End-of-Day report
Timeframe: Mittwoch 19-09-2018 18:00 - Donnerstag 20-09-2018 18:00
Handler: Robert Waldner
Co-Handler: n/a
News
Hunderttausende Überwachungskameras wegen Linux-Schwachstelle angreifbar
Die Angreifer können die Aufzeichnungen live ansehen, Material löschen oder Videos in Dauerschleife abspielen, um Einbrüche zu verschleiern.
https://futurezone.at/digital-life/hunderttausende-ueberwachungskameras-wegen-linux-schwachstelle-angreifbar/400123112
BSI veröffentlicht Übersicht qualifizierter DDoS-Mitigation-Dienstleister
Basierend auf den ebenfalls veröffentlichten Auswahlkriterien für qualifizierte Dienstleister wurde ein wettbewerbsneutrales Verfahren entwickelt, durch das erste geeignete DDoS-Mitigation-Dienstleister identifiziert werden konnten.
https://www.bsi.bund.de/DE/Presse/Pressemitteilungen/Presse2018/DDos-Mitigation_Dienstleisterliste_20092018.html
Vulnerabilities
Security updates for Thursday
Security updates have been issued by Debian (glusterfs, php5, reportbug, and suricata), openSUSE (chromium and exempi), Red Hat (openstack-rabbitmq-container), SUSE (couchdb, crowbar, crowbar-core, crowbar-ha, crowbar-init, crowbar-openstack, crowbar-ui, gdm, OpenStack, pango, and webkit2gtk3), and Ubuntu (bind9, lcms, lcms2, and lcms2).
https://lwn.net/Articles/765814/
Vuln: Symantec Messaging Gateway CVE-2018-12243 XML External Entity Injection Vulnerability
Symantec Messaging Gateway is prone to an XML External Entity injection vulnerability.
Attackers can exploit this issue to gain access to sensitive information or cause denial-of-service conditions.
Versions prior to Messaging Gateway 10.6.6 are vulnerable
http://www.securityfocus.com/bid/105330
Vuln: Symantec Messaging Gateway CVE-2018-12242 Authentication Bypass Vulnerability
Symantec Messaging Gateway is prone to an authentication-bypass vulnerability.
An attacker can exploit this issue to bypass the authentication mechanism and perform unauthorized actions. This may lead to further attacks.
Versions prior to Messaging Gateway 10.6.6 are vulnerable
http://www.securityfocus.com/bid/105329
Cisco Webex Network Recording Player Remote Code Execution Vulnerabilities
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180919-webex
Cisco Webex Network Recording Player Remote Code Execution Vulnerabilities
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180919-webex
IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect AIX Security Bulletin
http://www-01.ibm.com/support/docview.wss?uid=ibm10730909
IBM Security Bulletin: A Security Vulnerability affects IBM Cloud Private Cloud Foundry (CVE-2018-11047)
https://www-01.ibm.com/support/docview.wss?uid=ibm10731715
IBM Security Bulletin: Privilege escalation vulnerability affects IBM Db2 Administrative Task Scheduler (CVE-2018-1711).
https://www-01.ibm.com/support/docview.wss?uid=ibm10729983
IBM Security Bulletin: Buffer overflow in IBM Db2 tool db2licm (CVE-2018-1710).
https://www-01.ibm.com/support/docview.wss?uid=ibm10729981
IBM Security Bulletin: Privilege escalation in IBM Db2 tool db2cacpy (CVE-2018-1685).
https://www-01.ibm.com/support/docview.wss?uid=ibm10729979
IBM Security Bulletin: Vulnerability in OpenSSL affects AIX (CVE-2018-0732) Security Bulletin
https://www-01.ibm.com/support/docview.wss?uid=ibm10731039
IBM Security Bulletin: IBM Cloud Private Cloud Foundry is vulnerable to a security vulnerability
https://www-01.ibm.com/support/docview.wss?uid=ibm10731705
IBM Security Bulletin: Vulnerabilities in GSKit affect IBM Spectrum Scale used by DB2 pureScale (CVE-2018-1431, CVE-2018-1447, CVE-2017-3732, CVE-2016-0705)
https://www-01.ibm.com/support/docview.wss?uid=ibm10731657