End-of-Day report
Timeframe: Montag 30-07-2018 18:00 - Dienstag 31-07-2018 18:00
Handler: Robert Waldner
Co-Handler: n/a
News
"National CERT" vs. "National CSIRTs"
"National CERT" vs. "National CSIRTs"2018/07/31The NIS Directive built upon previous work in the space of network and information security and also tried to use the established language of the field. This worked - up to a point. Im trying to summarize the differences and pitfalls regarding the term "national CSIRT".
http://www.cert.at/services/blog/20180731155524-2252_en.html
Betrug mit günstigen Wohnungen
Kriminelle inserieren günstige Wohnungen in guter Lage. Sie teilen Wohnungssuchenden mit, dass eine Besichtigung der Immobilie nur bei Bezahlung einer hohen Kaution möglich sei. Interessent/innen, die das Geld an das genannten Unternehmen bezahlen, verlieren es, denn es gibt die angebotene Wohnung nicht.
https://www.watchlist-internet.at/news/betrug-mit-guenstigen-wohnungen/
Update on the Distrust of Symantec TLS Certificates
Firefox 60 (the current release) displays an -untrusted connection- error for any website using a TLS/SSL certificate issued before June 1, 2016 that chains up to a Symantec root certificate. This is part of the consensus proposal for removing trust in Symantec TLS certificates that Mozilla adopted in 2017. This proposal was also adopted by the Google Chrome team, and more recently Apple announced their plan to distrust Symantec TLS certificates.
https://blog.mozilla.org/security/2018/07/30/update-on-the-distrust-of-symantec-tls-certificates/
Vulnerabilities
OTRS: Eine Schwachstelle ermöglicht das Erlangen von Administratorrechten
Ein Agent kann in OTRS als entfernter, einfach authentifizierter Angreifer mit Hilfe einer speziell präparierten URL seine Privilegien eskalieren und beliebige Benutzerrechte erlangen. Dazu gehören auch Adminstratorrechte.
https://adv-archiv.dfn-cert.de/adv/2018-1499/
Security updates for Tuesday
Security updates have been issued by Debian (network-manager-vpnc), Fedora (wireshark), Oracle (java-1.7.0-openjdk and yum-utils), Red Hat (chromium-browser, java-1.7.0-openjdk, memcached, qemu-kvm-rhev, and yum-utils), Scientific Linux (java-1.7.0-openjdk and yum-utils), Slackware (file and seamonkey), SUSE (gdk-pixbuf, libcgroup, libcgroup1, libvirt, and sssd), and Ubuntu (mysql-5.5 and mysql-5.5, mysql-5.7).
https://lwn.net/Articles/761375/
Drupal 8 release on August 1st, 2018 - DRUPAL-PSA-2018-07-30
The Drupal Security Team will be coordinating a security release for Drupal 8 this week on Wednesday, August 1, 2018. (We are issuing this PSA in advance because the in the regular security release window schedule, August 1 would not typically be a core security window.)The Drupal 8 core release will be made between noon and 3pm EDT. It is rated as moderately critical and will be an update to a vendor library only.August 1 also remains a normal security release window for contributed projects.
https://www.drupal.org/psa-2018-07-30
IBM Security Bulletin: Vulnerability in IBM WebSphere Application Server Affects IBM Emptoris Sourcing, IBM Emptoris Contract Management, IBM Emptoris Spend Analysis, IBM Emptoris Program Management and IBM Emptoris Service Procurement
http://www.ibm.com/support/docview.wss?uid=ibm10719211
IBM Security Bulletin: Vulnerability in IBM WebSphere Application Server Affects IBM Emptoris Sourcing, IBM Emptoris Contract Management, IBM Emptoris Spend Analysis, IBM Emptoris Program Management and IBM Emptoris Service Procurement
http://www.ibm.com/support/docview.wss?uid=ibm10719209
IBM Security Bulletin: Multiple vulnerabilities in IPv6 and MQ affect IBM SAN Volume Controller, IBM Storwize and IBM FlashSystem products
https://www-01.ibm.com/support/docview.wss?uid=ibm10717931
IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli Monitoring
http://www-01.ibm.com/support/docview.wss?uid=ibm10717693
IBM Security Bulletin: RCE vulnerability (CVE-2018-1595) affects IBM Platform Symphony, IBM Spectrum Symphony
https://www-01.ibm.com/support/docview.wss?uid=isg3T1027819
IBM Security Bulletin: IBM BladeCenter Advanced Management Module (AMM) is affected by a vulnerability in freetype2 (CVE-2016-10328)
http://www.ibm.com/support/docview.wss?uid=ibm10719055
IBM Security Bulletin: IBM BladeCenter Advanced Management Module (AMM) is affected by vulnerabilities in dhcp (CVE-2018-5732 CVE-2018-5733)
http://www.ibm.com/support/docview.wss?uid=ibm10719059
IBM Security Bulletin: Vulnerability in IBM WebSphere Application Server Affects IBM Emptoris Sourcing, IBM Emptoris Contract Management, IBM Emptoris Spend Analysis, IBM Emptoris Program Management and IBM Emptoris Service Procurement
http://www.ibm.com/support/docview.wss?uid=ibm10719203
IBM Security Bulletin: IBM BladeCenter Advanced Management Module (AMM) is affected by vulnerabilities in GNU C Library
http://www.ibm.com/support/docview.wss?uid=ibm10719047
IBM Security Bulletin: Multiple vulnerabilities in IBM GSKit affect IBM Personal Communications
http://www.ibm.com/support/docview.wss?uid=ibm10717437
Linux kernel vulnerability CVE-2016-8650
https://support.f5.com/csp/article/K46394694