Tageszusammenfassung - 12.02.2020

End-of-Day report

Timeframe: Dienstag 11-02-2020 18:00 - Mittwoch 12-02-2020 18:00 Handler: Thomas Pribitzer Co-Handler: Robert Waldner

News

Jenkins servers can be abused for DDoS attacks

DDoS attacks can reach an amplification factor of 100, but servers will crash very quickly.

https://www.zdnet.com/article/jenkins-servers-can-be-abused-for-ddos-attacks/

Vulnerabilities

Intel Releases Security Updates

Intel has released security updates to address vulnerabilities in multiple products. * RWC3 Advisory INTEL-SA-00341 * MPSS Advisory INTEL-SA-00340 * RWC2 Advisory INTEL-SA-00339 * SGX SDK Advisory INTEL-SA-00336 * CSME Advisory INTEL-SA-00307 * Renesas Electronics USB 3.0 Driver Advisory INTEL-SA-00273

https://www.us-cert.gov/ncas/current-activity/2020/02/11/intel-releases-security-updates

Patchday: Microsoft schließt Zero-Day-Lücke in Internet Explorer

Seit Januar gibt es Attacken auf Internet Explorer. Dem schiebt Microsoft nun einen Riegel vor. Außerdem gibt es Sicherheitsupdates für Windows & Co.

https://heise.de/-4658554

Security updates for Wednesday

Security updates have been issued by CentOS (spice-gtk), Debian (libemail-address-list-perl), openSUSE (chromium, libqt5-qtbase, nginx, systemd, and wicked), Oracle (spice-gtk), Slackware (firefox and thunderbird), and Ubuntu (libexif and Yubico PIV Tool).

https://lwn.net/Articles/812293/

Red Hat OpenShift Service Mesh: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen

Die Red Hat OpenShift Container Platform bietet Unternehmen die Möglichkeit der Steuerung ihrer Kubernetes Umgebungen. Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Red Hat OpenShift Service Mesh ausnutzen, um Sicherheitsvorkehrungen zu umgehen.

http://www.cert-bund.de/advisoryshort/CB-K20-0120

Security Advisory - Dangling Pointer Reference Vulnerability in Some Huawei Firewall Products

http://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20200212-01-firewall-en

Security Advisory - Memory Leak Vulnerability in Some Firewall Products

http://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20200212-02-firewall-en

Security Advisory - Denial of Service Vulnerability in Some Huawei Firewall Products

http://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20200212-03-firewall-en

Security Advisory - Small OOB Read Vulnerability in Huawei Product

http://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20200212-04-ipsec-en

Security Advisory - Double Free Memory Vulnerability in Huawei Products

http://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20200212-03-ipsec-en

Security Advisory - Denial of Service Vulnerability in Huawei Product

http://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20200212-02-ipsec-en

Security Advisory - Input Validation Vulnerability in Huawei Products

http://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20200212-01-ipsec-en

Security Bulletin: OpenSSL vulnerabilites (CVE-2019-1552) impacting IBM Aspera High-Speed Transfer Server, Aspera High-Speed Transfer Endpoint, Aspera Desktop 3.9.1 and earlier

https://www.ibm.com/blogs/psirt/security-bulletin-openssl-vulnerabilites-cve-2019-1552-impacting-ibm-aspera-high-speed-transfer-server-aspera-high-speed-transfer-endpoint-aspera-desktop-3-9-1-and-earlier/

Security Bulletin: Security Vulnerability in Expat affects IBM Netezza Analytics

https://www.ibm.com/blogs/psirt/security-bulletin-security-vulnerability-in-expat-affects-ibm-netezza-analytics/

Security Bulletin: OpenSSL vulnerabilites (CVE-2019-1563, CVE-2019-1547) impacting IBM Aspera High-Speed Transfer Server 3.9.1, Aspera High-Speed Transfer Endpoint, Aspera Desktop Client 3.9.1 and earlier

https://www.ibm.com/blogs/psirt/security-bulletin-openssl-vulnerabilites-cve-2019-1563-cve-2019-1547-impacting-ibm-aspera-high-speed-transfer-server-3-9-1-aspera-high-speed-transfer-endpoint-aspera-desktop-client-3-9-1-and-ear/

Security Bulletin: Multiple Vulnerabilities in OpenSSL Affect IBM Sterling Connect:Direct for HP NonStop

https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-openssl-affect-ibm-sterling-connectdirect-for-hp-nonstop/

Security Bulletin: Multiple vulnerabilities affect Rational Publishing Engine

https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-affect-rational-publishing-engine/

Security Bulletin: IBM Cognos Controller 2020Q1 Security Updater: Multiple Security Vulnerabilities have been identified in IBM Cognos Controller

https://www.ibm.com/blogs/psirt/security-bulletin-ibm-cognos-controller-2020q1-security-updater-multiple-security-vulnerabilities-have-been-identified-in-ibm-cognos-controller/

Security Bulletin: Curl vulnerabilities CVE-2019-5443 impact IBM Aspera High-Speed Transfer Server, IBM Aspera High-Speed Transfer Client, IBM Aspera Desktop Client 3.9.1 and earlier

https://www.ibm.com/blogs/psirt/security-bulletin-curl-vulnerabilities-cve-2019-5443-impact-ibm-aspera-high-speed-transfer-server-ibm-aspera-high-speed-transfer-client-ibm-aspera-desktop-client-3-9-1-and-earlier/

Security Bulletin: Vulnerabilities in Apache Tomcat affects IBM Platform Symphony

https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-in-apache-tomcat-affects-ibm-platform-symphony/

Security Bulletin: OpenSSL vulnerabilites impacting Aspera High-Speed Transfer Server, Aspera Desktop Client 3.9.1 and earlier (CVE-2019-1559)

https://www.ibm.com/blogs/psirt/security-bulletin-openssl-vulnerabilites-impacting-aspera-high-speed-transfer-server-aspera-desktop-client-3-9-1-and-earlier-cve-2019-1559/

Security Bulletin: OpenSSL vulnerabilites impacting Aspera High-Speed Transfer Server, Aspera Desktop Client 3.9.1 and earlier (CVE-2018-0734)

https://www.ibm.com/blogs/psirt/security-bulletin-openssl-vulnerabilites-impacting-aspera-high-speed-transfer-server-aspera-desktop-client-3-9-1-and-earlier-cve-2018-0734/

Red Hat Quay: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen

http://www.cert-bund.de/advisoryshort/CB-K20-0119