Tageszusammenfassung - 15.04.2021
End-of-Day report
Timeframe: Mittwoch 14-04-2021 18:00 - Donnerstag 15-04-2021 18:00 Handler: Dimitri Robl Co-Handler: Stephan Richter
News
Sicherheitslücken: Link anklicken führt zu Remote Code Execution
In zahlreichen Applikationen finden sich Sicherheitslücken bei der Verarbeitung von Links, betroffen sind unter anderem VLC, Libreoffice und Telegram.
WordPress Continues to Fall Victim to Carding Attacks
Unsurprisingly, as WordPress continues to increase in popularity as an e-commerce platform, attackers continue to attempt to steal credit card information from unsuspecting clients. Currently, the WordPress plugin WooCommerce accounts for roughly a quarter of all online stores. Over recent years, attackers whose goal it is to fradulently obtain credit card information have mostly focused on e-commerce specific platforms such as Magento, PrestaShop and OpenCart [...]
https://blog.sucuri.net/2021/04/credit-card-swipers-in-wordpress.html
Exploit for Second Unpatched Chromium Flaw Made Public Just After First Is Patched
A researcher has made public an exploit and details for an unpatched vulnerability affecting Chrome, Edge and other web browsers that are based on the open source Chromium project. This is the second Chromium proof-of-concept (PoC) exploit released this week.
Vulnerabilities
SSA-875726 V1.0: Privilege Escalation Vulnerability in Mendix
The latest updates for Mendix fix a vulnerability in Mendix Applications that could allow malicious authorized users to escalate their privileges. Mendix has released an update for Mendix and recommends to update to the latest version.
https://cert-portal.siemens.com/productcert/txt/ssa-875726.txt
Security updates for Thursday
Security updates have been issued by Debian (xorg-server), Fedora (kernel), openSUSE (clamav, fluidsynth, python-bleach, spamassassin, and xorg-x11-server), Red Hat (gnutls and nettle, libldb, and thunderbird), Scientific Linux (thunderbird), SUSE (clamav, util-linux, and xorg-x11-server), and Ubuntu (network-manager and underscore).
https://lwn.net/Articles/852726/
Juniper JUNOS: Mehrere Schwachstellen
Ein entfernter, anonymer oder lokaler Angreifer kann mehrere Schwachstellen in Juniper JUNOS, Juniper Junos Evolved und Juniper SRX Series ausnutzen, um einen Denial of Service Angriff durchführen, Sicherheitsmaßnahmen zu umgehen, Informationen offenzulegen, Code zur Ausführung zu bringen, seine Privilegien zu erweitern und beliebigen Code mit Administratorrechten auszuführen.
https://www.cert-bund.de/advisoryshort/CB-K21-0387
Red Hat Virtualization Engine: Mehrere Schwachstellen
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in der Red Hat Virtualization Engine ausnutzen, um einen Cross-Site Scripting Angriff durchzuführen, beliebigen Code auszuführen, einen Denial of Service Zustand auszulösen und kryptographische Maßnahmen zu umgehen.
https://www.cert-bund.de/advisoryshort/CB-K21-0385
WordPress: Mehrere Schwachstellen
https://www.cert-bund.de/advisoryshort/CB-K21-0391
Atlassian Jira Software: Mehrere Schwachstellen
https://www.cert-bund.de/advisoryshort/CB-K21-0390
McAfee Endpoint Security: Schwachstelle ermöglicht Manipulation von Daten