End-of-Day report
Timeframe: Donnerstag 05-04-2018 18:00 − Freitag 06-04-2018 18:00
Handler: Robert Waldner
Co-Handler: Stephan Richter
News
∗∗∗ Remote Execution Flaw Threatens Apps Built Using Spring Framework — Patch Now ∗∗∗
Security researchers have discovered three vulnerabilities in the Spring Development Framework, one of which is a critical remote code execution flaw that could allow remote attackers to execute arbitrary code against applications built with it. Spring Framework is a popular, lightweight and an open source framework for developing Java-based enterprise applications. In an [...]
https://thehackernews.com/2018/04/spring-framework-hacking.html
∗∗∗ Sicherheitsforscher finden 1,5 Milliarden sensible Daten ∗∗∗
Forscher des IT-Sicherheitsanbieters Digital Shadows haben eigenen Angaben zufolge weltweit rund 1,5 Milliarden Datensätze in falsch konfigurierten und daher frei zugänglichen Online-Speichern gefunden. Darunter befinden sich sensible Informationen wie medizinische Daten, Gehaltsabrechnungen oder Patente.
https://www.bsi.bund.de/DE/Presse/Kurzmeldungen/Meldungen/news_forscher_finden_sensible_daten_06042018.html
∗∗∗ From PNG tEXt to Persistent XSS ∗∗∗
I was on job for a client and was playing around with various endpoints they have for uploading files. They're really strict on several things and will only accept files with a .PNG extension. In one place, however, you were able to upload files with a .html extension ... score. Well, not really. You're allowed to upload [...]
https://www.pentestpartners.com/security-blog/from-png-text-to-persistent-xss/
∗∗∗ Warnung vor sportspoort.de ∗∗∗
Der Online-Shop sportspoort.de verkauft günstige Adidas-Schuhe. Es handelt sich um gefälschte Markenware. Konsument/innen können sie ausschließlich über eine unsichere Verbindung mit ihrer Kreditkarte bezahlen. Die Watchlist Internet rät von einem Einkauf auf sportspoort.de ab, denn der Anbieter ist kriminell.
https://www.watchlist-internet.at/news/warnung-vor-sportspoortde/
Vulnerabilities
∗∗∗ Rockwell Automation MicroLogix ∗∗∗
This advisory includes mitigations for an improper authentication vulnerability in the Rockwell MicroLogix Controller.
https://ics-cert.us-cert.gov/advisories/ICSA-18-095-01
∗∗∗ Moxa MXview ∗∗∗
This advisory includes mitigations for an information exposure vulnerability in the Moxa MXview network management software.
https://ics-cert.us-cert.gov/advisories/ICSA-18-095-02
∗∗∗ LCDS – Leão Consultoria e Desenvolvimento de Sistemas Ltda ME LAquis SCADA ∗∗∗
This advisory includes mitigations for an improper check or handling of exceptional conditions vulnerability in LCDS – Leão Consultoria e Desenvolvimento de Sistemas Ltda ME LAquis SCADA device.
https://ics-cert.us-cert.gov/advisories/ICSA-18-095-03
∗∗∗ Security updates for Friday ∗∗∗
Security updates have been issued by Debian (sharutils), Fedora (firefox, httpd, and mod_http2), openSUSE (docker-distribution, graphite2, libidn, and postgresql94), Oracle (libvorbis and thunderbird), Red Hat (libvorbis, python-paramiko, and thunderbird), Scientific Linux (libvorbis and thunderbird), SUSE (apache2), and Ubuntu (firefox, linux-lts-xenial, linux-aws, and ruby1.9.1, ruby2.0, ruby2.3).
https://lwn.net/Articles/751146/
∗∗∗ [local] Sophos Endpoint Protection 10.7 - Tamper-Protection Bypass ∗∗∗
https://www.exploit-db.com/exploits/44410/
∗∗∗ [local] Sophos Endpoint Protection Control Panel 10.7 - Weak Password Encryption ∗∗∗
https://www.exploit-db.com/exploits/44411/
∗∗∗ IBM Security Bulletin: Cross-Site Scripting Vulnerability in IBM WebSphere Portal (CVE-2018-1483) ∗∗∗
https://www-01.ibm.com/support/docview.wss?uid=swg22015317
∗∗∗ IBM Security Bulletin: A vulnerability in IBM Java Runtime affects IBM Cognos TM1 ∗∗∗
http://www.ibm.com/support/docview.wss?uid=swg22015269
∗∗∗ IBM Security Bulletin: A vulnerability in IBM Java Runtime affects IBM Cognos Insight ∗∗∗
http://www.ibm.com/support/docview.wss?uid=swg22015268
∗∗∗ IBM Security Bulletin: Vulnerability in Apache commons-fileupload affects IBM Algo One Algo Risk Application (ARA) CVE-2016-1000031 ∗∗∗
http://www.ibm.com/support/docview.wss?uid=swg22015340
∗∗∗ Intel SPI Flash Unsafe Opcodes Lets Local Users Cause Denial of Service Conditions ∗∗∗
http://www.securitytracker.com/id/1040626
∗∗∗ [R1] SecurityCenter 5.6.2.1 Fixes One Third-party Vulnerability ∗∗∗
http://www.tenable.com/security/tns-2018-03
∗∗∗ The BIG-IP ASM CSRF token may fail to renew when the original web server renews its session ∗∗∗
https://support.f5.com/csp/article/K70517410