End-of-Day report
Timeframe: Freitag 17-05-2019 18:00 - Montag 20-05-2019 18:00
Handler: Robert Waldner
Co-Handler: n/a
News
Sicherheitslücke: Linksys-Router leaken offenbar alle verbundenen Geräte
Linksys will die Sicherheitslücke bereits 2014 geschlossen haben, doch laut dem Sicherheitsforscher Troy Mursch leaken die Router weiterhin die Daten aller jemals verbundenen Geräte. (Router-Lücke, Netzwerk)
https://www.golem.de/news/sicherheitsluecke-linksys-router-leaken-offenbar-alle-verbundenen-geraete-1905-141367-rss.html
ENISA is setting the ground for Industry 4.0 Cybersecurity
The EU Agency for Cybersecurity ENISA is stepping up its efforts to foster cybersecurity for Industry 4.0 by publishing a new paper on -Challenges and Recommendations for Industry 4.0 Cybersecurity- .
https://www.enisa.europa.eu/news/enisa-news/enisa-is-setting-the-ground-for-industry-4-0-cybersecurity
Security researchers discover Linux version of Winnti malware
Winnti Linux variant used in 2015 in the hack of a Vietnamese gaming company.
https://www.zdnet.com/article/security-researchers-discover-linux-version-of-winnti-malware/#ftag=RSSbaffb68
Vulnerabilities
Security updates for Monday
Security updates have been issued by Debian (cups-filters, dhcpcd5, faad2, ghostscript, graphicsmagick, jruby, lemonldap-ng, and libspring-security-2.0-java), Fedora (gnome-desktop3, java-1.8.0-openjdk-aarch32, libu2f-host, samba, sqlite, webkit2gtk3, xen, and ytnef), Mageia (docker, flash-player-plugin, freeradius, libsndfile, libxslt, mariadb, netpbm, python-jinja2, tomcat-native, and virtualbox), openSUSE (kernel and ucode-intel), and SUSE (kernel, kvm, libvirt, nmap, and transfig).
https://lwn.net/Articles/788911/
MIELE Multiple Vulnerabilities in XGW 3000 ZigBee Gateway
Miele XGW 3000 is prone to mutiple vulerabilities in version <= 2.3.4 (1.4.6)
https://cert.vde.com/de-de/advisories/vde-2019-010
IBM Security Bulletin: Vulnerabiliies in ghostscript affect PowerKVM
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-vulnerabiliies-in-ghostscript-affect-powerkvm/
IBM Security Bulletin: A vulnerability in OpenSSL affects PowerKVM
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-a-vulnerability-in-openssl-affects-powerkvm/
IBM Security Bulletin: A vulnerability in Corosync affects PowerKVM
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-a-vulnerability-in-corosync-affects-powerkvm/
IBM Security Bulletin: A vulnerability in Docker affects PowerKVM
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-a-vulnerability-in-docker-affects-powerkvm/
IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Tivoli Netcool/OMNIbus (Multiple CVEs)
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilities-in-ibm-java-runtime-affect-tivoli-netcool-omnibus-multiple-cves-3/
IBM Security Bulletin: API Connect V2018 is impacted by a directory traversal vulnerability in Kubernetes (CVE-2019-1002101)
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-api-connect-v2018-is-impacted-by-a-directory-traversal-vulnerability-in-kubernetes-cve-2019-1002101/
IBM Security Bulletin: API Connect V2018 is impacted by a security degradation vulnerability in Kubernetes (CVE-2019-9946)
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-api-connect-v2018-is-impacted-by-a-security-degradation-vulnerability-in-kubernetes-cve-2019-9946/
IBM Security Bulletin: API Connect V5 is impacted by information disclosure (CVE-2018-1991)
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-api-connect-v5-is-impacted-by-information-disclosure-cve-2018-1991/
HPESBST03928 rev.1 - Command View Advanced Edition (CVAE) Products using JDK, Multiple Vulnerabilities
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03928en_us
HPESBHF03917 rev.1 - HPE Integrated Lights-Out 4 (iLO 4) for Gen9 servers and Integrated Lights-Out 5 (iLO 5) for Gen10 Servers, Multiple Remote Vulnerabilities
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03917en_us