End-of-Day report
Timeframe: Donnerstag 02-01-2020 18:00 - Freitag 03-01-2020 18:00
Handler: Robert Waldner
Co-Handler: Dimitri Robl
News
Promiscuous Cookies and Their Impending Death via the SameSite Policy
Cookies like to get around. They have no scruples about where they go save for some basic constraints relating to the origin from which they were set. I mean have a think about it:If a website sets a cookie then you click a link to another page on that [...]
https://www.troyhunt.com/promiscuous-cookies-and-their-impending-death-via-the-samesite-policy/
Gefälschte E-Mail zu Amazon-Bestellung
Kriminelle versenden derzeit E-Mails zu einer angeblichen Amazon-Bestellung. In der Mail wird darauf hingewiesen, dass eine Bestellung von einem bisher nicht benutzten Gerät aus getätigt wurde. Im Anhang findet man ein PDF mit Infos zur angeblichen Bestellung und der Möglichkeit, die Bestellung zu stornieren. Wer das tut, gibt seine Amazon-Zugangsdaten an Kriminelle weiter!
https://www.watchlist-internet.at/news/gefaelschte-e-mail-zu-amazon-bestellung/
Vulnerabilities
Workaround verfügbar: Kritische Lücke in Citrix ADC und Gateway
Angreifer könnten Systeme mit Citrix ADC und Gateway attackieren und Schadcode ausführen. Patches sind bislang nicht erschienen.
https://heise.de/-4627525
Vulnerability Spotlight: Two buffer overflow vulnerabilities in OpenCV
Cisco Talos recently discovered two buffer overflow vulnerabilities in the OpenCV libraries. An attacker could potentially exploit these bugs to cause heap corruptions and potentially code execution. Intel Research originally developed OpenCV in 1999, but it is currently maintained by the non-profit organization OpenCV.org. OpenCV is used for numerous applications, including facial recognition technology, robotics, motion tracking [...]
https://blog.talosintelligence.com/2020/01/opencv-buffer-overflow-jan-2020.html
WooCommerce Conversion Tracking < 2.0.6 - CSRF to XSS
https://wpvulndb.com/vulnerabilities/10001
Security Bulletin: Security Vulnerabilities affect IBM Cloud Private - OpenSSL (CVE-2019-1563, CVE-2019-1549, CVE-2019-1547)
https://www.ibm.com/blogs/psirt/security-bulletin-security-vulnerabilities-affect-ibm-cloud-private-openssl-cve-2019-1563-cve-2019-1549-cve-2019-1547/
Security Bulletin: IBM Cloud Private is vulnerable to a Kubernetes vulnerability (CVE-ID: CVE-2019-11244)
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-cloud-private-is-vulnerable-to-a-kubernetes-vulnerability-cve-id-cve-2019-11244/
Security Bulletin: A vulnerability in IBM Java Runtime affects IBM Tivoli Storage Manager FastBack (CVE-2019-2816)
https://www.ibm.com/blogs/psirt/security-bulletin-a-vulnerability-in-ibm-java-runtime-affects-ibm-tivoli-storage-manager-fastback-cve-2019-2816/
Security Bulletin: Vulnerabities in SSL in IBM DataPower Gateway
https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabities-in-ssl-in-ibm-datapower-gateway/
Security Bulletin: IBM DataPower Gateway is potentially vulnerable to two cryptographic side-channel vulnerabilities in SSL.
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-datapower-gateway-is-potentially-vulnerable-to-two-cryptographic-side-channel-vulnerabilities-in-ssl/
Security Bulletin: Potential side-channel cryptographic vulnerabilities in IBM DataPower Gateway
https://www.ibm.com/blogs/psirt/security-bulletin-potential-side-channel-cryptographic-vulnerabilities-in-ibm-datapower-gateway/
Security Bulletin: Security Vulnerabilities affect IBM Cloud Private Cloud Foundry - Python (CVE-2019-9947, CVE-2019-9948)
https://www.ibm.com/blogs/psirt/security-bulletin-security-vulnerabilities-affect-ibm-cloud-private-cloud-foundry-python-cve-2019-9947-cve-2019-9948/
Security Bulletin: Potential disclosure of information in IBM DataPower Gateway (CVE-2018-14348)
https://www.ibm.com/blogs/psirt/security-bulletin-potential-disclosure-of-information-in-ibm-datapower-gateway-cve-2018-14348/
D-LINK Router: Schwachstelle ermöglicht Offenlegung von Informationen
http://www.cert-bund.de/advisoryshort/CB-K20-0002