End-of-Day report
Timeframe: Freitag 01-03-2019 18:00 - Montag 04-03-2019 18:00
Handler: Robert Waldner
Co-Handler: n/a
News
The Overlooked Security Threat of Sign-In Kiosks
New research from IBM shows that several visitor management systems had a rash of vulnerabilities.
https://www.wired.com/story/visitor-management-system-vulnerabilities
Cisco-Router: Forscher melden Hinweise auf aktive Angriffe
Eine vergangene Woche gepatchte Sicherheitslücke in mehreren Cisco-Geräten scheint nun aktiv von Angreifern ausgenutzt zu werden. Nutzer sollten zügig handeln.
http://heise.de/-4325072
Vulnerabilities
Sicherheitslücke: Adobe veröffentlicht Sicherheitsupdate für Coldfusion
Adobe hat für die Coldfusion-Versionen 11, 2016 und 2018 ein wichtiges Sicherheitsupdate veröffentlicht. Anwender sollten es möglichst schnell installieren. Der Grund sind laufende Angriffe. (Adobe, Sicherheitslücke)
https://www.golem.de/news/sicherheitsluecke-adobe-veroeffentlicht-sicherheitsupdate-fuer-coldfusion-1903-139758-rss.html
Frist verstrichen: Google enthüllt ungepatchte Schwachstelle im macOS-Kernel
Apple hat einen Bug in XNU nach 90 Tagen nicht beseitigt, nun wurden Details veröffentlicht. Googles Project Zero stuft die Schwere der Lücke als "hoch" ein.
http://heise.de/-4325636
Security updates for Monday
Security updates have been issued by Arch Linux (chromium, file, gdm, lib32-openssl-1.0, openssl-1.0, and pcre), Debian (advancecomp, ceph, jackson-databind, openssh, and openssl), Fedora (community-mysql, distcc, freerdp, gdm, gnome-boxes, libexif, openocd, pidgin-sipe, remmina, SDL, and xpdf), openSUSE (kernel-firmware and php5), Oracle (java-1.8.0-openjdk and java-11-openjdk), Slackware (infozip and python), and SUSE (caasp-container-manifests, changelog-generator-data-sles12sp3-velum,
https://lwn.net/Articles/781243/
Vuln: EMC RSA Authentication Manager CVE-2019-3711 Information Disclosure Vulnerability
http://www.securityfocus.com/bid/107210
IBM Security Bulletin: Potential WebSphere Application Server weakness in security affects IBM Spectrum Control (formerly Tivoli Storage Productivity Center) (CVE-2018-1996)
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-potential-websphere-application-server-weakness-in-security-affects-ibm-spectrum-control-formerly-tivoli-storage-productivity-center-cve-2018-1996/
IBM Security Bulletin: IBM InfoSphere Change Data Capture is affected by a jackson-core open source library vulnerability (CVE-2018-0125)
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-infosphere-change-data-capture-is-affected-by-a-jackson-core-open-source-library-vulnerability-cve-2018-0125/
IBM Security Bulletin: InfoSphere Data Replication is affected by a Guava open source library vulnerability (CVE-2018-10237)
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-infosphere-data-replication-is-affected-by-a-guava-open-source-library-vulnerability-cve-2018-10237/
IBM Security Bulletin: OpenSSL DSA signature algorithm security vulnerability affects IBM Spectrum Control (formerly Tivoli Storage Productivity Center) (CVE-2018-0734)
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-openssl-dsa-signature-algorithm-security-vulnerability-affects-ibm-spectrum-control-formerly-tivoli-storage-productivity-center-cve-2018-0734/
IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Spectrum Control (formerly Tivoli Storage Productivity Center) (CVE-2018-3139, CVE-2018-3180)
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilities-in-ibm-java-sdk-affect-ibm-spectrum-control-formerly-tivoli-storage-productivity-center-cve-2018-3139-cve-2018-3180/
IBM Security Bulletin: Privilege Escalation Vulnerability in WebSphere Application Server affects IBM Spectrum Control (formerly Tivoli Storage Productivity Center) (CVE-2018-1901)
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-privilege-escalation-vulnerability-in-websphere-application-server-affects-ibm-spectrum-control-formerly-tivoli-storage-productivity-center-cve-2018-1901/
IBM Security Bulletin: IBM InfoSphere Change Data Capture is affected by a Jackson 2.3.3 and 2.4.4 open source library vulnerabilities
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-infosphere-change-data-capture-is-affected-by-a-jackson-2-3-3-and-2-4-4-open-source-library-vulnerabilities/
IBM Security Bulletin: IBM Cloud Private middleware is vulnerable to attack from redirect calls
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-cloud-private-middleware-is-vulnerable-to-attack-from-redirect-calls/
IBM Security Bulletin: A Security Vulnerability affects IBM Cloud Private - CVE-2018-1938
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-a-security-vulnerability-affects-ibm-cloud-private-cve-2018-1938/
IBM Security Bulletin: A Security Vulnerability affects IBM Cloud Private - CVE-2018-1937
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-a-security-vulnerability-affects-ibm-cloud-private-cve-2018-1937/
IBM Security Bulletin: IBM Cloud Kubernetes Service is affected by a privilege escalation vulnerability in runc
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-cloud-kubernetes-service-is-affected-by-a-privilege-escalation-vulnerability-in-runc/
HPESBHF03913 rev.1 - HPE OneSphere, Container Breakout
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03913en_us