09-09
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
09-09
September 9, 2019
The Cyber WAR (Weekly Awareness Report) is an Open Source Intelligence AKA OSINT resource focusing on advancedpersistent threats and other digital dangers received by over ten thousand individuals. APTs fit into a cybercrime categorydirected at both business and political targets. Attack vectors include system compromise, social engineering, and eventraditional espionage. Included are clickable links to news stories, vulnerabilities, exploits, & other industry risk.
Summary
Symantec ThreatCon Low: Basic network posture
This condition applies when there is no discernible network incident activity and no maliciouscode activity with a moderate or severe risk rating. Under these conditions, only a routinesecurity posture, designed to defeat normal network threats, is warranted. Automated systemsand alerting mechanisms should be used.
Sophos: Last Malware* Troj/VB-KMD* Troj/Phobo-G* Troj/Inject-EOO* Troj/Fareit-IUS* Troj/Fareit-IUR* Troj/Fareit-IUQ* Troj/VB-KME* Andr/FnkBot-A* Troj/Fareit-IUP* Troj/MSIL-MTL
Last PUAs* DriverPack* Install Core* BitCoinMiner* Strictor* Spigot Toolbar* SoftPulse* Softcnapp* Snojan Downloader* PC Accelerate* OxyPumper
Interesting News
* Fully equipped Spying Android RAT from Brazil: BRATABRATA” is a new Android remote access tool malware family. It exclusively targets victims in Brazil: however,theoretically it could also be used to attack any other Android user if the cybercriminals behind it want to.
* * If you are interested in learning more about Information Security we have several online, self paced courses at the IWCAcademy. We have an active Facebook group that discusses topics ranging from computer forensics to ethical hacking andmore. Joing the Cyber Secrets Facebook group. If you would like to receive the CIR updates by email, Subscribe at: [email protected]
Index of Sections
Current News
* Packet Storm Security
* Krebs on Security
* Dark Reading
* The Hacker News
* Security Week
* Infosecurity Magazine
* Naked Security
* Quick Heal - Security Simplified
* Threat Post
The Hacker Corner:
* Security Conferences
* Zone-H Latest Published Website Defacements
Tools & Techniques
* Packet Storm Security Latest Published Tools
* Kali Linux Tutorials
* GBHackers Analysis
Exploits and Proof of Concepts
* Packet Storm Security Latest Published Exploits
* Exploit Database Releases
Advisories
* US-Cert (Current Activity-Alerts-Bulletins)
* Symantec's Latest List
* Packet Storm Security's Latest List
Credits
Packet Storm Security
* The Doghouse: Crown Sterling* Belarusian Police Shut Down Notorious Hacking Forum* Thousands Of Servers Infected With Lilocked Ransomware* Zero-Day Privilege Escalation Disclosed For Android* Google's Secret Web Tracking Pages Explained* Accepting Network Update Texts Could Have Pwned Your Mobe* Chinese APT Now Leveraging Pulse And Fortinet VPN Servers* Scammers Use CEO Voice DeepFakes To Con Workers Into Wiring Cash* Facebook's Libra Falls Into Big Gap In EU Rules* Android Exploits Are Now Worth More Than iOS Exploits For The First Time* Teletext Holidays Exposed Customer Calls* Author Of Multiple IoT Botnets Pleads Guilty* Option Way Exposed Personal Info On Customers* Gamification Can Transform Company Cybersecurity Culture* Yves Rocher Cosmetic Company Leaks Data On Millions* Over 47,000 Supermicro Servers Are Exposing BMC Ports* U.S. Counter-Spies Launch Campaign Against Insider Threats* Hammond Summoned To Testify Before Federal Grand Jury* Hackers Breach Forum Of Popular Webcomic XKCD* Chinese Face Swapping App Goes Viral, Sparks Privacy Concerns* Ring Reportedly Shared Video And Map Data With Police In 2018* Jack Dorsey's Twitter Account Got Hacked* How MuleSoft Patched A Critical Flaw And Avoided A Disaster* Facebook Shrugs As Free Basics Private Key Found To Be Signing Unrelated Apps* Data Breaches Expected To Cost $5 Trillion By 2024
Krebs on Security
* Secret Service Investigates Breach at U.S. Govt IT Contractor* 'Satori' IoT Botnet Operator Pleads Guilty* Spam In your Calendar? Here's What to Do.* Feds Allege Adconion Employees Hijacked IP Addresses for Spamming* Phishers are Angling for Your Cloud Providers* Ransomware Bites Dental Data Backup Firm* Cybersecurity Firm Imperva Discloses Breach* Breach at Hy-Vee Supermarket Chain Tied to Sale of 5M+ Stolen Credit, Debit Cards* Forced Password Reset? Check Your Assumptions* The Rise of "Bulletproof” Residential Networks
Dark Reading
* New Release Brings BlueKeep to Metasploit* Public Exposure Does Little to Slow China-Based Thrip APT* Texas Refuses to Pay $2.5M in Massive Ransomware Attack* Just A Few Questions Before That Bank Withdrawal ... * From Spyware to Ninja Cable* Phishers' Latest Tricks for Reeling in New Victims* Edge Feature Section* Slide Show* Chinese Group Built Advanced Trojan by Reverse Engineering NSA Attack Tool * Mail System Vulnerability Delivers Root Privileges* Job-Seeker Data Exposed in Monster File Leak* Why Businesses Fail to Address DNS Security Exposures * 8 Ways to Spot an Insider Threat* Security Pros and 'Black Hats' Agree on Most Tempting Targets* New Technique Makes Passwords 14M Percent Harder to Crack, Nonprofit Claims* Attackers Hit Ceiling in Ransomware Demands* Automation: Friend of the SOC Analyst* Crimeware: How Criminals Built a Business to Target Businesses* 419M Facebook User Phone Numbers Publicly Exposed* It's Not Healthy to Confuse Compliance with Security
The Hacker News
* New Malware Uses Windows BITS Service to Stealthy Exfiltrate Data* Facebook Patches "Memory Disclosure Using JPEG Images" Flaws in HHVM Servers* A Summer of Discontent: The Hottest Malware Hits* Exim TLS Flaw Opens Email Servers to Remote 'Root' Code Execution Attacks* Multiple Code Execution Flaws Found In PHP Programming Language* Flaws in Over Half a Million GPS Trackers Expose Children Location Data* Google Fined $170 Million For Violating Kids' Privacy On YouTube* Twitter temporarily disables 'Tweeting via SMS' after CEO gets hacked* Just An SMS Could Let Remote Attackers Access All Your Emails, Experts Warn* New Free Offering Enables Any MSP and Security Integrator to Add Incident Response to their ServicesPortfolio* Firefox 69 Now Blocks 3rd-Party Tracking Cookies and Cryptominers By Default * Exploit Reseller Offering Up To $2.5 Million For Android Zero-Days* XKCD Forum Hacked - Over 562,000 Users' Account Details Leaked* Learn Ethical Hacking Online - A to Z Training Bundle 2019* BMC Vulnerabilities Expose Supermicro Servers to Remote USB-Attacks
Security Week
* Swedish GDPR Fine Highlights Legal Challenges in Use of Biometrics* Cyberattack Disrupted Firewalls at U.S. Power Utility* U.S. Cyber Command Adds North Korean Malware Samples to VirusTotal* BlueKeep Exploit Added to Metasploit* Man Pleads Guilty for Trying to Access Trump's Tax Returns* Private Equity Firms Interested in Buying Symantec for $16 Billion: Report* Several Vulnerabilities Found in Red Lion HMI Software* China-Linked 'Thrip' Cyberspies Continue Attacks on Southeast Asia* Cisco Releases GhIDA and Ghidraaas Tools for IDA Pro* Parts of Wikipedia Offline After 'Malicious' Attack* Apple: Security Report on iPhone Hack Created 'False Impression'* Three Strategies to Combat Anti-Analysis and Evasion Techniques* "Splintering" Makes Hacking Passwords 14 Million Percent Harder* Industrial Manufacturing Firm DK-LOK Exposes Emails, Customer Data* Oklahoma Pension Fund Reports $4.2 Million Cyber Theft* Industry Reactions to Iranian Mole Planting Stuxnet: Feedback Friday* Exim Vulnerability Allows Remote Code Execution as Root* Cisco Patches Remote Command Execution in Webex Teams Client* Unpatched Privilege Escalation Vulnerability Impacts Android* PerimeterX Raises Another $14 Million in Series C Round
Infosecurity Magazine
* Lufthansa Offers Biometric Boarding at Fourth US Airport* ESET Discovers Backdoor Linked to Stealth Falcon Group* #GartnerSEC: Hiring Strategies Do Not Consider Future Digital Trends* Hackers Steal $4.2m from State Troopers' Pension Fund * #GartnerSEC: Trends and 'Mega Trends' Include Cloud, Passwords and Business Strategies* #GartnerSEC: Have a Future Vision to Survive in a Digital Society* #GartnerSEC: How to Make Automation Decisions for Security* Pupils Flagged as Cyber Threat to UK Schools * DDoS Attack Forces Wikipedia Offline* Monster Defends Data Leak Response* Coalition of Attorneys General Opens Investigation into Facebook* DOD Picks Insider Threat Awareness Month to Train Staff in Threat Detection
Naked Security
* WordPress 5.2.3 fixes new clutch of security vulnerabilities* Brave accuses Google of sidestepping GDPR* Facebook launches $10m deepfake detection project* US city balks at paying $5.3 million ransomware demand* Monday review - the hot 21 stories of the week* Patch early, patch often - and patch everything!* Database exposed 133 million US Facebook users' phone numbers* YouTube fined $170m for covertly tracking kids online* Facebook expands use of face recognition* Twitter turns off SMS texting after @Jack hijacking
Quick Heal - Security Simplified
* The Free Mobile Anti-virus you are using can be a Fake!* Teacher's Day Special - Things that teachers must know about their students to make them cyber safe* PowerShell: Living off the land!* Cybersquatting and Typosquatting victimizing innocent customers and brands* Phishers using custom 404 Not Found error page to steal Microsoft credentials* Alert! 27 apps found on Google Play Store that prompt you to install Fake Google Play Store* Alert! Income tax refund SMS - Newest way of conducting bank fraud by cyber criminals* Android based IoT devices with open ADB port inviting easy attacks by Crypto-miners* MegaCortex Returns…* Trinity Miner using open ADB port to target IoT devices
Threat Post
* Stealth Falcon Targets Middle East with Windows BITS Feature* Telnet Backdoor Opens More Than 1M IoT Radios to Hijack* Wikipedia, World of Warcraft Downed By Weekend DDoS Attacks* Critical Exim Flaw Opens Millions of Servers to Takeover* Apple Claims Google is Spreading FUD Over Patched iPhone Bugs* ThreatList: Police Use of Facial Recognition is Just Fine, Say Most Americans* China's APT3 Pilfers Cyberweapons from the NSA* Back-to-School Scams Target Students with Library-Themed Emails* News Wrap: Deepfake CEO Voice Scam, Facebook Phone Data Exposed* Facebook, Microsoft Challenge Industry to Detect, Prevent 'Deepfakes'
The Hacker Corner
Conferences
* Advertising Landing Page Copy/Form* Apply: FREE 6 Month InfoSec Speaking Plan* Apply: FREE 6 Month InfoSec Speaking Plan* How To Speak At DEF CON* Join Our LinkedIn Group* Upcoming Cybersecurity Conferences in the United States & Canada* Upcoming Cybersecurity Conferences in Europe* 29 Amazing TED Cybersecurity Talks (2008 - 2020)* 7 Proven Ideas for Your InfoSec Conference Delegate Acquisition Strategy* An Interview with Jack Daniel: Co-Founder of BSides!
Latest Website Defacements
* http://sastra.perpusnas.go.id/ezx.htm* http://pusakaindonesia.perpusnas.go.id/ezx.htm* https://sipp.ms-bireuen.go.id/read.htm* https://skm.ms-bireuen.go.id/read.htm* https://rka.ms-bireuen.go.id/read.htm* https://simarka.ms-bireuen.go.id/read.htm* https://pendaftaran.ms-bireuen.go.id/read.htm* https://e-silap.ms-bireuen.go.id/read.htm* https://simc.ms-bireuen.go.id/read.htm* https://silap.ms-bireuen.go.id/read.htm* http://media-in-transition-10.mit.edu//Back.html* http://kpn.lampungbaratkab.go.id/lucid.php* http://itanhandu.cam.mg.gov.br/fca2.htm* https://vicosa.ce.gov.br/s.htm* https://disdik.jakarta.go.id* http://probolinggokota.go.id/sad.htm* https://www.bangkabaratkab.go.id/nitip.html* https://imdersincelejo.gov.co/007.html* http://tamthantw2.gov.vn/rx.html* https://sarlahi.pmamp.gov.np/rizky.html
Tools & Techniques
Packet Storm Security Tools Links
* Wapiti Web Application Vulnerability Scanner 3.0.2* SQLMAP - Automatic SQL Injection Tool 1.3.9* SSLsplit 0.5.5* Bro Network Security Monitor 2.6.4* I2P 0.9.42* Tinc Virtual Private Network Daemon 1.0.36* Haveged 1.9.6* Clam AntiVirus Toolkit 0.101.4* TOR Virtual Network Tunneling Tool 0.4.1.5* Haveged 1.9.5 Alpha
Kali Linux Tutorials
* EMAGNET : Leaked Databases With 97.1% Accurate To Grab Mail + Password* PyFuscation : Obfuscate Powershell Scripts By Replacing Function Names, Variables & Parameters* Btlejack : Bluetooth Low Energy Swiss-Army Knife* mpDNS : Multi-Purpose DNS Server 2019* Ehtools : Penetration Tools That Can Be Explored Easily* Wordlister : A Simple Wordlist Generator & Mangler Written In Python* Barq: The AWS Cloud Post Exploitation Framework* Telegra Csharp C2 : Command and Control for C# Writing* Http Request Smuggler : Extension For Burp Suite* B-XSSRF : Toolkit To Detect & Keep Track On Blind XSS, XXE & SSRF
GBHackers Analysis
* Vulnerability in Exim Mail Server Let Hackers Gain Root Access Remotely From 5 Million Email Servers* Twitter CEO Jack Dorsey Account Hacked using Sim Swapping Attack* A Critical Vulnerability in Tesla Model S Let Hackers Clone The Car Key Within 2 Seconds & Steal Car* Critical Remote Code Execution Vulnerability in DHCP Client Let Hackers Take Control of the Network* Unpatched RCE Vulnerability in LibreOffice Let Hackers Take Complete Control Of Your Computer
Proof of Concept (PoC) & Exploits
Packet Storm Security
* LibreNMS Collectd Command Injection* October CMS Upload Protection Bypass Code Execution* Microsoft Windows 10 UAC Protection Bypass Via Windows Store* WordPress 5.2.3 Remote Cross Site Host Modification* Facebook Messenger Denial Of Service* Microsoft Windows NTFS Privileged File Access Enumeration* FusionPBX 4.4.8 Remote Code Execution* Pulse Secure 8.1R15.1 / 8.2 / 8.3 / 9.0 SSL VPN Remote Code Execution* Windows 10 UAC Protection Bypass Via Windows Store (WSReset.exe) And Registry* WordPress Ecpay Logistics For WooCommerce 1.2.181030 Cross Site Scripting* WordPress API Bearer Auth 20181229 Cross Site Scripting* AwindInc SNMP Service Command Injection* Cisco Device Hardcoded Credentials / GNU glibc / BusyBox* WordPress Spryng Payments WooCommerce 1.6.7 Cross Site Scripting* Cisco Email Security Virtual Appliance C380 IronPort Header Injection* Cisco Email Security Virtual Appliance C300V IronPort Header Injection* Cisco Content Security Management Virtual Appliance M600V IronPort Header Injection* DASAN Zhone ZNID GPON 2426A EU Cross Site Scripting* WordPress Download Manager 2.9.93 Cross Site Scripting* One Identity Defender 5.9.3 Insecure Cryptographic Storage* Totaljs CMS 12.0 Improper Access Control* Totaljs CMS 12.0 Widget Creation Code Injection* WordPress Portrait-Archiv.com Photostore 5.0.4 Cross Site Scripting* Totaljs CMS 12.0 Insecure Admin Session Cookie* Totaljs CMS 12.0 Path Traversal
Proof of Concept (PoC) & Exploits
Exploit Database
* [webapps] Dolibarr ERP-CRM 10.0.1 - SQL Injection* [webapps] WordPress Plugin Sell Downloads 1.0.86 - Cross-Site Scripting* [webapps] Rifatron Intelligent Digital Security System - 'animate.cgi' Stream Disclosure* [webapps] Online Appointment - SQL Injection* [webapps] Enigma NMS 65.0.0 - SQL Injection* [webapps] Enigma NMS 65.0.0 - OS Command Injection* [webapps] Enigma NMS 65.0.0 - Cross-Site Request Forgery* [webapps] Dolibarr ERP-CRM 10.0.1 - 'elemid' SQL Injection* [webapps] WordPress 5.2.3 - Cross-Site Host Modification* [remote] FusionPBX 4.4.8 - Remote Code Execution* [webapps] Inventory Webapp - 'itemquery' SQL injection* [remote] Pulse Secure 8.1R15.1/8.2/8.3/9.0 SSL VPN - Remote Code Execution* [remote] AwindInc SNMP Service - Command Injection (Metasploit)* [webapps] DASAN Zhone ZNID GPON 2426A EU - Multiple Cross-Site Scripting* [webapps] WordPress Plugin Download Manager 2.9.93 - Cross-Site Scripting* [webapps] FileThingie 2.5.7 - Arbitrary File Upload* [remote] Cisco RV110W/RV130(W)/RV215W Routers Management Interface - Remote Command Execution(Metasploit)* [remote] Cisco Data Center Network Manager - Unauthenticated Remote Code Execution (Metasploit)* [remote] Cisco UCS Director - default scpuser password (Metasploit)* [local] ptrace - Sudo Token Privilege Escalation (Metasploit)* [local] ktsuss 1.4 - suid Privilege Escalation (Metasploit)* [webapps] Craft CMS 2.7.9/3.2.5 - Information Disclosure* [local] Kaseya VSA agent 9.5 - Privilege Escalation* [webapps] Alkacon OpenCMS 10.5.x - Local File inclusion* [webapps] Alkacon OpenCMS 10.5.x - Cross-Site Scripting (2)
AdvisoriesUS-Cert Alerts & bulletins
* AA19-168A: Microsoft Operating Systems BlueKeep Vulnerability* AA19-122A: New Exploits for Unsecure SAP Systems* AA19-024A: DNS Infrastructure Hijacking Campaign* Vulnerability Summary for the Week of September 2, 2019* Vulnerability Summary for the Week of August 26, 2019* Vulnerability Summary for the Week of August 19, 2019
Symantec - Latest List
* Microsoft ASP.NET Core/Framework CVE-2019-0545 Information Disclosure Vulnerability* Microsoft ASP.NET Core/Framework CVE-2019-0980 Denial of Service Vulnerability* Microsoft ASP.NET Core/Framework CVE-2019-0981 Denial of Service Vulnerability* Microsoft Windows Security Feature CVE-2019-1019 Remote Security Bypass Vulnerability* Multiple CPU Hardware CVE-2017-5754 Information Disclosure Vulnerability* Adobe Flash Player Out-Of-Bounds Read Information Disclosure Vulnerability* Microsoft .NET Core CVE-2018-8292 Information Disclosure Vulnerability* Microsoft Live Accounts ADV190014 Privilege Escalation Vulnerability* Microsoft Windows 'HTTP.sys' CVE-2019-9518 Denial of Service Vulnerability* Microsoft Windows 'HTTP.sys' CVE-2019-9514 Denial of Service Vulnerability* Microsoft Windows 'HTTP.sys' CVE-2019-9513 Denial of Service Vulnerability* Microsoft Windows 'HTTP.sys' CVE-2019-9512 Denial of Service Vulnerability* Microsoft Windows 'HTTP.sys' CVE-2019-9511 Denial of Service Vulnerability* Microsoft Windows XmlLite runtime CVE-2019-1187 Denial of Service Vulnerability* Microsoft Edge Chakra Scripting Engine CVE-2019-1195 Remote Memory Corruption Vulnerability* Microsoft Windows SymCrypt CVE-2019-1171 Information Disclosure Vulnerability* Microsoft Windows NTFS CVE-2019-1170 Local Privilege Escalation Vulnerability* Microsoft Windows CVE-2019-1168 Local Privilege Escalation Vulnerability* Microsoft Windows File Signature CVE-2019-1163 Security Bypass Vulnerability* Microsoft Windows ALPC CVE-2019-1162 Local Privilege Escalation Vulnerability* Microsoft Windows Defender CVE-2019-1161 Privilege Escalation Vulnerability* Microsoft Windows Remote Desktop Protocol Server CVE-2019-1225 Information Disclosure Vulnerability* Microsoft Windows Remote Desktop Protocol Server CVE-2019-1224 Information Disclosure Vulnerability* Microsoft Windows Remote Desktop Protocol CVE-2019-1223 Denial of Service Vulnerability* Microsoft Windows Remote Desktop Services CVE-2019-1226 Remote Code Execution Vulnerability* Microsoft Windows Remote Desktop Services CVE-2019-1182 Remote Code Execution Vulnerability
AdvisoriesPacket Storm Security - Latest List
Gentoo Linux Security Advisory 201909-04Gentoo Linux Security Advisory 201909-4 - Multiple vulnerabilities have been found in Apache, the worst ofwhich could result in a Denial of Service condition. Versions less than 2.4.41 are affected.Gentoo Linux Security Advisory 201909-03Gentoo Linux Security Advisory 201909-3 - A buffer overflow in Pango might allow an attacker to executearbitrary code. Versions less than 1.42.4-r2 are affected.Gentoo Linux Security Advisory 201909-02Gentoo Linux Security Advisory 201909-2 - Multiple vulnerabilities have been found in VLC, the worst of whichcould result in the arbitrary execution of code. Versions less than 3.0.8 are affected.Gentoo Linux Security Advisory 201909-01Gentoo Linux Security Advisory 201909-1 - Multiple vulnerabilities have been found in Perl, the worst of whichcould result in the arbitrary execution of code. Versions less than 5.28.2 are affected.Ubuntu Security Notice USN-4124-1Ubuntu Security Notice 4124-1 - It was discovered that Exim incorrectly handled certain decoding operations. Aremote attacker could possibly use this issue to execute arbitrary commands.Debian Security Advisory 4517-1Debian Linux Security Advisory 4517-1 - "Zerons" and Qualys discovered that a buffer overflow triggerable inthe TLS negotiation code of the Exim mail transport agent could result in the execution of arbitrary code withroot privileges.Debian Security Advisory 4516-1Debian Linux Security Advisory 4516-1 - Multiple security issues have been found in the Mozilla Firefox webbrowser, which could potentially result in the execution of arbitrary code, cross-site scripting, bypass of thesame-origin policy, sandbox escape, information disclosure or denial of service.Asterisk Project Security Advisory - AST-2019-005Asterisk Project Security Advisory - When audio frames are given to the audio transcoding support in Asteriskthe number of samples are examined and as part of this a message is output to indicate that no samples arepresent. A change was done to suppress this message for a particular scenario in which the message was notrelevant. This change assumed that information about the origin of a frame will always exist when in reality itmay not. This issue presented itself when an RTP packet containing no audio (and thus no samples) wasreceived. In a particular transcoding scenario this audio frame would get turned into a frame with no origininformation. If this new frame was then given to the audio transcoding support a crash would occur as nosamples and no origin information would be present.Asterisk Project Security Advisory - AST-2019-004Asterisk Project Security Advisory - When Asterisk sends a re-invite initiating T.38 faxing, and the endpointresponds with a declined media stream a crash will then occur in Asterisk.Ubuntu Security Notice USN-4123-1Ubuntu Security Notice 4123-1 - It was discovered that npm/fstream incorrectly handled certain crafted tarballs.
An attacker could use this vulnerability to write arbitrary files to the filesystem.Red Hat Security Advisory 2019-2670-01Red Hat Security Advisory 2019-2670-01 - Chromium is an open-source web browser, powered by WebKit.This update upgrades Chromium to version 76.0.3809.132. Issues addressed include a use-after-freevulnerability.Slackware Security Advisory - seamonkey UpdatesSlackware Security Advisory - New seamonkey packages are available for Slackware 14.2 and -current to fixsecurity issues. Red Hat Security Advisory 2019-2587-01Red Hat Security Advisory 2019-2587-01 - Red Hat CloudForms Management Engine delivers the insight,control, and automation needed to address the challenges of managing virtual environments. CloudFormsManagement Engine is built on Ruby on Rails, a model-view-controller framework for web applicationdevelopment. Action Pack implements the controller and the view components. Issues addressed include codeexecution and denial of service vulnerabilities.Red Hat Security Advisory 2019-2551-01Red Hat Security Advisory 2019-2551-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computingKubernetes application platform solution designed for on-premise or private cloud deployments. Issuesaddressed include a code execution vulnerability.Ubuntu Security Notice USN-4122-1Ubuntu Security Notice 4122-1 - Multiple security issues were discovered in Firefox. If a user were tricked in toopening a specially crafted website, an attacker could potentially exploit these to obtain sensitive information,bypass Content Security Policy protections, bypass same-origin restrictions, conduct cross-site scriptingattacks, cause a denial of service, or execute arbitrary code. Various other issues were also addressed.Debian Security Advisory 4515-1Debian Linux Security Advisory 4515-1 - Several vulnerabilities have been discovered in the webkit2gtk webengine.Red Hat Security Advisory 2019-2663-01Red Hat Security Advisory 2019-2663-01 - Mozilla Firefox is an open-source web browser, designed forstandards compliance, performance, and portability. This update upgrades Firefox to version 68.1.0 ESR.Issues addressed include bypass, cross site scripting, and use-after-free vulnerabilities.Debian Security Advisory 4514-1Debian Linux Security Advisory 4514-1 - Alf-Andre Walla discovered a remotely triggerable assert in theVarnish web accelerator; sending a malformed HTTP request could result in denial of service.Debian Security Advisory 4513-1Debian Linux Security Advisory 4513-1 - Stefan Metzmacher discovered a flaw in Samba, a SMB/CIFS file,print, and login server for Unix. Specific combinations of parameters and permissions can allow user to escapefrom the share path definition and see the complete '/' filesystem. Unix permission checks in the kernel are stillenforced.Red Hat Security Advisory 2019-2652-01Red Hat Security Advisory 2019-2652-01 - OpenStack Compute launches and schedules large networks ofvirtual machines, creating a redundant and scalable cloud computing platform. Compute provides the software,control panels, and APIs required to orchestrate a cloud, including running virtual machine instances andcontrolling access through users and projects. Issues addressed include an exception leak.Red Hat Security Advisory 2019-2651-01Red Hat Security Advisory 2019-2651-01 - Jenkins is a continuous integration server that monitors executionsof repeated jobs, such as building a software project or jobs run by cron. Issues addressed include a bypassvulnerability.Ubuntu Security Notice USN-4120-1Ubuntu Security Notice 4120-1 - It was discovered that the systemd-resolved D-Bus interface did not enforce
appropriate access controls. A local unprivileged user could exploit this to modify a system's DNS resolversettings.Ubuntu Security Notice USN-4121-1Ubuntu Security Notice 4121-1 - Stefan Metzmacher discovered that the Samba SMB server did not properlyprevent clients from escaping outside the share root directory in some situations. An attacker could use this togain access to files outside of the Samba share, where allowed by the permissions of the underlying filesystem.Red Hat Security Advisory 2019-2600-01Red Hat Security Advisory 2019-2600-01 - The kernel packages contain the Linux kernel, the core of any Linuxoperating system. Issues addressed include a buffer overflow vulnerability.
Related Documents
