End-of-Day report
Timeframe: Freitag 22-03-2019 18:00 - Montag 25-03-2019 18:00
Handler: Dimitri Robl
Co-Handler: Stephan Richter
News
Hackers Hijacked ASUS Software Updates to Install Backdoors on Thousands of Computers
The Taiwan-based tech giant ASUS is believed to have pushed the malware to hundreds of thousands of customers through its trusted automatic software update tool after attackers compromised the companys server and used it to push the malware to machines.
https://motherboard.vice.com/en_us/article/pan9wn/hackers-hijacked-asus-software-updates-to-install-backdoors-on-thousands-of-computers
Vulnerabilities
Security updates for Monday
Security updates have been issued by Arch Linux (firefox, libssh2, and powerdns), Debian (bash, firefox-esr, libapache2-mod-auth-mellon, ntfs-3g, openssh, passenger, rsync, and wireshark), Fedora (filezilla, libarchive, libssh2, mxml, php-twig, php-twig2, qemu, and tcpreplay), Slackware (mozilla), SUSE (ghostscript, kernel, libgxps, libjpeg-turbo, libqt5-qtimageformats, libqt5-qtsvg, openstack-cinder, openstack-horizon-plugin-designate-ui, openstack-neutron, openstack-neutron-lbaas, [...]
https://lwn.net/Articles/783953/
PHOENIX CONTACT command injection on RAD-80211-XD(/HP-BUS)
A WebHMI utility may be exploited by any logged in user allowing the execution of arbitrary OS commands on the server. This provides the opportunity for a command injection attack.
https://cert.vde.com/de-de/advisories/vde-2019-007
IBM Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Rational ClearCase (CVE-2018-0734, CVE-2018-5407)
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilities-in-openssl-affect-ibm-rational-clearcase-cve-2018-0734-cve-2018-5407/
IBM Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Rational ClearQuest (CVE-2018-0734, CVE-2018-5407)
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilities-in-openssl-affect-ibm-rational-clearquest-cve-2018-0734-cve-2018-5407/
IBM Security Bulletin: A security vulnerability in IBM Java Runtime affects IBM Rational ClearQuest (CVE-2018-3180)
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-a-security-vulnerability-in-ibm-java-runtime-affects-ibm-rational-clearquest-cve-2018-3180/
IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Rational ClearCase (CVE-2018-3180, CVE-2018-3139)
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilities-in-ibm-java-runtime-affect-ibm-rational-clearcase-cve-2018-3180-cve-2018-3139/
GNU C Library vulnerability CVE-2009-5155
https://support.f5.com/csp/article/K64119434
xpdf: Mehrere Schwachstellen ermöglichen Denial of Service
http://www.cert-bund.de/advisoryshort/CB-K19-0236