End-of-Day report
Timeframe: Dienstag 05-02-2019 18:00 - Mittwoch 06-02-2019 18:00
Handler: Dimitri Robl
Co-Handler: Stephan Richter
News
Nicht auf apfel-deals.com bestellen!
apfel-deals.com wirbt aktuell aktiv um Kundschaft. Im Angebot hat der Shop den Großteil des Apple-Produktsortiments, wie zum Beispiel iPhones, MacBooks, iPads und die Apple Watch. Achtung: Die Preise sind zwar verlockend, doch es handelt sich um einen Fake-Shop, der keine Waren liefert. Konsument/innen zahlen per Vorkasse und verlieren dadurch ihr Geld an Kriminelle!
https://www.watchlist-internet.at/news/nicht-auf-apfel-dealscom-bestellen/
SuperBoost Wifi hält nicht, was es verspricht!
Auf superboostwifi.com bewirbt die Firma Strong Current Enterprises Limited ein Gerät, das in der Lage sein soll, die Geschwindigkeitsbegrenzung von Internet-Verbindungen auszuhebeln. Tatsächlich handelt es sich beim SuperBoost Wifi Booster lediglich um einen vergleichsweise teuren WLAN-Repeater. Die Internet-Geschwindigkeit bleibt ein und dieselbe, nur die Reichweite wird verbessert.
https://www.watchlist-internet.at/news/superboost-wifi-haelt-nicht-was-es-verspricht/
Vulnerabilities
AVEVA InduSoft Web Studio and InTouch Edge HMI
This advisory provides mitigation recommendations for Missing Authentication for Critical Function and Resource Injection vulnerabilities reported in the AVEVA InduSoft Web Studio and InTouch Edge HMI (formerly InTouch Machine Edition) applications.
https://ics-cert.us-cert.gov/advisories/ICSA-19-036-01
Rockwell Automation EtherNet/IP Web Server Modules
This advisory includes mitigations for an improper input validation vulnerability reported in the Rockwell Automation EtherNet/IP Web Server Modules.
https://ics-cert.us-cert.gov/advisories/ICSA-19-036-02
WECON LeviStudioU
This advisory includes mitigations for stack-based buffer overflow, heap-based buffer overflow, and memory corruption vulnerabilities reported in WECONs LeviStudioU.
https://ics-cert.us-cert.gov/advisories/ICSA-19-036-03
Siemens SIMATIC S7-1500 CPU
This advisory provides mitigation recommendations for uncontrolled resource consumption vulnerabilities reported in Siemens SIMATIC SV-1500 CPU.
https://ics-cert.us-cert.gov/advisories/ICSA-19-036-04
Kunbus PR100088 Modbus Gateway
This advisory provides mitigation recommendations for improper authentication, missing authentication for critical function, and improper input validation vulnerabilities reported in the Kunbus PR100088 Modbus gateway.
https://ics-cert.us-cert.gov/advisories/ICSA-19-036-05
Security updates for Wednesday
Security updates have been issued by Debian (dovecot and libav), openSUSE (kernel and krb5), Scientific Linux (thunderbird), SUSE (curl, lua53, python3, and spice), and Ubuntu (dovecot).
https://lwn.net/Articles/779098/
ZDI: (0day) Hewlett Packard Enterprise Intelligent Management Vulnerabilities
http://www.zerodayinitiative.com/advisories/ZDI-19-162/
http://www.zerodayinitiative.com/advisories/ZDI-19-172/
http://www.zerodayinitiative.com/advisories/ZDI-19-171/
http://www.zerodayinitiative.com/advisories/ZDI-19-170/
http://www.zerodayinitiative.com/advisories/ZDI-19-169/
http://www.zerodayinitiative.com/advisories/ZDI-19-168/
http://www.zerodayinitiative.com/advisories/ZDI-19-167/
http://www.zerodayinitiative.com/advisories/ZDI-19-166/
http://www.zerodayinitiative.com/advisories/ZDI-19-165/
http://www.zerodayinitiative.com/advisories/ZDI-19-164/
http://www.zerodayinitiative.com/advisories/ZDI-19-163/
Cisco Aironet Active Sensor Static Credentials Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190206-aas-creds
Cisco Web Security Appliance Decryption Policy Bypass Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190206-wsa-bypass
Cisco Webex Business Suite Content Injection Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190206-webex-injection
Cisco Webex Meetings for Android Cross-Site Scripting Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190206-webex-andro-xss
Cisco TelePresence Management Suite Cross-Site Scripting Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190206-tms-xss
Cisco TelePresence Management Suite Simple Object Access Protocol Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190206-tms-soap
Cisco TelePresence Conductor, Cisco Expressway Series, and Cisco TelePresence Video Communication Server REST API Server-Side Request Forgery Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190206-rest-api-ssrf
Cisco Meeting Server SIP Processing Denial of Service Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190206-meeting-sipdos
Cisco Identity Services Engine Cross-Site Scripting Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190206-ise-xss
Cisco Firepower Management Center Cross-Site Scripting Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190206-fmc-xss
Cisco Unified Intelligence Center Software Cross-Site Scripting Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190206-cuic-xss
Cisco Meeting Server Denial of Service Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190206-cms-dos
IBM Security Bulletin: Potential denial of service in WebSphere Application Server (CVE-2018-10237)
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-potential-denial-of-service-in-websphere-application-server-cve-2018-10237/
IBM Security Bulletin: IBM DataPower Gateway is affected by vulnerabilities in OpenSSL
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-datapower-gateway-is-affected-by-vulnerabilities-in-openssl/
IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli System Automation for Multiplatforms (CVE-2018-3180, CVE-2018-3139)
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilities-in-ibm-java-sdk-affect-ibm-tivoli-system-automation-for-multiplatforms-cve-2018-3180-cve-2018-3139/
IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli System Automation Application Manager (CVE-2018-3180, CVE-2018-3139)
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilities-in-ibm-java-sdk-affect-ibm-tivoli-system-automation-application-manager-cve-2018-3180-cve-2018-3139/
IBM Security Bulletin: IBM SPSS Statistics is affected by CVE-2018-3139 and CVE-2018-3180 vulnerabilities
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-spss-statistics-is-affected-by-cve-2018-3139-and-cve-2018-3180-vulnerabilities/
IBM Security Bulletin: IBM DataPower Gateway is affected by a vulnerability in Node.js (CVE-2018-12123)
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-datapower-gateway-is-affected-by-a-vulnerability-in-node-js-cve-2018-12123/
IBM Security Bulletin: Content Collector for Email is affected by 3RD PARTY Reflected XSS in WebSphereSamISP
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-content-collector-for-email-is-affected-by-3rd-party-reflected-xss-in-webspheresamisp/
IBM Security Bulletin: IBM PureApplication Service is affected by a GPFS vulnerability (CVE-2018-1723)
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-pureapplication-service-is-affected-by-a-gpfs-vulnerability-cve-2018-1723/
IBM Security Bulletin: IBM DataPower Gateway is affected by a message injection vulnerability (CVE-2018-1666)
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-datapower-gateway-is-affected-by-a-message-injection-vulnerability-cve-2018-1666/
IBM Security Bulletin: Content Collector for Email is affected by 3RD PARTY WebSphere XSS
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-content-collector-for-email-is-affected-by-3rd-party-websphere-xss/