End-of-Day report
Timeframe: Mittwoch 10-06-2020 18:00 - Freitag 12-06-2020 18:00
Handler: Dimitri Robl
Co-Handler: Stephan Richter
News
Hackers are quick to notice exposed Elasticsearch servers
Bad guys find unprotected Elasticsearch servers exposed on the web faster than search engines can index them. A study found that threat actors are mainly going for cryptocurrency mining and credential theft.
https://www.bleepingcomputer.com/news/security/hackers-are-quick-to-notice-exposed-elasticsearch-servers/
Intel patches chip flaw that could leak your cryptographic secrets
Intel chip features that were intended to help you do cryptography better could have leaked your inner secrets.
https://nakedsecurity.sophos.com/2020/06/12/intel-patches-chip-flaw-that-could-leak-your-cryptographic-secrets/
ConnectWise issues a slightly scary but unusually significant security advisory
Because IT service providers use ConnectWise to run your IT and this is its first-ever bug report
ConnectWise isn't a vendor most Reg readers deal with directly, but the fact the company has just issued its first-ever security advisory deserves attention.
https://go.theregister.com/feed/www.theregister.com/2020/06/12/connectwise_security/
Vulnerabilities
Security updates for Friday
Security updates have been issued by CentOS (tomcat), Debian (intel-microcode, libphp-phpmailer, mysql-connector-java, python-django, thunderbird, and xawtv), Fedora (kernel and thunderbird), Gentoo (perl), openSUSE (libexif and vim), Oracle (dotnet, kernel, microcode_ctl, and tomcat), Red Hat (net-snmp), Scientific Linux (libexif and tomcat), Slackware (kernel), and SUSE (adns, audiofile, ed, kvm, nodejs12, and xen).
https://lwn.net/Articles/822964/
Critical Vulnerabilities Expose Siemens LOGO! Controllers to Attacks
Siemens- LOGO! programmable logic controllers (PLCs) are affected by critical vulnerabilities that can be exploited remotely to launch denial-of-service (DoS) attacks and modify the device-s configuration.
https://www.securityweek.com/critical-vulnerabilities-expose-siemens-logo-controllers-attacks
6 New Vulnerabilities Found on D-Link Home Routers
Six new D-Link vulnerabilities found in D-Links DIR-865L home cloud router. Consumers should patch ASAP.
https://unit42.paloaltonetworks.com/6-new-d-link-vulnerabilities-found-on-home-routers/
Vulnerabilities in Citrix Workspace app and Receiver for Windows
Vulnerabilities have been identified in Citrix Workspace app and Receiver for Windows that could result in a local user escalating their privilege level to administrator during the uninstallation process.
https://support.citrix.com/article/CTX275460
Red Hat JBoss Application Server (JBoss): Mehrere Schwachstellen
http://www.cert-bund.de/advisoryshort/CB-K20-0580
Drupal: Mehrere Schwachstellen
http://www.cert-bund.de/advisoryshort/CB-K20-0579
WordPress: Mehrere Schwachstellen
http://www.cert-bund.de/advisoryshort/CB-K20-0583
Security Advisory - Denial of Service Vulnerability in Huawei FusionAccess Product
http://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20200610-01-fusionacces-en
Security Advisory - FasterXML Jackson-databind Injection Vulnerability in Huawei Products
http://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20200610-01-fastjason-en
Security Bulletin: Vulnerabilities CVE-2020-1927 and CVE-2020-1934 in Apache HTTP Server affect IBM i
https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-cve-2020-1927-and-cve-2020-1934-in-apache-http-server-affect-ibm-i/
Security Bulletin: Multiple Oracle Database Server Security Vulnerabilities Affect IBM Emptoris Program Management
https://www.ibm.com/blogs/psirt/security-bulletin-multiple-oracle-database-server-security-vulnerabilities-affect-ibm-emptoris-program-management/
Security Bulletin: IBM Workload Scheduler potentially vulnerable to cross site scripting
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-workload-scheduler-potentially-vulnerable-to-cross-site-scripting/
Security Bulletin: IBM Event Streams is affected by Apache CXF vulnerability CVE-2019-12406
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-event-streams-is-affected-by-apache-cxf-vulnerability-cve-2019-12406/
Security Bulletin: Multiple Oracle Database Server Security Vulnerabilities Affect IBM Emptoris Supplier Lifecycle Mgmt
https://www.ibm.com/blogs/psirt/security-bulletin-multiple-oracle-database-server-security-vulnerabilities-affect-ibm-emptoris-supplier-lifecycle-mgmt-2/
Security Bulletin: Multiple Oracle Database Server Security Vulnerabilities Affect IBM Emptoris Contract Management
https://www.ibm.com/blogs/psirt/security-bulletin-multiple-oracle-database-server-security-vulnerabilities-affect-ibm-emptoris-contract-management-2/
Security Bulletin: Multiple Oracle Database Server Security Vulnerabilities Affect IBM Emptoris Strategic Supply Management Platform
https://www.ibm.com/blogs/psirt/security-bulletin-multiple-oracle-database-server-security-vulnerabilities-affect-ibm-emptoris-strategic-supply-management-platform-2/
Security Bulletin: IBM Event Streams is affected by Go vulnerability CVE-2019-16276
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-event-streams-is-affected-by-go-vulnerability-cve-2019-16276/
Security Bulletin: IBM Event Streams is affected by WebSphere Liberty Profile vulnerability CVE-2019-4441
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-event-streams-is-affected-by-websphere-liberty-profile-vulnerability-cve-2019-4441/
Security Bulletin: IBM Event Streams is affected by jackson-databind vulnerability CVE-2019-20330
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-event-streams-is-affected-by-jackson-databind-vulnerability-cve-2019-20330/
Security Bulletin: Multiple Oracle Database Server Security Vulnerabilities Affect IBM Emptoris Supplier Lifecycle Mgmt
https://www.ibm.com/blogs/psirt/security-bulletin-multiple-oracle-database-server-security-vulnerabilities-affect-ibm-emptoris-supplier-lifecycle-mgmt/
Security Bulletin: IBM API Connect V5 is vulnerable to cross site scripting (XSS) (CVE-2020-4251)
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-api-connect-v5-is-vulnerable-to-cross-site-scripting-xss-cve-2020-4251/
Security Bulletin: IBM Event Streams is affected by kafka vulnerability CVE-2019-12399
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-event-streams-is-affected-by-kafka-vulnerability-cve-2019-12399/