End-of-Day report
Timeframe: Dienstag 19-11-2019 18:00 - Mittwoch 20-11-2019 18:00
Handler: Robert Waldner
Co-Handler: n/a
News
NSA Releases Cyber Advisory: Managing Risk from Transport Layer Security Inspection
The National Security Agency (NSA) has released a Cyber Advisory that addresses managing risk from Transport Layer Security Inspection (TLSI). This short, informative document defines TLSI (a security process that allows incoming traffic to be decrypted, inspected, and re-encrypted), explains some risks and associated challenges, and discusses mitigations.
https://www.us-cert.gov/ncas/current-activity/2019/11/19/nsa-releases-cyber-advisory-managing-risk-transport-layer-security
D-Link Adds More Buggy Router Models to 'Won-t Fix' List
D-Link has warned that more of its routers are vulnerable to critical flaws that allow remote hackers to take control of hardware and steal data. The routers won-t be fixed, said D-Link, explaining that the hardware has reached its end-of-life and will no longer receive security updates. ... D-Link identified the additional affected models as: DIR-866, DIR-655, DHP-1565, DIR-652, DAP-1533, DGL-5500, DIR-130, DIR-330, DIR-615, DIR-825, DIR-835, DIR-855L and DIR-862.
https://threatpost.com/d-link-wont-fix-router-bugs/150438/
Monero Project site compromised, served malware-infected binaries
The official website of the Monero Project has been compromised to serve a malware-infected version of the CLI (command-line interface) wallet. The malicious file was available for download for around 14 hours and at least one of the users who downloaded the malware has had their funds stolen. What happened?
https://www.helpnetsecurity.com/2019/11/20/monero-project-compromised/
Vulnerabilities
Google and Samsung Fix Android Spying Flaw. Other Makers May Still Be Vulnerable
Until recently, weaknesses in Android camera apps from Google and Samsung made it possible for rogue apps to record video and audio and take images and then upload them to an attacker-controlled server -- without any permissions to do so. Camera apps from other manufacturers may still be susceptible.
https://tech.slashdot.org/story/19/11/19/1737219/google-and-samsung-fix-android-spying-flaw-other-makers-may-still-be-vulnerable
Administration Views - Moderately critical - Access bypass - SA-CONTRIB-2019-076
This module replaces administrative overview/listing pages with actual views for superior usability.The module doesnt sufficiently check user access when using the "Menu system path" access handler on a Views displays other than "System".
https://www.drupal.org/sa-contrib-2019-076
Unbound: Vulnerability in IPSEC module
Due to unsanitized characters passed to the ipsecmod-hook shell command, it is possible for Unbound to allow shell code execution from a specially crafted IPSECKEY answer. (CVE-2019-18934)
https://nlnetlabs.nl/projects/unbound/security-advisories/
Flexera FlexNet Publisher
These vulnerabilities could allow an attacker to deny the acquisition of a valid license for legal use of the product. The memory corruption vulnerability could allow remote code execution. (CVE-2018-20033, CVSS v3 9.8)
https://www.us-cert.gov/ics/advisories/icsa-19-323-01
High Severity Vulnerability Patched in WP Maintenance Plugin
This flaw allowed attackers to enable a vulnerable site-s maintenance mode and inject malicious code affecting site visitors. We disclosed this issue privately to the plugin-s developer who released a patch the next day. Plugin versions of WP Maintenance up to 5.0.5 are vulnerable to attacks against this flaw. All WP Maintenance users should update to version 5.0.6 immediately.
https://www.wordfence.com/blog/2019/11/high-severity-vulnerability-patched-in-wp-maintenance-plugin/
Security updates for Wednesday
Security updates have been issued by Debian (redmine), Fedora (libidn2), Mageia (clamav, ghostscript, kernel, kernel-linus, libexif, libjpeg, mariadb, microcode, and systemd), and openSUSE (libjpeg-turbo).
https://lwn.net/Articles/805224/
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Remote Code Execution Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191112-asa-ftd-lua-rce
Cisco Unified Communications Manager SQL Injection Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191120-cucm-sql
Cisco Webex Teams for Windows DLL Hijacking Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191120-webex-teams-dll
Cisco WebEx Centers Username Enumeration Information Disclosure Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191120-webex-centers-infodis
Cisco SD-WAN Solution vManage Cross-Site Request Forgery Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191120-vman-csrf
Cisco Unity Express Command Injection Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191120-unity-exp-comm-inject
Cisco Unified Communications Domain Manager Persistent Cross-Site Scripting Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191120-ucdm-xss
Cisco Stealthwatch Enterprise Cross-Site Scripting Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191120-stealth-xss
Cisco Small Business Routers RV016, RV042, RV042G, and RV082 Information Disclosure Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191120-sbr-rv-infodis
Cisco IOS XR Software NETCONF Over Secure Shell ACL Bypass Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191120-iosxr-ssh-bypass
Cisco Email Security Appliance URL Filtering Bypass Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191120-esa-url-bypass
Cisco Email Security Appliance MP3 Content Filter Bypass Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191120-esa-mp3-bypass
Cisco DNA Spaces: Connector SQL Injection Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191120-dna-sqlinjection
Cisco DNA Spaces: Connector Privilege Escalation Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191120-dna-priv-esca
Cisco DNA Spaces: Connector Command Injection Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191120-dna-cmd-injection
Security Advisory - Use of Insufficiently Random Values Vulnerability in Huawei ViewPoint Products
http://www.huawei.com/en/psirt/security-advisories/2019/huawei-sa-20191120-01-viewpoint-en
Security Advisory - Two Vulnerabilities in Some Huawei Home Routers
http://www.huawei.com/en/psirt/security-advisories/2019/huawei-sa-20191113-01-homerouter-en
Security Advisory - Improper Validation of Array Index Vulnerability in Several Smartphones
http://www.huawei.com/en/psirt/security-advisories/2019/huawei-sa-20191120-01-smartphone-en
Security Bulletin: IBM Maximo Asset Management is vulnerable to Privilege Escalation (CVE-2019-4530)
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-maximo-asset-management-is-vulnerable-to-privilege-escalation-cve-2019-4530/
Security Bulletin: A security vulnerability has been fixed in the IBM Security Identity Manager product (CVE-2019-4561)
https://www.ibm.com/blogs/psirt/security-bulletin-a-security-vulnerability-has-been-fixed-in-the-ibm-security-identity-manager-product-cve-2019-4561/
Security Bulletin: Vulnerabilities in WAS Liberty affect IBM Spectrum LSF Suite, Spectrum LSF Suite for HPA and Spectrum LSF Application Center
https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-in-was-liberty-affect-ibm-spectrum-lsf-suite-spectrum-lsf-suite-for-hpa-and-spectrum-lsf-application-center/