End-of-Day report
Timeframe: Dienstag 11-02-2020 18:00 - Mittwoch 12-02-2020 18:00
Handler: Thomas Pribitzer
Co-Handler: Robert Waldner
News
Jenkins servers can be abused for DDoS attacks
DDoS attacks can reach an amplification factor of 100, but servers will crash very quickly.
https://www.zdnet.com/article/jenkins-servers-can-be-abused-for-ddos-attacks/
Vulnerabilities
Intel Releases Security Updates
Intel has released security updates to address vulnerabilities in multiple products.
* RWC3 Advisory INTEL-SA-00341
* MPSS Advisory INTEL-SA-00340
* RWC2 Advisory INTEL-SA-00339
* SGX SDK Advisory INTEL-SA-00336
* CSME Advisory INTEL-SA-00307
* Renesas Electronics USB 3.0 Driver Advisory INTEL-SA-00273
https://www.us-cert.gov/ncas/current-activity/2020/02/11/intel-releases-security-updates
Patchday: Microsoft schließt Zero-Day-Lücke in Internet Explorer
Seit Januar gibt es Attacken auf Internet Explorer. Dem schiebt Microsoft nun einen Riegel vor. Außerdem gibt es Sicherheitsupdates für Windows & Co.
https://heise.de/-4658554
Security updates for Wednesday
Security updates have been issued by CentOS (spice-gtk), Debian (libemail-address-list-perl), openSUSE (chromium, libqt5-qtbase, nginx, systemd, and wicked), Oracle (spice-gtk), Slackware (firefox and thunderbird), and Ubuntu (libexif and Yubico PIV Tool).
https://lwn.net/Articles/812293/
Red Hat OpenShift Service Mesh: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen
Die Red Hat OpenShift Container Platform bietet Unternehmen die Möglichkeit der Steuerung ihrer Kubernetes Umgebungen.
Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Red Hat OpenShift Service Mesh ausnutzen, um Sicherheitsvorkehrungen zu umgehen.
http://www.cert-bund.de/advisoryshort/CB-K20-0120
2020-02-12: Vulnerability in ABB Asset Suite - Direct Object Reference
https://search.abb.com/library/Download.aspx?DocumentID=9AKK107492A9962&LanguageCode=en&DocumentPartId=&Action=Launch
2020-02-12: Vulnerabilities in ABB eSOMS
https://search.abb.com/library/Download.aspx?DocumentID=9AKK107492A9964&LanguageCode=en&DocumentPartId=&Action=Launch
Wordpress Plugin: GDPR Cookie Consent < 1.8.3 - Improper Access Controls
https://wordpress.org/plugins/cookie-law-info/
Security Advisory - Dangling Pointer Reference Vulnerability in Some Huawei Firewall Products
http://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20200212-01-firewall-en
Security Advisory - Memory Leak Vulnerability in Some Firewall Products
http://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20200212-02-firewall-en
Security Advisory - Denial of Service Vulnerability in Some Huawei Firewall Products
http://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20200212-03-firewall-en
Security Advisory - Small OOB Read Vulnerability in Huawei Product
http://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20200212-04-ipsec-en
Security Advisory - Double Free Memory Vulnerability in Huawei Products
http://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20200212-03-ipsec-en
Security Advisory - Denial of Service Vulnerability in Huawei Product
http://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20200212-02-ipsec-en
Security Advisory - Input Validation Vulnerability in Huawei Products
http://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20200212-01-ipsec-en
Security Bulletin: OpenSSL vulnerabilites (CVE-2019-1552) impacting IBM Aspera High-Speed Transfer Server, Aspera High-Speed Transfer Endpoint, Aspera Desktop 3.9.1 and earlier
https://www.ibm.com/blogs/psirt/security-bulletin-openssl-vulnerabilites-cve-2019-1552-impacting-ibm-aspera-high-speed-transfer-server-aspera-high-speed-transfer-endpoint-aspera-desktop-3-9-1-and-earlier/
Security Bulletin: Security Vulnerability in Expat affects IBM Netezza Analytics
https://www.ibm.com/blogs/psirt/security-bulletin-security-vulnerability-in-expat-affects-ibm-netezza-analytics/
Security Bulletin: OpenSSL vulnerabilites (CVE-2019-1563, CVE-2019-1547) impacting IBM Aspera High-Speed Transfer Server 3.9.1, Aspera High-Speed Transfer Endpoint, Aspera Desktop Client 3.9.1 and earlier
https://www.ibm.com/blogs/psirt/security-bulletin-openssl-vulnerabilites-cve-2019-1563-cve-2019-1547-impacting-ibm-aspera-high-speed-transfer-server-3-9-1-aspera-high-speed-transfer-endpoint-aspera-desktop-client-3-9-1-and-ear/
Security Bulletin: Multiple Vulnerabilities in OpenSSL Affect IBM Sterling Connect:Direct for HP NonStop
https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-openssl-affect-ibm-sterling-connectdirect-for-hp-nonstop/
Security Bulletin: Multiple vulnerabilities affect Rational Publishing Engine
https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-affect-rational-publishing-engine/
Security Bulletin: IBM Cognos Controller 2020Q1 Security Updater: Multiple Security Vulnerabilities have been identified in IBM Cognos Controller
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-cognos-controller-2020q1-security-updater-multiple-security-vulnerabilities-have-been-identified-in-ibm-cognos-controller/
Security Bulletin: Curl vulnerabilities CVE-2019-5443 impact IBM Aspera High-Speed Transfer Server, IBM Aspera High-Speed Transfer Client, IBM Aspera Desktop Client 3.9.1 and earlier
https://www.ibm.com/blogs/psirt/security-bulletin-curl-vulnerabilities-cve-2019-5443-impact-ibm-aspera-high-speed-transfer-server-ibm-aspera-high-speed-transfer-client-ibm-aspera-desktop-client-3-9-1-and-earlier/
Security Bulletin: Vulnerabilities in Apache Tomcat affects IBM Platform Symphony
https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-in-apache-tomcat-affects-ibm-platform-symphony/
Security Bulletin: OpenSSL vulnerabilites impacting Aspera High-Speed Transfer Server, Aspera Desktop Client 3.9.1 and earlier (CVE-2019-1559)
https://www.ibm.com/blogs/psirt/security-bulletin-openssl-vulnerabilites-impacting-aspera-high-speed-transfer-server-aspera-desktop-client-3-9-1-and-earlier-cve-2019-1559/
Security Bulletin: OpenSSL vulnerabilites impacting Aspera High-Speed Transfer Server, Aspera Desktop Client 3.9.1 and earlier (CVE-2018-0734)
https://www.ibm.com/blogs/psirt/security-bulletin-openssl-vulnerabilites-impacting-aspera-high-speed-transfer-server-aspera-desktop-client-3-9-1-and-earlier-cve-2018-0734/
Red Hat Quay: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen
http://www.cert-bund.de/advisoryshort/CB-K20-0119