End-of-Day report
Timeframe: Donnerstag 07-03-2019 18:00 - Freitag 08-03-2019 18:00
Handler: Robert Waldner
Co-Handler: Stephan Richter
News
Serious Security: When randomness isn-t - and why it matters
The password ji32k7au4a83 looks pretty random and feels as though it should be unique - read this article to find out why its neither!
https://nakedsecurity.sophos.com/2019/03/08/serious-security-when-randomness-isnt-and-why-it-matters/
Google warnt vor Zero-Day-Lücke in Windows 7
Angreifer nutzten eine Kombination aus Lücken in Chrome und Windows 7, um Rechner mit Spionage-Software zu infizieren. Nur eine von beiden ist geschlossen.
http://heise.de/-4329796
Jetzt updaten: Kritische Lücke in Apache Solr
Einige Versionen der Open-Source-Suchplattform Solr weisen ein mögliches Einfallstor für entfernte Angreifer auf. Updates sind verfügbar.
http://heise.de/-4329895
From Fake Updates to Unwanted Redirects
At the end of February, we wrote about a massive wave of site infections that pushed fake browser updates. In the beginning of March, the attack evolved into redirecting site visitors to sketchy ad URLs.
http://labs.sucuri.net/?note=2019-03-08
Smart unhackable car alarms open the doors of 3 million vehicles to hackers
The moment you call a product "unhackable" you are asking for trouble.
https://www.zdnet.com/article/smart-car-alarms-opened-the-doors-of-3-million-vehicles-to-hackers/
Vulnerabilities
Security Advisory 2019-02: Security Update for OTRS Framework
March 08, 2019 - Please read carefully and check if the version of your OTRS system is affected by this vulnerability.
https://community.otrs.com/security-advisory-2019-02-security-update-for-otrs-framework/
Security updates for Friday
Security updates have been issued by Fedora (php-typo3-phar-stream-wrapper2), Mageia (gnutls, nagios, openssl, and python-gnupg), openSUSE (apache2, ceph, chromium, openssh, and webkit2gtk3), and Ubuntu (nvidia-graphics-drivers-390).
https://lwn.net/Articles/782653/
IBM Security Bulletin: Multiple vulnerabilities in IBM® Java SDK affects WebSphere Application Server January 2019 CPU that is bundled with IBM WebSphere Application Server Patterns
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilities-in-ibm-java-sdk-affects-websphere-application-server-january-2019-cpu-that-is-bundled-with-ibm-websphere-application-server-patterns/
IBM Security Bulletin: Vulnerabilities identified in IBM® Java SDK affect WebSphere Service Registry and Repository and WebSphere Service Registry and Repository Studio (CVE-2018-12547 and CVE-2019-2426)
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-vulnerabilities-identified-in-ibm-java-sdk-affect-websphere-service-registry-and-repository-and-websphere-service-registry-and-repository-studio-cve-2018-12547-and-cve-20/
IBM Security Bulletin: FileNet CMIS (FNCMIS) leveraging Spring Framework is vulnerable to a denial of service caused by improper handling of range request by the ResourceHttpRequestHandler
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-filenet-cmis-fncmis-leveraging-spring-framework-is-vulnerable-to-a-denial-of-service-caused-by-improper-handling-of-range-request-by-the-resourcehttprequesthandler/
IBM Security Bulletin: Security Vulnerabilities affect IBM Cloud Private Vulnerability Advisor Kafka and Notification Dispatcher
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-security-vulnerabilities-affect-ibm-cloud-private-vulnerability-advisor-kafka-and-notification-dispatcher/
IBM Security Bulletin: Security Vulnerabilities affect IBM Cloud Private MongoDB
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-security-vulnerabilities-affect-ibm-cloud-private-mongodb/
IBM Security Bulletin: Security Vulnerabilities affect IBM Cloud Private Monitoring
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-security-vulnerabilities-affect-ibm-cloud-private-monitoring/
IBM Security Bulletin: Security Vulnerabilities affect IBM Cloud Private Logging
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-security-vulnerabilities-affect-ibm-cloud-private-logging/
IBM Security Bulletin: IBM MQ could allow a local user to inject code that could be executed with root privileges. (CVE-2018-1998)
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-mq-could-allow-a-local-user-to-inject-code-that-could-be-executed-with-root-privileges-cve-2018-1998/
IBM Security Bulletin: IBM MQ is vulnerable to a privilege escalation attack when using multiplexed channels (CVE-2018-1974)
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-mq-is-vulnerable-to-a-privilege-escalation-attack-when-using-multiplexed-channels-cve-2018-1974/
IBM Security Bulletin: Multiple buffer overflow vulnerabilities exist in IBM® Db2® leading to privilege escalation (CVE-2018-1922, CVE-2018-1923, CVE-2018-1978, CVE-2018-1980, CVE-2019-4015, CVE-2019-4016).
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-buffer-overflow-vulnerabilities-exist-in-ibm-db2-leading-to-privilege-escalation-cve-2018-1922-cve-2018-1923-cve-2018-1978-cve-2018-1980-cve-2019-4015/