End-of-Day report
Timeframe: Montag 11-03-2019 18:00 - Dienstag 12-03-2019 18:00
Handler: Stephan Richter
Co-Handler: n/a
News
Sicherheitslücke: Serverbetreiber könnte Schweizer Onlinewahlen manipulieren
Eine schwere Sicherheitslücke im Onlinewahl-Code der Schweizer Post ermöglicht es dem Betreiber einer Wahl, das Ergebnis zu manipulieren. Die Schweizer Post weiß angeblich schon seit 2017 von dem Problem, der Hersteller hat es jedoch versäumt, den Fehler zu beheben.
https://www.golem.de/news/sicherheitsluecke-serverbetreiber-koennte-schweizer-onlinewahlen-manipulieren-1903-139955-rss.html
Unpatched Windows Bug Allows Attackers to Spoof Security Dialog Boxes
Microsoft wont be patching the bug, but a proof of concept shows the potential for successful malware implantation.
https://threatpost.com/windows-bug-spoof-dialog-boxes/142711/
Identitätsdiebstahl durch Stellenangebote auf ebay Kleinanzeigen
Wer auf ebay Kleinanzeigen oder ähnlichen Portalen nach Jobs sucht, muss sich vor betrügerischen Angeboten in Acht nehmen. Gute Bezahlung und Arbeit von zu Hause locken zahlreiche Interessent/innen an. So geschehen auch bei der angeblichen CEBIT GmbH: Jobsuchende, die sich hier bewerben und die geforderten Unterlagen versenden, werden Opfer eines Identitätsdiebstahls und eröffnen im Extremfall Bankkonten im eigenen Namen, die später missbraucht werden.
https://www.watchlist-internet.at/news/identitaetsdiebstahl-durch-stellenangebote-auf-ebay-kleinanzeigen/
WordPress shopping sites under attack
Hackers using cross-site scripting (XSS) flaw in abandoned cart plugin to take over vulnerable sites.
https://www.zdnet.com/article/wordpress-shopping-sites-under-attack/
Vulnerabilities
Security Bulletins Posted
Adobe has published security bulletins for Adobe Digital Editions (APSB19-16) and Adobe Photoshop CC (APSB19-15). Adobe recommends users update their product installations to the latest versions using the instructions referenced in the bulletin. This posting is provided "AS IS" with no warranties [...]
https://blogs.adobe.com/psirt/?p=1724
Siemens Security Advisories
New:
SSA-557804: Mirror Port Isolation Vulnerability in SCALANCE X switches
Updated:
SSA-168644: Spectre and Meltdown Vulnerabilities in Industrial Products
SSA-170881: Vulnerabilities in SINUMERIK Controllers
SSA-203306: Password Vulnerabilities in SIPROTEC 4 and SIPROTEC Compact Relay Families
SSA-254686: Foreshadow / L1 Terminal Fault Vulnerabilities in Industrial Products
SSA-346262: Denial-of-Service in Industrial Products
SSA-348629: Denial-of-Service Vulnerability in SIMATIC PCS 7, SIMATIC WinCC, SIMATIC WinCC Runtime Professional and SIMATIC NET PC Software
SSA-584286: Denial-of-Service Vulnerability in SIMATIC S7-1200 CPU and SIMATIC S7-1500 CPU
SSA-824231: Unauthenticated Firmware Upload Vulnerability in Desigo PX Controllers
SSB-439005: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP
https://new.siemens.com/global/en/products/services/cert.html
SAP Security Patch Day - March 2019
On 12th of March 2019, SAP Security Patch Day saw the release of 9 Security Notes. Additionally, there were 3 updates to previously released security notes. We would like to inform that the vulnerability fixed by security note 2764283 is expected to be presented by a researcher at a security conference in March 2019. Therefore, we recommend our Customers to apply the SAP Security Note on priority.
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=515408080
BIG-IP Configuration utility vulnerability CVE-2019-6598
BIG-IP Configuration utility vulnerability CVE-2019-6598 Security Advisory Security Advisory Description Malformed requests to the Traffic Management User Interface (TMUI), also referred to as the [...]
https://support.f5.com/csp/article/K44603900
Security updates for Tuesday
Security updates have been issued by Arch Linux (pacman), CentOS (java-1.7.0-openjdk), Debian (zabbix), Fedora (kernel-headers), openSUSE (libcomps), Oracle (kernel), Red Hat (chromium-browser), SUSE (ovmf and qemu), and Ubuntu (tiff).
https://lwn.net/Articles/782842/
[20190301] - Core - XSS in com_config JSON handler
http://feeds.joomla.org/~r/JoomlaSecurityNews/~3/JvJtucwH0Xs/772-20190301-core-xss-in-com-config-json-handler.html
[20190304] - Core - Missing ACL check in sample data plugins
http://feeds.joomla.org/~r/JoomlaSecurityNews/~3/yevVdAyNRRI/775-20190304-core-missing-acl-check-in-sample-data-plugins.html
[20190303] - Core - XSS in media form field
http://feeds.joomla.org/~r/JoomlaSecurityNews/~3/-7y5ceiY85g/774-20190303-core-xss-in-media-form-field.html
[20190302] - Core - XSS in item_title layout
http://feeds.joomla.org/~r/JoomlaSecurityNews/~3/uD680RYCbkk/773-20190302-core-xss-in-item-title-layout.html
IBM Security Bulletin: IBM Content Navigator is affected by a code execution vulnerability
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-content-navigator-is-affected-by-a-code-execution-vulnerability/
IBM Security Bulletin: Security Vulnerabilities affect IBM Cloud Private Storage - GlusterFS and Minio
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-security-vulnerabilities-affect-ibm-cloud-private-storage-glusterfs-and-minio/
IBM Security Bulletin: A Security Vulnerability affects IBM Cloud Private Kiali Istio addon
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-a-security-vulnerability-affects-ibm-cloud-private-kiali-istio-addon/
IBM Security Bulletin: A Security Vulnerability affects IBM Cloud Private Certificate Manager
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-a-security-vulnerability-affects-ibm-cloud-private-certificate-manager/
IBM Security Bulletin: Vulnerability in Kerberos affects Power Hardware Management Console ( CVE-2018-5730 CVE-2018-5729)
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-vulnerability-in-kerberos-affects-power-hardware-management-console-cve-2018-5730-cve-2018-5729/
IBM Security Bulletin: Vulnerability in GnuTLS affects Power Hardware Management Console ( CVE-2018-10845 CVE-2018-10844)
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-vulnerability-in-gnutls-affects-power-hardware-management-console-cve-2018-10845-cve-2018-10844/
IBM Security Bulletin: Vulnerability in OpenSSL affects Power Hardware Management Console
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-vulnerability-in-openssl-affects-power-hardware-management-console/
IBM Security Bulletin: Multiple security vulnerabilities affect Rational Engineering Lifecycle Manager
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-security-vulnerabilities-affect-rational-engineering-lifecycle-manager-2/
IBM Security Bulletin: Multiple Cross-site scripting vulnerabilities affect IBM® Rational® Team Concert
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-cross-site-scripting-vulnerabilities-affect-ibm-rational-team-concert/
IBM Security Bulletin: Multiple Security Vulnerabilities affect IBM® Rational® Quality Manager
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-security-vulnerabilities-affect-ibm-rational-quality-manager-6/