Tageszusammenfassung - 18.07.2019

End-of-Day report

Timeframe: Mittwoch 17-07-2019 18:00 - Donnerstag 18-07-2019 18:00 Handler: Robert Waldner Co-Handler: n/a

News

Netz- und Informationssystemsicherheitsverordnung - NISV

Am 17.07.2019 wurde die Netz- und Informationssystemsicherheitsverordnung - NISV veröffentlicht. Diese ergänzt das Bundesgesetz zur Gewährleistung eines hohen Sicherheitsniveaus von Netz- und Informationssystemen (Netz- und Informationssystemsicherheitsgesetz - NISG) und bietet die Grundlage für die Identifizierung der Betreiber wesentlicher Dienste.

https://www.ris.bka.gv.at/Dokumente/BgblAuth/BGBLA_2019_II_215/BGBLA_2019_II_215.html

WeAct: Datenleck bei Petitionsplattform von Campact

Ein Fehler auf der Petitionsplattform WeAct von Campact ermöglichte den Zugriff auf die Daten der Unterstützer. Rund 1,8 Millionen Unterzeichner sind betroffen. Die Nichtregierungsorganisation hat die Hintergründe des Fehlers veröffentlicht. (Datenleck, Datenschutz)

https://www.golem.de/news/weact-datenleck-bei-petitionsplattform-von-campact-1907-142648-rss.html

Unseriöse Shops: Versprechen Wunderdinge - liefern minderwertige Ware!

Konsument/innen stoßen beim Surfen im Internet immer wieder auf Werbung zu Produkten, die wahre Wunderdinge versprechen. Während manche Gegenstände halten, was sie versprechen, wird in anderen Fällen billigste Ware durch aggressive Werbung an die Frau und den Mann gebracht. Ähnliches gilt für Websites wie wifiboost.pro, airfreez.pro, coolblade.pro oder cleanaqua.pro, die darüber hinaus zahlreiche gesetzliche Vorgaben beim Verkauf missachten.

https://www.watchlist-internet.at/news/unserioese-shops-versprechen-wunderdinge-liefern-minderwertige-ware/

Zoom RCE only hit those who uninstalled it: Assetnote

Local webserver searched for domain suffixes that left it open to exploitation.

https://www.zdnet.com/article/zoom-rce-only-hit-those-who-uninstalled-it-assetnote/#ftag=RSSbaffb68

Vulnerabilities

Wireshark: ASN.1 BER and related dissectors crash

It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file.

https://www.wireshark.org/security/wnpa-sec-2019-20.html

Security updates for Thursday

Security updates have been issued by Arch Linux (chromium, firefox, and squid), CentOS (thunderbird and vim), Debian (libonig), SUSE (firefox, glibc, kernel, libxslt, and tomcat), and Ubuntu (libreoffice and thunderbird).

https://lwn.net/Articles/794104/

Cisco IOS Access Points Software 802.11r Fast Transition Denial of Service Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190717-aironet-dos

Cisco Industrial Network Director Web Services Management Agent Unauthorized Information Disclosure Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190717-wsma-info

Cisco Small Business SPA500 Series IP Phones Local Command Execution Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190717-spa500-command

Cisco Vision Dynamic Signage Director REST API Authentication Bypass Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190717-cvdsd-wmauth

Cisco FindIT Network Management Software Static Credentials Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190717-cfnm-statcred

Security Advisory - Improper Authentication Vulnerability on PC Manager

http://www.huawei.com/en/psirt/security-advisories/2019/huawei-sa-20190718-01-pcmanager-en

IBM Security Bulletin: IBM WebSphere Cast Iron Solution is affected by Apache Tomcat vulnerabilities CVE-2019-10072

https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-websphere-cast-iron-solution-is-affected-by-apache-tomcat-vulnerabilities-cve-2019-10072/

IBM Security Bulletin: Security Bulletin: Multiple vulnerabilities in current releases of the IBM® SDK, Java- Technology Edition affect IBM Tivoli Network Manager IP Edition (CVE-2018-1890, CVE-2019-2426)

https://www.ibm.com/blogs/psirt/ibm-security-bulletin-security-bulletin-multiple-vulnerabilities-in-current-releases-of-the-ibm-sdk-java-technology-edition-affect-ibm-tivoli-network-manager-ip-edition-cve-2018-189/

IBM Security Bulletin: A vulnerability in IBM WebSphere Application Server affects IBM Spectrum Scale packaged in IBM Elastic Storage Server (CVE-2019-4046)

https://www.ibm.com/blogs/psirt/ibm-security-bulletin-a-vulnerability-in-ibm-websphere-application-server-affects-ibm-spectrum-scale-packaged-in-ibm-elastic-storage-server-cve-2019-4046/

IBM Security Bulletin: An IBM QRadar SIEM protocol is vulnerable to Incorrect Permission Assignment (CVE-2018-2024)

https://www.ibm.com/blogs/psirt/ibm-security-bulletin-an-ibm-qradar-siem-protocol-is-vulnerable-to-incorrect-permission-assignment-cve-2018-2024/

IBM Security Bulletin: A vulnerability in IBM Java SDK and IBM Java Runtime affects IBM QRadar SIEM

https://www.ibm.com/blogs/psirt/ibm-security-bulletin-a-vulnerability-in-ibm-java-sdk-and-ibm-java-runtime-affects-ibm-qradar-siem/

IBM Security Bulletin: Asset Analyzer (RAA) is affected by a WebSphere Application Server vulnerability

https://www.ibm.com/blogs/psirt/ibm-security-bulletin-asset-analyzer-raa-is-affected-by-a-websphere-application-server-vulnerability/

IBM Security Bulletin: IBM Watson Studio - Local allows mounting glusterFS without security check

https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-watson-studio-local-allows-mounting-glusterfs-without-security-check/

IBM Security Bulletin: Multiple vulnerabilities affect Watson Explorer (CVE-2017-14166, CVE-2017-14501, CVE-2017-14502, CVE-2017-14503)

https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilities-affect-watson-explorer-cve-2017-14166-cve-2017-14501-cve-2017-14502-cve-2017-14503/