERFECT HARMONY GH180 drives
https://cert-portal.siemens.com/productcert/txt/ssa-674165.txt
SSA-170881: Vulnerabilities in SINUMERIK Controllers
https://cert-portal.siemens.com/productcert/txt/ssa-170881.txt
IBM Security Bulletin: Open Source Python-paramiko vulnerability affects IBM Netezza Host Management.
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-open-source-python-paramiko-vulnerability-affects-ibm-netezza-host-management/
IBM Security Bulletin: Potential cross-site request forgery in WebSphere Application Server Admin Console (CVE-2018-1926)
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-potential-cross-site-request-forgery-in-websphere-application-server-admin-console-cve-2018-1926/
IBM Security Bulletin: Potential Privilege Escalation Vulnerability in WebSphere Application Server (CVE-2018-1901)
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-potential-privilege-escalation-vulnerability-in-websphere-application-server-cve-2018-1901/
IBM Security Bulletin: Potential Remote code execution vulnerability in WebSphere Application Server (CVE-2018-1904)
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-potential-remote-code-execution-vulnerability-in-websphere-application-server-cve-2018-1904/
IBM Security Bulletin: Vulnerability in BIND affects Power Hardware Management Console (CVE-2018-5740)
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-vulnerability-in-bind-affects-power-hardware-management-console-cve-2018-5740/
IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilities-in-ibm-java-runtime-affect-ibm-cloud-orchestrator-and-ibm-cloud-orchestrator-enterprise/
IBM Security Bulletin: IBM Security Access Manager Appliance is affected by a glibc vulnerability (CVE-2017-15670)
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-security-access-manager-appliance-is-affected-by-a-glibc-vulnerability-cve-2017-15670/
IBM Security Bulletin: Multiple Security Vulnerabilities affect IBM Cloud Private (CVE-2018-1060, CVE-2018-1061)
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-security-vulnerabilities-affect-ibm-cloud-private-cve-2018-1060-cve-2018-1061/
IBM Security Bulletin: IBM Cloud Manager with OpenStack is affected by a OpenSSL vulnerabilities (CVE-2018-0732, CVE-2018-0737)
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-cloud-manager-with-openstack-is-affected-by-a-openssl-vulnerabilities-cve-2018-0732-cve-2018-0737/
glibc vulnerability CVE-2017-16997
https://support.f5.com/csp/article/K43546166