End-of-Day report
Timeframe: Donnerstag 23-05-2019 18:00 - Freitag 24-05-2019 18:00
Handler: Dimitri Robl
Co-Handler: Robert Waldner
News
Hacker veröffentlicht vier Windows-0-Day-Lücken innerhalb weniger Tage
Als "SandboxEscaper" und "Polar Bear" hat ein Hacker insgesamt vier bislang ungepatchte Windows-Lücken veröffentlicht. Grund zur Panik besteht aber nicht.
https://heise.de/-4430811
CEO Fraud goes WhatsApp
Uns wurde in den letzten Tagen von zwei Firmen berichtet, dass sie Ziel von CEO Fraud Versuchen waren, wobei der Kontakt per WhatsApp Nachricht erfolgte. Wir kannten das Schema bisher eigentlich nur per Email: Der "Geschäftsführer" verlangt per Mail die Hilfe bei einer wichtigen, aber vertraulichen Überweisung. Details siehe Wikipedia. Daher: bitte hier nicht nur an Email denken.
http://www.cert.at/services/blog/20190524171920-2476.html
Vulnerabilities
Security updates for Friday
Security updates have been issued by Debian (zookeeper), Fedora (kernel, singularity, and thunderbird), openSUSE (java-1_8_0-openjdk), Oracle (curl), Red Hat (firefox, libvirt, and virt:rhel), SUSE (php5, python-Jinja2, python-Pillow, and sysstat), and Ubuntu (MariaDB).
https://lwn.net/Articles/789353/
Vuln: Atlassian Bitbucket Server CVE-2019-3397 Directory Traversal Vulnerability
http://www.securityfocus.com/bid/108447
IBM Security Bulletin: A security vulnerability has been addressed in IBM Cognos Analytics (CVE-2019-4139)
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-a-security-vulnerability-has-been-addressed-in-ibm-cognos-analytics-cve-2019-4139/
IBM Security Bulletin: Cross-site scripting and failure to enforce HTTP Strict Transport Security vulnerabilities in IBM Spectrum Control (formerly Tivoli Storage Productivity Center) (CVE-2019-4137, CVE-2019-4138)
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-cross-site-scripting-and-failure-to-enforce-http-strict-transport-security-vulnerabilities-in-ibm-spectrum-control-formerly-tivoli-storage-productivity-center-cve-2019-4137/
IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Spectrum Control (formerly Tivoli Storage Productivity Center) (CVE-2019-2426, CVE-2018-12547, CVE-2018-1890)
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilities-in-ibm-java-sdk-affect-ibm-spectrum-control-formerly-tivoli-storage-productivity-center-cve-2019-2426-cve-2018-12547-cve-2018-1890/
IBM Security Bulletin: Guardium StealthBits Integration is affected by an OpenSSL vulnerability
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-guardium-stealthbits-integration-is-affected-by-an-openssl-vulnerability/
IBM Security Bulletin: OpenSSL vulnerability affects IBM Spectrum Control (formerly Tivoli Storage Productivity Center) (CVE-2019-1559)
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-openssl-vulnerability-affects-ibm-spectrum-control-formerly-tivoli-storage-productivity-center-cve-2019-1559/
IBM Security Bulletin: security vulnerability has been identified in OpenSSL, which is shipped with IBM Tivoli Network Manager IP Edition (CVE-2019-1559)
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-security-vulnerability-has-been-identified-in-openssl-which-is-shipped-with-ibm-tivoli-network-manager-ip-edition-cve-2019-1559/
IBM Security Bulletin: Potential denial of service vulnerability in WebSphere Application Server which affects IBM Spectrum Control (formerly Tivoli Storage Productivity Center) (CVE-2019-4046)
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-potential-denial-of-service-vulnerability-in-websphere-application-server-which-affects-ibm-spectrum-control-formerly-tivoli-storage-productivity-center-cve-2019-4046/
IBM Security Bulletin: Potential Spoofing vulnerability in WebSphere Application Server affects IBM Spectrum Control (formerly Tivoli Storage Productivity Center) (CVE-2018-1902)
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-potential-spoofing-vulnerability-in-websphere-application-server-affects-ibm-spectrum-control-formerly-tivoli-storage-productivity-center-cve-2018-1902/
Binutils vulnerability CVE-2019-9075
https://support.f5.com/csp/article/K42059040
Binutils vulnerability CVE-2019-9074
https://support.f5.com/csp/article/K09092524
GNU Binutils vulnerability CVE-2019-9077
https://support.f5.com/csp/article/K00056379