End-of-Day report
Timeframe: Donnerstag 09-05-2019 18:00 - Freitag 10-05-2019 18:00
Handler: Dimitri Robl
Co-Handler: Stephan Richter
News
Drupal: Security-Release fürs CMS repariert sicherheitsanfällige Komponente
Drupal-Nutzer sollten den CMS-Core aktualisieren. Die Entwickler haben eine Schwachstelle gefixt, die als "moderately critical" gilt.
https://heise.de/-4420050
BSI stellt Open-Source-Prüfwerkzeug für Evidence Records bereit
https://www.bsi.bund.de/DE/Presse/Kurzmeldungen/Meldungen/Pruefwerkzeug-Evidence-Records-190510.html
Types of backup and five backup mistakes to avoid
What are the main types of backup operations and how to avoid the sinking feeling of realizing that you may not get your data back? The post Types of backup and five backup mistakes to avoid appeared first on WeLiveSecurity
https://www.welivesecurity.com/2019/05/10/types-backup-mistakes-avoid/
Vulnerabilities
Security updates for Friday
Security updates have been issued by Debian (bind9, postgresql-9.6, qemu, and symfony), Fedora (kernel, kernel-tools, mod_cluster, rubygem-actioncable, rubygem-actionmailer, rubygem-actionpack, rubygem-actionview, rubygem-activejob, rubygem-activemodel, rubygem-activerecord, rubygem-activestorage, rubygem-activesupport, rubygem-rails, and rubygem-railties), openSUSE (wireshark), Red Hat (freeradius), Scientific Linux (freeradius), and Ubuntu (bind9 and wpa).
https://lwn.net/Articles/788066/
ZDI-19-459: (0Day) Hewlett Packard Enterprise Intelligent Management Center Standard ImcLoginMgrImpl Hard-coded Cryptographic Key Credentials Disclosure Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-19-459/
ZDI-19-458: (0Day) Hewlett Packard Enterprise Intelligent Management Center dbman Use of Hard-coded Credentials Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-19-458/
ZDI-19-457: (0Day) Hewlett Packard Enterprise Intelligent Management Center AMF3 Externalizable Deserialization of Untrusted Data Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-19-457/
ZDI-19-456: (0Day) Hewlett Packard Enterprise Intelligent Management Center AccessMgrServlet className Deserialization of Untrusted Data Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-19-456/
ZDI-19-455: (0Day) Hewlett Packard Enterprise Intelligent Management Center TopoMsgServlet Expression Language Injection Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-19-455/
ZDI-19-454: (0Day) Hewlett Packard Enterprise Intelligent Management Center soapConfigContent Expression Language Injection Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-19-454/
ZDI-19-453: (0Day) Hewlett Packard Enterprise Intelligent Management Center ictExpertCSVDownload Expression Language Injection Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-19-453/
ZDI-19-452: (0Day) Hewlett Packard Enterprise Intelligent Management Center iccSelectDevType Expression Language Injection Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-19-452/
Security Notice - Statement on the Suspected Huawei Issue in the U.S. DoDs 5G Ecosystem Report
http://www.huawei.com/en/psirt/security-notices/2019/huawei-sn-20190510-01-5g-en
IBM Security Bulletin: Security Vulnerability in IBM® Java SDK affect IBM Rational Team Concert Apr 2019 CPU
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-security-vulnerability-in-ibm-java-sdk-affect-ibm-rational-team-concert-apr-2019-cpu/
IBM Security Bulletin: Multiple Vulnerabilities in IBM® Java SDK affect WebSphere Application Server April 2019 CPU
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilities-in-ibm-java-sdk-affect-websphere-application-server-april-2019-cpu/
IBM Security Bulletin: A vulnerability has been identified in IBM Spectrum Scale with CES stack enabled that could allow sensitive data to be included with service snaps. This data could be sent to IBM during service engagements (CVE-2019-4259)
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-a-vulnerability-has-been-identified-in-ibm-spectrum-scale-with-ces-stack-enabled-that-could-allow-sensitive-data-to-be-included-with-service-snaps-this-data-could-be-sent-to-ib-2/
IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Financial Transaction Manager for ACH Services for Multi-Platform
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilities-in-ibm-java-runtime-affect-financial-transaction-manager-for-ach-services-for-multi-platform/
IBM Security Bulletin: Financial Transaction Manager for ACH Services is affected by a potential cross-site request forgery vulnerability (CVE-2018-1790)
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-financial-transaction-manager-for-ach-services-is-affected-by-a-potential-cross-site-request-forgery-vulnerability-cve-2018-1790/
Linux kernel vulnerability CVE-2018-13405
https://support.f5.com/csp/article/K00854051