End-of-Day report
Timeframe: Donnerstag 11-04-2019 18:00 - Freitag 12-04-2019 18:00
Handler: Robert Waldner
Co-Handler: n/a
News
0day im Internet Explorer: Dateidiebstahl auf Windows-PCs
Ein Problem im Internet-Explorer gefährdet alle Windows-Nutzer - auch wenn sie den Zombie-Browser nicht nutzen. Microsoft will das jedoch nicht patchen.
http://heise.de/-4398797
Messenger: Matrix.org-Server gehackt
Mit Matrix.org ist einer der am meisten genutzten Server des Messengers Matrix gehackt worden. Betroffene sollten umgehend ihr Passwört ändern. Auch der vermeintliche Angreifer gibt Sicherheitstipps auf Github. (Matrix, Instant Messenger)
https://www.golem.de/news/messenger-matrix-org-server-gehackt-1904-140655-rss.html
Bad news, everyone! New [BGP] hijack attack in the wild
With this article, we want to show an example of the attack where not only the true attacker was under the question, but the whole list of affected prefixes. Moreover, it again raises concerns about the possible motives for the future attack of this type.
https://habr.com/en/company/qrator/blog/447776/
Vulnerabilities
Vuln: Multiple VMware Products CVE-2019-5516 Out of Bounds Read Information Disclosure Vulnerability
VMWare Workstation, VMWare Fusion, VMWare Esxi
Multiple VMware products are prone to an information-disclosure vulnerability.
Attackers can exploit this issue to obtain sensitive information or cause denial-of-service condition.
http://www.securityfocus.com/bid/107878
Vuln: Oracle April 2019 Critical Patch Update Multiple Vulnerabilities
Oracle has released advance notification regarding the April 2019 Critical Patch Update (CPU) to be released on April 16, 2019. The update addresses 296 vulnerabilities
http://www.securityfocus.com/bid/107875
Security updates for Friday
Security updates have been issued by CentOS (freerdp, kernel, openssh, and python), Fedora (checkstyle), openSUSE (bluez, file, kernel, and libarchive), SUSE (apache2, curl, ghostscript, libvirt, openssh, and systemd), and Ubuntu (rssh).
https://lwn.net/Articles/785841/
WAGO Undocumented service access in Series 750-88x and 750-87x devices
CVE Identifier CVE-2019-10712
Severity 9.8 (CVSS:3.0:AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
https://cert.vde.com/de-de/advisories/vde-2019-008
IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Financial Transaction Manager for Corporate Payment Services for Multi-Platform v2.1.1
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilities-in-ibm-java-runtime-affect-financial-transaction-manager-for-corporate-payment-services-for-multi-platform-v2-1-1/
IBM Security Bulletin: Multiple Vulnerabilities in IBM Java SDK Affect IBM Algo Credit Manager
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilities-in-ibm-java-sdk-affect-ibm-algo-credit-manager-6/
IBM Security Bulletin: IBM Algo Credit Manager Is Affected by a Pivotal Spring Framework Vulnerability
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-algo-credit-manager-is-affected-by-a-pivotal-spring-framework-vulnerability/
IBM Security Bulletin: IBM BladeCenter Advanced Management Module (AMM) is affected by vulnerabilities in cURL (CVE-2018-16840 CVE-2018-16842)
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-bladecenter-advanced-management-module-amm-is-affected-by-vulnerabilities-in-curl-cve-2018-16840-cve-2018-16842/
IBM Security Bulletin: IBM BladeCenter Advanced Management Module (AMM) is affected by vulnerability in OpenSSH (CVE-2018-15473)
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-bladecenter-advanced-management-module-amm-is-affected-by-vulnerability-in-openssh-cve-2018-15473/
IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Watson Explorer and IBM Watson Content Analytics
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilities-in-ibm-java-runtime-affect-watson-explorer-and-ibm-watson-content-analytics/
IBM Security Bulletin: IBM BladeCenter Advanced Management Module (AMM) is affected by vulnerability in python (CVE-2018-14647)
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-bladecenter-advanced-management-module-amm-is-affected-by-vulnerability-in-python-cve-2018-14647/
IBM Security Bulletin: IBM BladeCenter Advanced Management Module (AMM) is affected by vulnerability in PHP (CVE-2018-17082)
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-bladecenter-advanced-management-module-amm-is-affected-by-vulnerability-in-php-cve-2018-17082/
IBM Security Bulletin: IBM BladeCenter Advanced Management Module (AMM) is affected by vulnerabilities in X.Org libx11 (CVE-2018-14599 CVE-2018-14598)
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-bladecenter-advanced-management-module-amm-is-affected-by-vulnerabilities-in-x-org-libx11-cve-2018-14599-cve-2018-14598/
Apache Thrift vulnerability CVE-2018-1320
https://support.f5.com/csp/article/K36361684