Sunday, June 30, 2019

Vuln: ABB PB610 Multiple Security Vulnerabilities



ABB PB610 Panel Builder 600 is prone to the following vulnerabilities:

1. An authentication-bypass vulnerability
2. A directory-traversal vulnerability
3. Multiple memory corruption vulnerabilities
4. A stack-based buffer-overflow vulnerability
5. A buffer-overflow vulnerability

Attackers can exploit these issues to execute arbitrary code, access or read arbitrary files that contain sensitive information or to access files outside of the restricted directory, bypass authentication mechanism and perform unauthorized actions. Failed exploit attempts will likely cause denial-of-service conditions.

ABB PB610 Panel Builder 600 version 1.91 through 2.8.0.367 are vulnerable.
exploit



Attackers can exploit these issues to execute arbitrary code, access or read arbitrary files that contain sensitive information or to access files outside of the restricted directory, bypass authentication mechanism and perform unauthorized actions. Failed exploit attempts will likely cause denial-of-service conditions.
solution



Solution:
Updates are available. Please see the references or vendor advisory for more information.

info



Bugtraq ID: 108886
Class: Unknown
CVE: CVE-2019-7226
CVE-2019-7227
CVE-2019-7228
CVE-2019-7230
CVE-2019-7232
CVE-2019-7231
Remote: Yes
Local: No
Published: Jun 13 2019 12:00AM
Updated: Jun 13 2019 12:00AM
Credit: Xen1thLabs.
Vulnerable: ABB PB610 Panel Builder 600 2.8.0.367
ABB PB610 Panel Builder 600 1.91
Not Vulnerable: ABB PB610 Panel Builder 600 2.8.0.424
references



from SecurityFocus Vulnerabilities https://ift.tt/2XgHKUV

Vuln: Multiple ABB Products CVE-2019-7225 Hardcoded Credentials Vulnerability



Multiple ABB Products are prone to a hard-coded credentials vulnerability.

An attacker can exploit this issue to gain unauthorized access to the affected application, obtain sensitive information, cause denial-of-service conditions or execute arbitrary code on the affected system.
exploit



Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: vuldb@securityfocus.com.
solution



Solution:
Updates are available. Please see the references or vendor advisory for more information.

info



Bugtraq ID: 108922
Class: Design Error
CVE: CVE-2019-7225
Remote: Yes
Local: No
Published: Jun 05 2019 12:00AM
Updated: Jun 05 2019 12:00AM
Credit: Xen1thLabs.
Vulnerable: ABB CP635-WEB 0
ABB CP635-B 0
ABB CP635 0
ABB CP630-WEB 0
ABB CP630 0
ABB CP620-WEB 0
ABB CP620 0
Not Vulnerable:
references



from SecurityFocus Vulnerabilities https://ift.tt/2J202Fw

Singapore government to run another bug bounty

Morrison sells Australia's terrorism video streaming plan to the G20

Microsoft asks to join private Linux security developer list

Australia's open banking regime: Generic product data available from 1 July

Bulgarian IT expert arrested after demoing vulnerability in kindergarten software

Saturday, June 29, 2019

IBM Security Bulletin: IBM API Connect Developer Portal is impacted by multiple PHP vulnerabilities(CVE-2019-11038 CVE-2019-11039 CVE-2019-11040)

IBM API Connect has addressed the following vulnerability.

CVE(s): CVE-2019-11038, CVE-2019-11039, CVE-2019-11040

Affected product(s) and affected version(s):

IBM API Connect versions

5.0.0.0-5.0.8.6 iFix 1

2018.1-2018.4.1.5

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10888165
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/161866
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/161867
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/161868

The post IBM Security Bulletin: IBM API Connect Developer Portal is impacted by multiple PHP vulnerabilities(CVE-2019-11038 CVE-2019-11039 CVE-2019-11040) appeared first on IBM PSIRT Blog.



from IBM Product Security Incident Response Team https://ift.tt/2IVyO3g

IBM Security Bulletin: IBM Security Guardium is affected by a FileServer functionality vulnerability

IBM Security Guardium has addressed the following vulnerability.

CVE(s): CVE-2019-4292

Affected product(s) and affected version(s):

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10888279
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/160698

The post IBM Security Bulletin: IBM Security Guardium is affected by a FileServer functionality vulnerability appeared first on IBM PSIRT Blog.

Affected IBM Security Guardium

Affected Versions
IBM Security Guardium 10.5


from IBM Product Security Incident Response Team https://ift.tt/2Xcni7s

IBM Security Bulletin: A vulnerability in IBM Java Runtime affect Financial Transaction Manager for Corporate Payment Services for Multi-Platform

There is a vulnerability in IBM® Runtime Environment Java™ Version 7 or version 8 used by Financial Transaction Manager for Corporate Payment Services for Multi-Platform (FTM CPS). Financial Transaction Manager for Corporate Payment Services for Multi-Platform has addressed the applicable CVE.

CVE(s): CVE-2019-2684

Affected product(s) and affected version(s):

FTM CPS: 3.0.2.0 – 3.0.2.1

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10884046
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/159776

The post IBM Security Bulletin: A vulnerability in IBM Java Runtime affect Financial Transaction Manager for Corporate Payment Services for Multi-Platform appeared first on IBM PSIRT Blog.



from IBM Product Security Incident Response Team https://ift.tt/2IVyMsa

IBM Security Bulletin: A vulnerabilityin IBM Java Runtime affect Financial Transaction Manager for Check Services for Multi-Platform

There is a vulnerability in IBM® Runtime Environment Java™ Version 7 or Version 8 used by Financial Transaction Manager for Check Services for Multi-Platform (FMT CHK). Financial Transaction Manager for Check Services for Multi-Platform has addressed the applicable CVE.

CVE(s): CVE-2019-2684

Affected product(s) and affected version(s):

FTM CHK: v3.0.2.0 – 3.0.2.1

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10884044
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/159776

The post IBM Security Bulletin: A vulnerabilityin IBM Java Runtime affect Financial Transaction Manager for Check Services for Multi-Platform appeared first on IBM PSIRT Blog.



from IBM Product Security Incident Response Team https://ift.tt/2XdYWKl

IBM Security Bulletin: Vulnerability in IBM Java Runtime affect Financial Transaction Manager for ACH Services for Multi-Platform

There is a vulnerability in IBM® Runtime Environment Java™ Version 7 or Version 8 by Financial Transaction Manager for ACH Services for Multi-Platform (FTM ACH). Financial Transaction Manager for ACH Services for Multi-Platform has addressed the applicable CVE.

CVE(s): CVE-2019-2684

Affected product(s) and affected version(s):

FTM ACH: v3.1.0.0 – 3.1.0.3

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10884038
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/159776

The post IBM Security Bulletin: Vulnerability in IBM Java Runtime affect Financial Transaction Manager for ACH Services for Multi-Platform appeared first on IBM PSIRT Blog.



from IBM Product Security Incident Response Team https://ift.tt/2IVyLo6

IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect AIX Security Bulletin

Jun 29, 2019 9:03 am EDT

Categorized: High Severity

Share this post:

There are multiple vulnerabilities in IBM SDK Java Technology Edition, Versions 7, 7.1, 8 that are used by AIX. These issues were disclosed as part of the IBM Java SDK updates in April 2019.

CVE(s): CVE-2019-10245, CVE-2019-2684, CVE-2019-2602, CVE-2019-2697, CVE-2019-2698

Affected product(s) and affected version(s):
AIX 7.1, 7.2
VIOS 2.2.x
The following fileset levels (VRMF) are vulnerable, if the respective Java version is installed:
For Java7: Less than 7.0.0.645
For Java7.1: Less than 7.1.0.445
For Java8: Less than 8.0.0.535
Note: To find out whether the affected Java filesets are installed on your systems, refer to the lslpp command found in AIX user’s guide.
Example: lslpp -L | grep -i java

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10884442
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/160010
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/159776
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/159698
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/159789
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/159790



from IBM Product Security Incident Response Team https://ift.tt/2XdYV9f

IBM Security Bulletin: API Connect is impacted by an information leakage vulnerability in Oracle MySQL (CVE-2018-3123)

API Connect has addressed the following vulnerability.

CVE(s): CVE-2018-3123

Affected product(s) and affected version(s):

Affected IBM API Management Affected Versions
IBM API Connect 5.0.0.0-5.0.8.6
IBM API Connect 2018.1-2018.4.1.5

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10887651
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/159652

The post IBM Security Bulletin: API Connect is impacted by an information leakage vulnerability in Oracle MySQL (CVE-2018-3123) appeared first on IBM PSIRT Blog.



from IBM Product Security Incident Response Team https://ift.tt/2IWZsbZ

IBM Security Bulletin: Password disclosure in IBM Spectrum Protect Server (CVE-2019-4140)

Jun 29, 2019 9:02 am EDT

Categorized: Medium Severity

Share this post:

The IBM Spectrum Protect (formerly Tivoli Storage Manager) Server may disclose the database restore password when using the dsmserv restore db command. This could allow another user to perform a database restore or possibly result in an old backup replacing the database.

CVE(s): CVE-2019-4140

Affected product(s) and affected version(s):

This vulnerability affects the following IBM Spectrum Protect (formerly Tivoli Storage Manager) Server levels:

  • 8.1.0.0 through 8.1.7.xxx
  • 7.1.0.0 through 7.1.9.200

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10883346
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/158336



from IBM Product Security Incident Response Team https://ift.tt/2XeeVbH

IBM Security Bulletin: Multiple Db2 vulnerabilities affect the IBM Spectrum Protect Server (CVE-2018-1922, CVE-2018-1923, CVE-2018-1936, CVE-2018-1978, CVE-2018-1980, CVE-2019-4014, CVE-2019-4015, CVE-2019-4016, CVE-2019-4094)

The IBM Spectrum Protect (formerly Tivoli Storage Manager) Server is affected by multiple IBM Db2 vulnerabilities such as buffer overflow and loading binaries from an untrusted path. These Db2 vulnerabilities could allow execution of arbitrary code on the system or elevation of user privileges.

CVE(s): CVE-2018-1922, CVE-2018-1923, CVE-2018-1936, CVE-2018-1978, CVE-2018-1980, CVE-2019-4014, CVE-2019-4015, CVE-2019-4016, CVE-2019-4094

Affected product(s) and affected version(s):

These vulnerabilities affects the following IBM Spectrum Protect (formerly Tivoli Storage Manager) Server levels:

  • 8.1.0.0 through 8.1.7.xxx
  • 7.1.0.0 through 7.1.9.200

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10882974
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/152858
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/152859
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/153316
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/154069
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/154078
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/155892
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/155893
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/155894
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/158014

The post IBM Security Bulletin: Multiple Db2 vulnerabilities affect the IBM Spectrum Protect Server (CVE-2018-1922, CVE-2018-1923, CVE-2018-1936, CVE-2018-1978, CVE-2018-1980, CVE-2019-4014, CVE-2019-4015, CVE-2019-4016, CVE-2019-4094) appeared first on IBM PSIRT Blog.



from IBM Product Security Incident Response Team https://ift.tt/2IVyIIW

IBM Security Bulletin: IBM Planning Analytics Administration is affected by a vulnerability

Jun 29, 2019 9:02 am EDT

Categorized: Medium Severity

Share this post:

IBM Planning Analytics Administration has addressed a Cross-Site Scripting (XSS) vulnerability which could allow users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. This has been addressed in Planning Analytics Local Release 43.

CVE(s): CVE-2019-4134

Affected product(s) and affected version(s):

Affected Products and Versions

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10886607
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/158281



from IBM Product Security Incident Response Team https://ift.tt/2XdYSKB

Friday, June 28, 2019

MedicareSupplement.com Left 5m Records Exposed

USN-4041-2: Linux kernel (HWE) update

linux-lts-xenial, linux-aws, linux-azure update

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 14.04 ESM

Summary

Several security issues were fixed in the Linux kernel.

Software Description

  • linux-aws - Linux kernel for Amazon Web Services (AWS) systems
  • linux-azure - Linux kernel for Microsoft Azure Cloud systems
  • linux-lts-xenial - Linux hardware enablement kernel from Xenial for Trusty

Details

USN-4041-1 provided updates for the Linux kernel in Ubuntu. This update provides the corresponding updates for the Linux kernel for Ubuntu 16.04 ESM.

USN-4017-2 fixed vulnerabilities in the Linux kernel. Unfortunately, the update introduced a regression that interfered with networking applications that setup very low SO_SNDBUF values. This update fixes the problem.

We apologize for the inconvenience.

Jonathan Looney discovered that the Linux kernel could be coerced into segmenting responses into multiple TCP segments. A remote attacker could construct an ongoing sequence of requests to cause a denial of service. (CVE-2019-11479)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 14.04 ESM
linux-image-4.15.0-1049-azure - 4.15.0-1049.54~14.04.1
linux-image-4.4.0-1048-aws - 4.4.0-1048.52
linux-image-4.4.0-154-generic - 4.4.0-154.181~14.04.1
linux-image-4.4.0-154-generic-lpae - 4.4.0-154.181~14.04.1
linux-image-4.4.0-154-lowlatency - 4.4.0-154.181~14.04.1
linux-image-4.4.0-154-powerpc-e500mc - 4.4.0-154.181~14.04.1
linux-image-4.4.0-154-powerpc-smp - 4.4.0-154.181~14.04.1
linux-image-4.4.0-154-powerpc64-emb - 4.4.0-154.181~14.04.1
linux-image-4.4.0-154-powerpc64-smp - 4.4.0-154.181~14.04.1
linux-image-aws - 4.4.0.1048.49
linux-image-azure - 4.15.0.1049.36
linux-image-generic-lpae-lts-xenial - 4.4.0.154.135
linux-image-generic-lts-xenial - 4.4.0.154.135
linux-image-lowlatency-lts-xenial - 4.4.0.154.135
linux-image-powerpc-e500mc-lts-xenial - 4.4.0.154.135
linux-image-powerpc-smp-lts-xenial - 4.4.0.154.135
linux-image-powerpc64-emb-lts-xenial - 4.4.0.154.135
linux-image-powerpc64-smp-lts-xenial - 4.4.0.154.135
linux-image-virtual-lts-xenial - 4.4.0.154.135

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well.

References



from Ubuntu Security Notices https://ift.tt/2YmPmpY

USN-4041-1: Linux kernel update

linux, linux-aws, linux-aws-hwe, linux-azure, linux-gcp, linux-gke-4.15, linux-hwe, linux-kvm, linux-oem, linux-oracle, linux-raspi2, linux-snapdragon update

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 19.04
  • Ubuntu 18.10
  • Ubuntu 18.04 LTS
  • Ubuntu 16.04 LTS

Summary

Several security issues were fixed in the Linux kernel.

Software Description

  • linux - Linux kernel
  • linux-aws - Linux kernel for Amazon Web Services (AWS) systems
  • linux-azure - Linux kernel for Microsoft Azure Cloud systems
  • linux-gcp - Linux kernel for Google Cloud Platform (GCP) systems
  • linux-kvm - Linux kernel for cloud environments
  • linux-raspi2 - Linux kernel for Raspberry Pi 2
  • linux-snapdragon - Linux kernel for Snapdragon processors
  • linux-gke-4.15 - Linux kernel for Google Container Engine (GKE) systems
  • linux-hwe - Linux hardware enablement (HWE) kernel
  • linux-oem - Linux kernel for OEM processors
  • linux-oracle - Linux kernel for Oracle Cloud systems
  • linux-aws-hwe - Linux kernel for Amazon Web Services (AWS-HWE) systems

Details

USN-4017-1 fixed vulnerabilities in the Linux kernel for Ubuntu. Unfortunately, the update introduced a regression that interfered with networking applications that setup very low SO_SNDBUF values. This update fixes the problem.

We apologize for the inconvenience.

Jonathan Looney discovered that the Linux kernel could be coerced into segmenting responses into multiple TCP segments. A remote attacker could construct an ongoing sequence of requests to cause a denial of service.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 19.04
linux-image-5.0.0-1010-aws - 5.0.0-1010.11
linux-image-5.0.0-1010-azure - 5.0.0-1010.10
linux-image-5.0.0-1010-gcp - 5.0.0-1010.10
linux-image-5.0.0-1010-kvm - 5.0.0-1010.11
linux-image-5.0.0-1012-raspi2 - 5.0.0-1012.12
linux-image-5.0.0-1016-snapdragon - 5.0.0-1016.17
linux-image-5.0.0-20-generic - 5.0.0-20.21
linux-image-5.0.0-20-generic-lpae - 5.0.0-20.21
linux-image-5.0.0-20-lowlatency - 5.0.0-20.21
linux-image-aws - 5.0.0.1010.10
linux-image-azure - 5.0.0.1010.9
linux-image-gcp - 5.0.0.1010.10
linux-image-generic - 5.0.0.20.21
linux-image-generic-lpae - 5.0.0.20.21
linux-image-gke - 5.0.0.1010.10
linux-image-kvm - 5.0.0.1010.10
linux-image-lowlatency - 5.0.0.20.21
linux-image-raspi2 - 5.0.0.1012.9
linux-image-snapdragon - 5.0.0.1016.9
linux-image-virtual - 5.0.0.20.21
Ubuntu 18.10
linux-image-4.18.0-1015-gcp - 4.18.0-1015.16
linux-image-4.18.0-1016-kvm - 4.18.0-1016.17
linux-image-4.18.0-1018-raspi2 - 4.18.0-1018.21
linux-image-4.18.0-1020-aws - 4.18.0-1020.24
linux-image-4.18.0-1023-azure - 4.18.0-1023.24
linux-image-4.18.0-25-generic - 4.18.0-25.26
linux-image-4.18.0-25-generic-lpae - 4.18.0-25.26
linux-image-4.18.0-25-lowlatency - 4.18.0-25.26
linux-image-4.18.0-25-snapdragon - 4.18.0-25.26
linux-image-aws - 4.18.0.1020.20
linux-image-azure - 4.18.0.1023.25
linux-image-gcp - 4.18.0.1015.15
linux-image-generic - 4.18.0.25.26
linux-image-generic-lpae - 4.18.0.25.26
linux-image-gke - 4.18.0.1015.15
linux-image-kvm - 4.18.0.1016.16
linux-image-lowlatency - 4.18.0.25.26
linux-image-powerpc-e500mc - 4.18.0.25.26
linux-image-powerpc-smp - 4.18.0.25.26
linux-image-powerpc64-emb - 4.18.0.25.26
linux-image-powerpc64-smp - 4.18.0.25.26
linux-image-raspi2 - 4.18.0.1018.15
linux-image-snapdragon - 4.18.0.25.26
linux-image-virtual - 4.18.0.25.26
Ubuntu 18.04 LTS
linux-image-4.15.0-1017-oracle - 4.15.0-1017.19
linux-image-4.15.0-1036-gcp - 4.15.0-1036.38
linux-image-4.15.0-1036-gke - 4.15.0-1036.38
linux-image-4.15.0-1038-kvm - 4.15.0-1038.38
linux-image-4.15.0-1040-raspi2 - 4.15.0-1040.43
linux-image-4.15.0-1043-aws - 4.15.0-1043.45
linux-image-4.15.0-1045-oem - 4.15.0-1045.50
linux-image-4.15.0-1057-snapdragon - 4.15.0-1057.62
linux-image-4.15.0-54-generic - 4.15.0-54.58
linux-image-4.15.0-54-generic-lpae - 4.15.0-54.58
linux-image-4.15.0-54-lowlatency - 4.15.0-54.58
linux-image-4.18.0-1023-azure - 4.18.0-1023.24~18.04.1
linux-image-4.18.0-25-generic - 4.18.0-25.26~18.04.1
linux-image-4.18.0-25-generic-lpae - 4.18.0-25.26~18.04.1
linux-image-4.18.0-25-lowlatency - 4.18.0-25.26~18.04.1
linux-image-4.18.0-25-snapdragon - 4.18.0-25.26~18.04.1
linux-image-aws - 4.15.0.1043.42
linux-image-azure - 4.18.0.1023.21
linux-image-gcp - 4.15.0.1036.38
linux-image-generic - 4.15.0.54.56
linux-image-generic-hwe-18.04 - 4.18.0.25.74
linux-image-generic-lpae - 4.15.0.54.56
linux-image-generic-lpae-hwe-18.04 - 4.18.0.25.74
linux-image-gke - 4.15.0.1036.39
linux-image-gke-4.15 - 4.15.0.1036.39
linux-image-kvm - 4.15.0.1038.38
linux-image-lowlatency - 4.15.0.54.56
linux-image-lowlatency-hwe-18.04 - 4.18.0.25.74
linux-image-oem - 4.15.0.1045.49
linux-image-oracle - 4.15.0.1017.20
linux-image-powerpc-e500mc - 4.15.0.54.56
linux-image-powerpc-smp - 4.15.0.54.56
linux-image-powerpc64-emb - 4.15.0.54.56
linux-image-powerpc64-smp - 4.15.0.54.56
linux-image-raspi2 - 4.15.0.1040.38
linux-image-snapdragon - 4.15.0.1057.60
linux-image-snapdragon-hwe-18.04 - 4.18.0.25.74
linux-image-virtual - 4.15.0.54.56
linux-image-virtual-hwe-18.04 - 4.18.0.25.74
Ubuntu 16.04 LTS
linux-image-4.15.0-1017-oracle - 4.15.0-1017.19~16.04.2
linux-image-4.15.0-1036-gcp - 4.15.0-1036.38~16.04.1
linux-image-4.15.0-1043-aws - 4.15.0-1043.45~16.04.1
linux-image-4.15.0-1049-azure - 4.15.0-1049.54
linux-image-4.15.0-54-generic - 4.15.0-54.58~16.04.1
linux-image-4.15.0-54-generic-lpae - 4.15.0-54.58~16.04.1
linux-image-4.15.0-54-lowlatency - 4.15.0-54.58~16.04.1
linux-image-4.4.0-1051-kvm - 4.4.0-1051.58
linux-image-4.4.0-1087-aws - 4.4.0-1087.98
linux-image-4.4.0-1114-raspi2 - 4.4.0-1114.123
linux-image-4.4.0-1118-snapdragon - 4.4.0-1118.124
linux-image-4.4.0-154-generic - 4.4.0-154.181
linux-image-4.4.0-154-generic-lpae - 4.4.0-154.181
linux-image-4.4.0-154-lowlatency - 4.4.0-154.181
linux-image-4.4.0-154-powerpc-e500mc - 4.4.0-154.181
linux-image-4.4.0-154-powerpc-smp - 4.4.0-154.181
linux-image-4.4.0-154-powerpc64-emb - 4.4.0-154.181
linux-image-4.4.0-154-powerpc64-smp - 4.4.0-154.181
linux-image-aws - 4.4.0.1087.90
linux-image-aws-hwe - 4.15.0.1043.43
linux-image-azure - 4.15.0.1049.52
linux-image-gcp - 4.15.0.1036.50
linux-image-generic - 4.4.0.154.162
linux-image-generic-hwe-16.04 - 4.15.0.54.75
linux-image-generic-lpae - 4.4.0.154.162
linux-image-generic-lpae-hwe-16.04 - 4.15.0.54.75
linux-image-gke - 4.15.0.1036.50
linux-image-kvm - 4.4.0.1051.51
linux-image-lowlatency - 4.4.0.154.162
linux-image-lowlatency-hwe-16.04 - 4.15.0.54.75
linux-image-oem - 4.15.0.54.75
linux-image-oracle - 4.15.0.1017.11
linux-image-powerpc-e500mc - 4.4.0.154.162
linux-image-powerpc-smp - 4.4.0.154.162
linux-image-powerpc64-emb - 4.4.0.154.162
linux-image-powerpc64-smp - 4.4.0.154.162
linux-image-raspi2 - 4.4.0.1114.114
linux-image-snapdragon - 4.4.0.1118.110
linux-image-virtual - 4.4.0.154.162
linux-image-virtual-hwe-16.04 - 4.15.0.54.75

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well.

References



from Ubuntu Security Notices https://ift.tt/2FGyvHz

IBM Security Bulletin: A cross-site scripting vulnerability occurs in IBM Business Automation Workflow and IBM Business Process Manager (BPM) (CVE-2019-4410)

A cross-site scripting vulnerability was found in IBM Business Automation Workflow and IBM Business Process Manager.

CVE(s): CVE-2019-4410

Affected product(s) and affected version(s):

– IBM Business Automation Workflow V18.0.0.0 through V19.0.0.1

– IBM Business Process Manager V8.6.0.0 through V8.6.0.0 Cumulative Fix 2018.03

– IBM Business Process Manager V8.5.7.0 through V8.5.7.0 Cumulative Fix 2017.06

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10888037
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/162657

The post IBM Security Bulletin: A cross-site scripting vulnerability occurs in IBM Business Automation Workflow and IBM Business Process Manager (BPM) (CVE-2019-4410) appeared first on IBM PSIRT Blog.



from IBM Product Security Incident Response Team https://ift.tt/31YUXFl

IBM Security Bulletin: IBM® Db2® is vulnerable to denial of service (CVE-2019-4386).

Jun 28, 2019 9:04 am EDT

Categorized: Medium Severity

Share this post:

Db2 is vulnerable to a denial of service. Db2 could allow an authenticated user to execute a function that would cause the server to crash.

CVE(s): CVE-2019-4386

Affected product(s) and affected version(s):
Db2 11.1.4.4 and up on all platforms are affected. Db2 11.1.3.3 iFix 002 and earlier, Db2 10.5, Db2 10.1, and Db2 9.7 are not affected.

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10886809
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/162174



from IBM Product Security Incident Response Team https://ift.tt/329RRhU

IBM Security Bulletin: Privilege escalation and code injection vulnerabilities in IBM Spectrum Protect Plus application protection (CVE-2019-4383, CVE-2019-4357)

IBM Spectrum Protect Plus application protection could allow a local attacker to gain elevated privileges or execute arbitrary code on the system.

CVE(s): CVE-2019-4383, CVE-2019-4357

Affected product(s) and affected version(s):
IBM Spectrum Protect Plus 10.1.1 (Oracle) IBM Spectrum Protect Plus 10.1.2 (Oracle and Db2) IBM Spectrum Protect Plus 10.1.3 (Oracle, Db2, and MongoDB)

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10886111
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/162165
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/161667

The post IBM Security Bulletin: Privilege escalation and code injection vulnerabilities in IBM Spectrum Protect Plus application protection (CVE-2019-4383, CVE-2019-4357) appeared first on IBM PSIRT Blog.



from IBM Product Security Incident Response Team https://ift.tt/321zoUH

IBM Security Bulletin: A vulnerability in Apache ZooKeeper could affect IBM Cloud App Management

Jun 28, 2019 9:03 am EDT

Categorized: High Severity

Share this post:

There is a vulnerability in Apache ZooKeeper used by IBM® Cloud App Management. Apache ZooKeeper could allow a remote attacker to obtain sensitive information, caused by the failure to check permissions by the getACL() command. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to obtain sensitive information. IBM® Cloud App Management has addressed the applicable CVE in a later version.

CVE(s): CVE-2019-0201

Affected product(s) and affected version(s):

IBM Cloud App Management V2018.2.0
IBM Cloud App Management V2018.4.0
IBM Cloud App Management V2018.4.1
IBM Cloud App Management V2019.2.0

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10957455
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/161303



from IBM Product Security Incident Response Team https://ift.tt/31YUVNJ

IBM Security Bulletin: IBM Robotic Process Automation Ignite Cluster Nodes are missing authentication (CVE-2019-4337)

IBM Robotic Process Automation Ignite Cluster Nodes are missing authentication

CVE(s): CVE-2019-4337

Affected product(s) and affected version(s):

Affected IBM Robotic Process Automation with Automation Anywhere Affected Versions
IBM Robotic Process Automation with Automation Anywhere 11.0

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10884850
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/161412

The post IBM Security Bulletin: IBM Robotic Process Automation Ignite Cluster Nodes are missing authentication (CVE-2019-4337) appeared first on IBM PSIRT Blog.



from IBM Product Security Incident Response Team https://ift.tt/31YUVgH

IBM Security Bulletin: IBM Robotic Process Automation Forgot-Password functionality is vulnerable to Brute-Force attacks (CVE-2019-4336)

IBM Robotic Process Automation Forgot-Password functionality is vulnerable to Brute-Force attacks

CVE(s): CVE-2019-4336

Affected product(s) and affected version(s):

Affected IBM Robotic Process Automation with Automation Anywhere Affected Versions
IBM Robotic Process Automation with Automation Anywhere 11.0

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10884848
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/161411

The post IBM Security Bulletin: IBM Robotic Process Automation Forgot-Password functionality is vulnerable to Brute-Force attacks (CVE-2019-4336) appeared first on IBM PSIRT Blog.



from IBM Product Security Incident Response Team https://ift.tt/31ZgGNu

IBM Security Bulletin: Multiple buffer overflow vulnerabilities exist in IBM® Db2® leading to privilege escalation (CVE-2019-4322).

Multiple buffer overflow vulnerabilities exist in IBM® Db2® leading to privilege escalation from an authenticated local user to either root or instance owner.

CVE(s): CVE-2019-4322

Affected product(s) and affected version(s):
All fix pack levels of IBM Db2 V9.7, V10.1, V10.5, and V11.1 editions on all platforms are affected.

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10884444
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/161202

The post IBM Security Bulletin: Multiple buffer overflow vulnerabilities exist in IBM® Db2® leading to privilege escalation (CVE-2019-4322). appeared first on IBM PSIRT Blog.



from IBM Product Security Incident Response Team https://ift.tt/322oRsq

IBM Security Bulletin: IBM MessageSight is affected by the following four IBM Java vulnerabilities

Jun 28, 2019 9:03 am EDT

Categorized: High Severity

Share this post:

IBM MessageSight has addressed the following Java vulnerabilities: CVE-2019-2698: An attacker can use a maliciously crafted font to exploit a flaw in the JDK’s font parsing code CVE-2019-2697: An attacker can use a maliciously crafted font to exploit a flaw in the JDK’s font parsing code CVE-2019-2602: A flaw in the java.math.BigDecimal API causes hangs when parsing certain String values CVE-2019-10245: A flaw in the OpenJ9 class verifier potentially allows untrusted code to elevate its privileges and execute arbitrary code

CVE(s): CVE-2019-2698, CVE-2019-2697, CVE-2019-2602, CVE-2019-10245

Affected product(s) and affected version(s):

Affected IBM MessageSight Affected Versions
IBM MessageSight 1.2.0.0 – 1.2.0.3
IBM MessageSight 2.0.0.0 – 2.0.0.2
IBM MessageSight 5.0.0.0
IBM MessageSight 5.0.0.1

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10886353
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/159790
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/159789
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/159698
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/160010



from IBM Product Security Incident Response Team https://ift.tt/321zprJ

IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli Netcool Impact April 2019 CPU

Jun 28, 2019 9:03 am EDT

Categorized: High Severity

Share this post:

There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 6, 8 used by IBM Tivoli Netcool Impact. IBM Tivoli Netcool Impact has addressed the applicable CVEs. These issues were also addressed by IBM WebSphere Application Server shipped with IBM Tivoli Netcool Impact.

CVE(s): CVE-2019-2684, CVE-2019-2602

Affected product(s) and affected version(s):
IBM Tivoli Netcool Impact 6.1.0.0 – 6.1.0.4 Interim Fix 1
IBM Tivoli Netcool Impact 6.1.1.0 – 6.1.1.5 Interim Fix 2
IBM Tivoli Netcool Impact 7.1.0.0 – 7.1.0.15

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10957495
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/159776
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/159698



from IBM Product Security Incident Response Team https://ift.tt/2Jei99V

IBM Security Bulletin: IBM Robotic Process Automation prints E-Mail contents to the client debug log file (CVE-2019-4296)

IBM Robotic Process Automation prints E-Mail contents to the client debug log file

CVE(s): CVE-2019-4296

Affected product(s) and affected version(s):

Affected IBM Robotic Process Automation with Automation Anywhere Affected Versions
IBM Robotic Process Automation with Automation Anywhere 11.0

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10884844
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/160759

The post IBM Security Bulletin: IBM Robotic Process Automation prints E-Mail contents to the client debug log file (CVE-2019-4296) appeared first on IBM PSIRT Blog.



from IBM Product Security Incident Response Team https://ift.tt/2Nj9xEl

Attackers Hack PCM Inc. to Access to Client Files

This Week in Security News: Malvertising and Internet of Things Malware

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about a new Internet of Things malware that’s bricked thousands of devices. Also, read about a ransomware family that’s using malvertising to direct victims to a RIG exploit kit.

Read on:

 

Shadowgate Returns to Worldwide Operations with Evolved Greenflash Sundown Exploit Kit

After almost two years of sporadic restricted activity, the ShadowGate campaign has started delivering cryptocurrency miners with a newly upgraded version of the Greenflash Sundown exploit kit, which has been spotted targeting global victims after primarily operating in Asia. 

Silex Malware Bricks IoT Devices with Weak Passwords

A new Internet of Things malware called Silex only operated for about a day, though it has already managed to quickly spread and wipe devices’ firmware, bricking thousands of IoT devices. 

Top Takeaways from AWS Security Chief Stephen Schmidt at re:Inforce 2019

Steven Schmidt’s keynote address at AWS re:Inforce touched on the current state of cloud security, building a security culture, tactical security tips and a road map of where the industry and technology are headed. 

AWS re:Inforce Warm-Up Episode

Mark Nunnikhoven gives key predictions and insights into trends at AWS re:Inforce, security in the top three major public cloud providers and the evolution of the cloud industry as a whole. 

Dell Urges Millions of Users to Patch Vulnerability in SupportAssist Tool

Dell released a security advisory that implored customers to update the vulnerable SupportAssist application in both business and home machines. The privilege escalation vulnerability can give hackers access to sensitive information and control over millions of Dell computers running Windows.

HTTPS Protocol Now Used in 58% of Phishing Websites

According to the Q1 2019 report from the Anti-Phishing Working Group (APWG), the Hypertext Transfer Protocol Secure (HTTPS) protocol tactic has been on the rise in phishing attacks, now used in 58% of phishing websites.  

Federal Cybersecurity Defenses are Critical Failures, Senate Report Warns

A 10-month review of 10 years of inspector general reports revealed that several Federal agencies responsible for safeguarding millions of Americans’ security, public safety and personal data have failed to apply even basic defenses to cyberattacks.

Kubernetes Vulnerability CVE-2019-11246 Discovered Due to Incomplete Updates from a Previous Flaw

Kubernetes announced the discovery of a high-severity vulnerability that, if exploited, could lead to a directory traversal that allows an attacker to use a malicious container to create or replace files in a user’s workstation. 

The IIoT Attack Surface: Threats and Security Solutions

Many manufacturing factories and energy plants have hundreds of IIoT devices that help streamline operations, but those facilities now also have to defend against new threats that take advantage of attack vectors and weaknesses in the technology. 

Facebook’s Bid to Quash Data Breach Lawsuit Dismissed by Judge

Facebook has failed in its attempt to prevent a lawsuit over a data breach impacting close to 30 million users from going to trial. A federal appeals court in San Francisco rejected the social media giant’s request to dismiss the court case out of hand.

Sodinokibi Ransomware Group Adds Malvertising as Delivery Technique

Attackers behind a ransomware family called Sodinokibi have used a variety of delivery vectors since April: malicious spam, vulnerable servers, managed server providers (MSPs) and now malvertising. The malicious advertisements were on the PopCash ad network, and certain conditions would redirect users to the RIG exploit kit. 

CVE-2019-8635: Double Free Vulnerability in Apple macOS Lets Attackers Escalate System Privileges and Execute Arbitrary Code

Trend Micro discovered and disclosed a double free vulnerability in macOS that, if successfully exploited, can allow an attacker to implement privilege escalation and execute malicious code on the system with root privileges.

Using Whitelisting to Remediate an RCE Vulnerability (CVE-2019-2729) in Oracle WebLogic

Trend Micro took a closer look at Oracle’s recent vulnerability CVE-2019-2729 to see how this class of vulnerability has been remediated — particularly via blacklisting or whitelisting — and why it has become a recurring security issue.

95,000 Delawareans Impacted in Data Breach that Lasted Nearly Nine Years

The personal data of roughly 95,000 Delawareans may have been compromised in a nine-year security breach at Dominion National, a large vision and dental insurer, according to Delaware’s Department of Insurance.

Do you feel that the IoT devices in your home are well-protected against cyberattacks? Share your thoughts in the comments below or follow me on Twitter to continue the conversation: @JonLClay. 

The post This Week in Security News: Malvertising and Internet of Things Malware appeared first on .



from Trend Micro Simply Security https://ift.tt/2XbOqZ7
via IFTTT

Is your phone listening to your conversations? Paranoid's guide to settings you can change


If you see an ad pop up on your phone shortly after you've had a verbal conversation about the same item, you might suspect that your phone is listening in to your conversation.

Although location services, browsing history, and cookies are much more effective ways that advertisers can keep track of us, there are some settings you can enable on your devices to reassure yourself that the apps on your phone have only the permissions you have set.



from Latest Topic for ZDNet in... https://ift.tt/2XFWnFj

Threat Roundup for June 21 to June 28

Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between June 21 and June 28. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavioral characteristics, indicators of compromise, and discussing how our customers are automatically protected from these threats.

As a reminder, the information provided for the following threats in this post is non-exhaustive and current as of the date of publication. Additionally, please keep in mind that IOC searching is only one part of threat hunting. Spotting a single IOC does not necessarily indicate maliciousness. Detection and coverage for the following threats is subject to updates, pending additional threat or vulnerability analysis. For the most current information, please refer to your Firepower Management Center, Snort.org, or ClamAV.net.

Read More at Talosintelligence.com

 

Reference
TRU06282019 – This is a JSON file that includes the IOCs referenced in this post, as well as all hashes associated with the cluster. The list is limited to 25 hashes in this blog post. As always, please remember that all IOCs contained in this document are indicators, and that one single IOC does not indicate maliciousness. See the Read More link above for more details.



from Cisco Blog » Security https://ift.tt/31W8JZr

Almost half of US home security system owners admit their systems were switched off before a break in

Vuln: Symantec Endpoint Encryption CVE-2019-9703 Local Privilege Escalation Vulnerability



Symantec Endpoint Encryption is prone to an unspecified local privilege-escalation vulnerability.

Local attackers can exploit this issue to gain elevated privileges.

Versions prior to Symantec Endpoint Encryption 11.3.0 are vulnerable.
exploit



Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: vuldb@securityfocus.com.
solution



Solution:
Updates are available. Please see the references or vendor advisory for more information.

info



Bugtraq ID: 108796
Class: Design Error
CVE: CVE-2019-9703
Remote: No
Local: Yes
Published: Jun 28 2019 12:00AM
Updated: Jun 28 2019 12:00AM
Credit: Kyriakos Economou (@kyREcon) of Nettitude.
Vulnerable: Symantec Endpoint Encryption 11.2
Symantec Endpoint Encryption 11.1.3
Symantec Endpoint Encryption 11.1.2
Symantec Endpoint Encryption 11.1.1
Symantec Endpoint Encryption 11.1
Symantec Endpoint Encryption 11.2.1 MP1
Symantec Endpoint Encryption 11.1.3 MP1
Symantec Endpoint Encryption 11.1.3 HF3
Symantec Endpoint Encryption 11.1.3 HF2
Symantec Endpoint Encryption 11.0
Symantec Encryption Desktop 10.4.1 MP1
Symantec Encryption Desktop 10.3
Symantec Encryption Desktop 10.4.1 MP2HF1
Symantec Encryption Desktop 10.4.1 MP2
Symantec Encryption Desktop 10.3.2 MP3
Symantec Encryption Desktop 10.3.2
Symantec Encryption Desktop 10.3.1
Symantec Encryption Desktop 10.3.0 MP3
Symantec Encryption Desktop 10.3.0 MP2
Not Vulnerable: Symantec Endpoint Encryption 11.3.0
references



References:


from SecurityFocus Vulnerabilities https://ift.tt/2JcjnCI

Vuln: Symantec Endpoint Encryption CVE-2019-9702 Local Privilege Escalation Vulnerability



Symantec Endpoint Encryption is prone to an unspecified local privilege-escalation vulnerability.

Local attackers can exploit this issue to gain elevated privileges.

Versions prior to Symantec Endpoint Encryption 11.3.0 are vulnerable.
exploit



Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: vuldb@securityfocus.com.
solution



Solution:
Updates are available. Please see the references or vendor advisory for more information.

info



Bugtraq ID: 108795
Class: Design Error
CVE: CVE-2019-9702
Remote: No
Local: Yes
Published: Jun 28 2019 12:00AM
Updated: Jun 28 2019 12:00AM
Credit: Kyriakos Economou
Vulnerable: Symantec Endpoint Encryption 11.2
Symantec Endpoint Encryption 11.1.3
Symantec Endpoint Encryption 11.1.2
Symantec Endpoint Encryption 11.1.1
Symantec Endpoint Encryption 11.1
Symantec Endpoint Encryption 11.2.1 MP1
Symantec Endpoint Encryption 11.1.3 MP1
Symantec Endpoint Encryption 11.1.3 HF3
Symantec Endpoint Encryption 11.1.3 HF2
Symantec Endpoint Encryption 11.0
Symantec Encryption Desktop 10.4.1 MP1
Symantec Encryption Desktop 10.3
Symantec Encryption Desktop 10.4.1 MP2HF1
Symantec Encryption Desktop 10.4.1 MP2
Symantec Encryption Desktop 10.3.2 MP3
Symantec Encryption Desktop 10.3.2
Symantec Encryption Desktop 10.3.1
Symantec Encryption Desktop 10.3.0 MP3
Symantec Encryption Desktop 10.3.0 MP2
Not Vulnerable: Symantec Endpoint Encryption 11.3.0
references



References:


from SecurityFocus Vulnerabilities https://ift.tt/2XeUoZ3

Vuln: Advantech WebAccess/SCADA ICSA-19-178-05 Multiple Security Vulnerabilities



Advantech WebAccess/SCADA is prone to the following security vulnerabilities:

1. A directory-traversal vulnerability
2. Multiple stack-based buffer-overflow vulnerabilities
3. Multiple heap-based buffer-overflow vulnerabilities
4. An information disclosure vulnerability
5. Multiple remote-code execution vulnerabilities

An attacker can exploit these issues to execute arbitrary code in the context of the application, modify and delete files, use directory-traversal sequences (â??../â??) to retrieve arbitrary files, escalate privileges and perform certain unauthorized actions or obtain sensitive information. This may aid in further attacks.

Advantech WebAccess/SCADA Versions 8.3.5 and prior versions are vulnerable.
exploit



Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: vuldb@securityfocus.com.
solution



Solution:
Updates are available. Please see the references or vendor advisory for more information.

info



Bugtraq ID: 108923
Class: Unknown
CVE: CVE-2019-10985
CVE-2019-10991
CVE-2019-10989
CVE-2019-10983
CVE-2019-10987
CVE-2019-10993
Remote: Yes
Local: No
Published: Jun 27 2019 12:00AM
Updated: Jun 27 2019 12:00AM
Credit: Mat Powell, Natnael Samson and EljahLG working with Trend Microâ??s Zero Day Initiative.
Vulnerable: Advantech WebAccess/SCADA 8.3.5
Advantech WebAccess/SCADA 8.3.4
Advantech WebAccess/SCADA 8.3.2
Advantech WebAccess/SCADA 8.3
Advantech WebAccess/SCADA 8.1
Advantech WebAccess/SCADA 8.0
Advantech WebAccess/SCADA 7.2
Not Vulnerable: Advantech WebAccess/SCADA 8.4.1
references



References:


from SecurityFocus Vulnerabilities https://ift.tt/2REguyn

Data Mapping & Discovery Tools Top Privacy Shopping Lists

Ring Smart Lighting review: Convenient and affordable home security products

Popular grief support page hacked, ignored for weeks by Facebook

AWS S3 server leaks data from Fortune 100 companies: Ford, Netflix, TD Bank

New Dridex malware strain avoids antivirus software detection

Vuln: OpenJPEG Multiple Security Vulnerabilities



OpenJPEG is prone to the following vulnerabilities:

1. Multiple denial-of-service vulnerabilities
2. An integer-overflow vulnerability

Attackers can exploit these issues to cause the application to crash or execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely cause denial-of-service conditions.

OpenJPEG version 2.3.0 and prior are vulnerable; other versions may also be affected.
exploit



Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: vuldb@securityfocus.com.
solution



Solution:
Updates are available. Please see the references or vendor advisory for more information.

info



Bugtraq ID: 108921
Class: Boundary Condition Error
CVE: CVE-2018-20845
CVE-2018-20846
CVE-2018-20847
Remote: Yes
Local: No
Published: Jun 26 2019 12:00AM
Updated: Jun 26 2019 12:00AM
Credit: The vendor reported these issues.
Vulnerable: OpenJPEG OpenJPEG 2.3
OpenJPEG OpenJPEG 2.1.2
OpenJPEG OpenJPEG 2.1.1
OpenJPEG OpenJPEG 2.1
OpenJPEG OpenJPEG 1.5
OpenJPEG OpenJPEG 2.2.0
OpenJPEG OpenJPEG 2.0.0
OpenJPEG OpenJPEG 1.5.2
OpenJPEG OpenJPEG 1.5.1
OpenJPEG OpenJPEG 1.5
OpenJPEG OpenJPEG 1.4
OpenJPEG OpenJPEG 1.3
OpenJPEG OpenJPEG 1.0
Not Vulnerable:
references



from SecurityFocus Vulnerabilities https://ift.tt/2KKK9VM

Five Million IP Camera Cyber-Attacks Blocked in Just Five Months

Five Million IP Camera Cyber-Attacks Blocked in Just Five Months

Silexbot Bricks Nearly 4000 IoT Devices

Microsoft Edge gets 'Tracking Prevention' feature

Vuln: IBM Sterling B2B Integrator CVE-2019-4377 Information Disclosure Vulnerability



IBM Sterling B2B Integrator is prone to an information-disclosure vulnerability.

Attackers can exploit this issue to obtain sensitive information that may lead to further attacks.

IBM Sterling B2B Integrator 6.0.0.0 through 6.0.0.1 are vulnerable.
exploit



Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: vuldb@securityfocus.com.
solution



Solution:
Updates are available. Please see the references or vendor advisory for more information.

info



Bugtraq ID: 108915
Class: Design Error
CVE: CVE-2019-4377
Remote: Yes
Local: No
Published: Jun 28 2019 12:00AM
Updated: Jun 28 2019 12:00AM
Credit: The vendor reported this issue.
Vulnerable: IBM Sterling B2B Integrator 6.0.0.1
IBM Sterling B2B Integrator 6.0.0.0
Not Vulnerable: IBM Sterling B2B Integrator 6.0.1.0
references



from SecurityFocus Vulnerabilities https://ift.tt/2NtBjxM

Thursday, June 27, 2019

Germany and the Netherlands to build the first ever joint military internet

SK Telecom develops quantum key switching tech

Singapore unveils framework to facilitate 'trusted' data-sharing between organisations

Vuln: ImageMagick Multiple Security Vulnerabilities



ImageMagick is prone to multiple security vulnerabilities.

Successfully exploiting these issues may allow an attacker to gain access to sensitive information, bypass certain security restrictions and to perform unauthorized actions or cause a denial-of-service condition. This may aid in launching further attacks. Due to the nature of this issue, code execution may be possible but this has not been confirmed.

ImageMagick version 7.0.8-34 is vulnerable; other versions may also be affected.
exploit



The researcher has created a proof-of-concept to demonstrate the issue. Please see the references for more information.
solution



Solution:
Updates are available. Please see the references or vendor advisory for more information.

info



Bugtraq ID: 108913
Class: Unknown
CVE: CVE-2019-12974
CVE-2019-12975
CVE-2019-12976
CVE-2019-12979
CVE-2019-12977
CVE-2019-12978
Remote: Yes
Local: No
Published: Jun 26 2019 12:00AM
Updated: Jun 26 2019 12:00AM
Credit: The vendor reported this issue.
Vulnerable: ImageMagick ImageMagick 7.0.8-34
Not Vulnerable:
references



from SecurityFocus Vulnerabilities https://ift.tt/2ISKu6P

USN-4042-1: poppler vulnerabilities

poppler vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 19.04
  • Ubuntu 18.10
  • Ubuntu 18.04 LTS
  • Ubuntu 16.04 LTS

Summary

Several security issues were fixed in poppler.

Software Description

  • poppler - PDF rendering library

Details

It was discovered that poppler incorrectly handled certain files. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service, or possibly execute arbitrary code

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 19.04
libpoppler85 - 0.74.0-0ubuntu1.2
poppler-utils - 0.74.0-0ubuntu1.2
Ubuntu 18.10
libpoppler79 - 0.68.0-0ubuntu1.7
poppler-utils - 0.68.0-0ubuntu1.7
Ubuntu 18.04 LTS
libpoppler73 - 0.62.0-2ubuntu2.9
poppler-utils - 0.62.0-2ubuntu2.9
Ubuntu 16.04 LTS
libpoppler58 - 0.41.0-0ubuntu1.14
poppler-utils - 0.41.0-0ubuntu1.14

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References



from Ubuntu Security Notices https://ift.tt/2X7MrA0