End-of-Day report
Timeframe: Donnerstag 27-06-2019 18:00 - Freitag 28-06-2019 18:00
Handler: Robert Waldner
Co-Handler: n/a
News
Vulnerabilities
Vuln: ImageMagick Multiple Security Vulnerabilities
Successfully exploiting these issues may allow an attacker to gain access to sensitive information, bypass certain security restrictions and to perform unauthorized actions or cause a denial-of-service condition. This may aid in launching further attacks. Due to the nature of this issue, code execution may be possible but this has not been confirmed.
ImageMagick version 7.0.8-34 is vulnerable; other versions may also be affected.
http://www.securityfocus.com/bid/108913
Vuln: OpenJPEG Multiple Security Vulnerabilities
Attackers can exploit these issues to cause the application to crash or execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely cause denial-of-service conditions.
OpenJPEG version 2.3.0 and prior are vulnerable; other versions may also be affected.
http://www.securityfocus.com/bid/108921
Vuln: Symantec Endpoint Encryption CVE-2019-9703 Local Privilege Escalation Vulnerability
Local attackers can exploit this issue to gain elevated privileges.
Versions prior to Symantec Endpoint Encryption 11.3.0 are vulnerable.
http://www.securityfocus.com/bid/108796
Vuln: Symantec Endpoint Encryption CVE-2019-9702 Local Privilege Escalation Vulnerability
Local attackers can exploit this issue to gain elevated privileges.
Versions prior to Symantec Endpoint Encryption 11.3.0 are vulnerable.
http://www.securityfocus.com/bid/108795
McAfee schließt mehrere Schwachstellen in Enterprise Security Manager
Neue Versionen des SIEM von McAfee beseitigen insgesamt zehn potenzielle Angriffspunkte, von denen zum Teil ein hohes Sicherheitsrisiko ausgeht.
https://heise.de/-4457190
Medtronic recalls vulnerable MiniMed insulin pumps
Medtronic, the world-s largest medical device company, has issued a recall of some of its insulin pumps because they can be tampered with by attackers. About the vulnerable devices The affected devices are insulin pumps from the MiniMed 508 and Paradigm series ...
https://www.helpnetsecurity.com/2019/06/28/hackable-medtronic-insulin-pumps-recall/
Security updates for Friday
Security updates have been issued by Debian (expat and mupdf), Fedora (drupal7-uuid, php-brumann-polyfill-unserialize, and php-typo3-phar-stream-wrapper2), openSUSE (thunderbird), Oracle (thunderbird and vim), SUSE (glibc), and Ubuntu (poppler).
https://lwn.net/Articles/792318/
IBM Security Bulletin: IBM QRadar Network Security is affected by a wget vulnerability (CVE-2019-5953)
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-qradar-network-security-is-affected-by-a-wget-vulnerability-cve-2019-5953/
IBM Security Bulletin: IBM QRadar Network Security is affected by Linux kernel vulnerabilities (CVE-2019-7221, CVE-2019-6974, CVE-2018-17972, CVE-2018-9568)
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-qradar-network-security-is-affected-by-linux-kernel-vulnerabilities-cve-2019-7221-cve-2019-6974-cve-2018-17972-cve-2018-9568/
IBM Security Bulletin: Information disclosure in WebSphere Application Server Admin Console (CVE-2019-4269)
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-information-disclosure-in-websphere-application-server-admin-console-cve-2019-4269/
IBM Security Bulletin: IBM QRadar Network Security is affected by Linux kernel vulnerabilities
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-qradar-network-security-is-affected-by-linux-kernel-vulnerabilities-3/
IBM Security Bulletin: IBM QRadar Network Security is affected by multiple libssh2 vulnerabilities (CVE-2019-3863, CVE-2019-3857, CVE-2019-3856, CVE-2019-3855)
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-qradar-network-security-is-affected-by-multiple-libssh2-vulnerabilities-cve-2019-3863-cve-2019-3857-cve-2019-3856-cve-2019-3855/
IBM Security Bulletin: IBM QRadar Network Security is affected by a an openssl vulnerability (CVE-2018-5407)
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-qradar-network-security-is-affected-by-a-an-openssl-vulnerability-cve-2018-5407/
IBM Security Bulletin: Sensitive information disclosure affects IBM License Metric Tool v9.x and IBM BigFix Inventory v9.x (CVE-2019-4369)
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-sensitive-information-disclosure-affects-ibm-license-metric-tool-v9-x-and-ibm-bigfix-inventory-v9-x-cve-2019-4369/
IBM Security Bulletin: Guardium StealthBits Integration is affected by an SQLite vulnerability
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-guardium-stealthbits-integration-is-affected-by-an-sqlite-vulnerability/
IBM Security Bulletin: IBM Security Guardium is affected by a kernel vulnerability
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-security-guardium-is-affected-by-a-kernel-vulnerability/
IBM Security Bulletin: IBM Security Guardium is affected by an OpenSSH vulnerability
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-security-guardium-is-affected-by-an-openssh-vulnerability/
F5 tmsh vulnerability CVE-2019-6642
https://support.f5.com/csp/article/K40378764
PHOENIX CONTACT Security Advisory for Industrial Controllers ILC1x0, ILC1x1, AXC1050 and AXC3050
https://cert.vde.com/de-de/advisories/vde-2019-015