[SECURITY] [DLA 1991-1] libssh2 security update


Package : libssh2 Version : 1.4.3-4.1+deb8u6 CVE ID : CVE-2019-17498 Debian Bug : 943562 In libssh2, SSH_MSG_DISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an attacker to specify an arbitrary (out-of-bounds) offset for a subsequent memory read. A crafted SSH server may be able to disclose sensitive information or cause a denial of service condition on the client system when a user connects to the server For Debian 8 "Jessie", this problem has been fixed in version 1.4.3-4.1+deb8u6.

https://lists.debian.org/debian-lts-announce/2019/11/msg00010.html

Cross-site scripting (XSS) en TIBCO EBX

Fecha de publicación: 13/11/2019
Importancia: 4 - Alta

Recursos afectados: 
El servidor web de las siguientes versiones de TIBCO EBX:
5.8.1.fixR y anteriores
5.9.3, 5.9.4, 5.9.5 y 5.9.6
En el interfaz web del Digital Asset Manager de las siguientes versiones de los complementos (Add-ons) de TIBCO EBX:
3.20.13 y anteriores
4.1.0, 4.2.0, 4.2.1 y 4.2.2
En el interfaz web del Data Exchange las siguientes versiones de los complementos (Add-ons) de TIBCO EBX:
3.20.13 y anteriores
4.1.0

Descripción: 
TIBCO ha publicado 3 vulnerabilidades que afectan a varios de sus productos, que permitirían a un atacante realizar ataques cross-site scripting (XSS).

https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/cross-site-scripting-xss-tibco-ebx

SCShell: movimientos laterales a través del service manager

https://www.hackplayers.com/2019/11/scshell-movimientos-laterales-sc.html

#Google Fixes White Screen Problem in #Chrome, Admins Furious

Google has rolled back an experimental WebContent Occlusion feature that caused major disruption for enterprise users using Chrome in a multi-user terminal server environment. While the issue is now fixed, enterprise admins are furious that this feature was enabled in the first place without their knowledge or permission.

https://www.bleepingcomputer.com/news/software/google-fixes-white-screen-problem-in-chrome-admins-furious/

Vulnerabilidad de inyección CSV en UCD de IBM

Fecha de publicación: 15/11/2019
Importancia: 4 - Alta

Recursos afectados: 
UCD - IBM UrbanCode Deploy.

Descripción: 
Se ha publicado una vulnerabilidad de inyección CSV que podría permitir la generación de un archivo de descarga CSV malicioso.

Solución: 
Actualizar a la versión 7.0.4.0 o posterior.

https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/vulnerabilidad-inyeccion-csv-ucd-ibm

Vulnerabilidad de denegación de servicio en BIG-IP de F5

Fecha de publicación: 15/11/2019
Importancia: 4 - Alta

Recursos afectados: 
BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator), versiones desde 14.0.0, hasta 14.1.0.1.

Descripción: 
Los servidores virtuales BIG-IP, con TLS 1.3, activado podrían experimentar una denegación de servicio (DoS) debido a mensajes entrantes no revelados.

https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/vulnerabilidad-denegacion-servicio-big-ip-f5

Attention is All They Need: Combatting Social Media Information Operations With Neural Language Models

https://www.fireeye.com/blog/threat-research/2019/11/combatting-social-media-information-operations-neural-language-models.html

Changing security incident response by utilizing the power of the cloud— #DART tools, techniques, and procedures: part 1

This is the first in a blog series discussing the tools, techniques, and procedures that the #Microsoft Detection and Response Team (DART) use to investigate cybersecurity incidents at our customer organizations.

https://www.microsoft.com/security/blog/2019/11/14/security-incident-response-utilizing-cloud-dart-tools-techniques-procedures-part-1/

#Microsoft issues patch for Internet Explorer zero‑day

The critical vulnerability could also be exploited via a malicious Microsoft Office document

Microsoft has shipped out a fix for a critical flaw in Internet Explorer (IE) that is being exploited in the wild. Tracked as CVE-2019-1429, the vulnerability is part of this month’s batch of regular security updates known as Patch Tuesday.

https://www.welivesecurity.com/2019/11/14/microsoft-patch-internet-explorer-zero-day/

#Microsoft Removes #Windows10 1909 Realtek Driver Update Block

Microsoft removed a compatibility hold caused by outdated Realtek Bluetooth drivers and published a support document describing a workaround designed to help Windows 10 users still affected by the safeguard hold.

https://www.bleepingcomputer.com/news/microsoft/microsoft-removes-windows-10-1909-realtek-driver-update-block/

Experts found undocumented access feature in Siemens SIMATIC PLCs

Researchers discovered a vulnerability in Siemens SIMATIC S7-1200 programmable logic controller (PLC) that could allow attackers to execute arbitrary code on vulnerable devices.

https://securityaffairs.co/wordpress/93939/ics-scada/siemens-simatic-flaw.html

Critical Vulnerability in Android Phone Let Hackers Execute an Arbitrary Code Remotely

Researchers discovered a new Critical Android vulnerability that may allow attackers to perform remote code execution on a vulnerable Android device and to take control of it.

https://gbhackers.com/android-vulnerability/

[SECURITY] [DSA 4571-1] thunderbird security update

Package : thunderbird
CVE ID : CVE-2019-15903 CVE-2019-11764 CVE-2019-11763 CVE-2019-11762 CVE-2019-11761 CVE-2019-11760 CVE-2019-11759 CVE-2019-11757 CVE-2019-11755

Multiple security issues have been found in Thunderbird which could potentially result in the execution of arbitrary code or denial of service.

https://lists.debian.org/debian-security-announce/2019/msg00223.html

Actualiza a la última versión de #WhatsApp

Se ha hecho pública una vulnerabilidad en la aplicación de mensajería instantánea, WhatsApp. Esta vulnerabilidad podría explotarse mediante un vídeo, en formato MP4, manipulado de forma maliciosa. Después de enviar dicho vídeo a la víctima en cuestión, el ciberdelincuente podría ejecutar código malicioso en el dispositivo de manera remota.

Recursos afectados:
La vulnerabilidad afecta a dispositivos:
Android con versión anterior a 2.19.274;
iOS con versión anterior a 2.19.100;
Enterprise Client, versión anterior a 2.25.3;
Windows Phone, versión 2.18.368 y anteriores;
WhastApp Business para Android, versión anterior a 2.19.104;
WhatsApp Business para iOS, versión anterior a 2.19.100.

Detalles
El fallo de seguridad, que ha sido confirmado por Facebook a través de un comunicado publicado en su web, podría permitir a un ciberdelincuente lanzar ataques #DoS (denegación del servicio) o #RCE (ejecución de código de manera remota).

https://www.osi.es/es/actualidad/avisos/2019/11/actualiza-la-ultima-version-de-whatsapp

Android Camera App Bug Lets Apps Record Video Without Permission

A new vulnerability has been found in the Camera apps for millions, if not hundreds of millions, of Android devices that could allow other apps to record video, take pictures, and extract GPS data from media without having the required permissions.

https://www.bleepingcomputer.com/news/security/android-camera-app-bug-lets-apps-record-video-without-permission/

#Microsoft Is Adding DNS-Over-HTTPS (#DoH ) to #Windows10

Microsoft announced that it's working on adding support for the privacy-focused DNS over HTTPS (DoH) protocol in a future Windows 10 release, while also keeping the addition of DNS over TLS (DoT) on the table.

https://www.bleepingcomputer.com/news/microsoft/microsoft-is-adding-dns-over-https-doh-to-windows-10/

Taller para escalar privilegios en Windows/Linux

https://www.hackplayers.com/2019/11/taller-para-escalar-privilegios-en-windows-linux.html

Múltiples vulnerabilidades en Moodle

Fecha de publicación: 18/11/2019
Importancia: 4 - Alta

Recursos afectados: 
Las vulnerabilidades afectan a las siguientes versiones:
desde la 3.7 a la 3.7.2,
desde la 3.6 a la 3.6.6,
desde la 3.5 a la 3.5.8,
versiones anteriores sin soporte.

Descripción: 
Se han publicado seis vulnerabilidades que afectan a la plataforma Moodle. Las dos de severidad más alta, podrían permitir llevar a cabo ataques de Cross Site Scripting (XSS) o comprometer la cuenta.

https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-moodle-7

NSA Releases Cyber Advisory: Managing Risk from Transport Layer Security Inspection

The National Security Agency (NSA) has released a Cyber Advisory that addresses managing risk from Transport Layer Security Inspection (TLSI). This short, informative document defines TLSI (a security process that allows incoming traffic to be decrypted, inspected, and re-encrypted), explains some risks and associated challenges, and discusses mitigations.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the NSA Cyber Advisory and apply the information, as appropriate. See CISA’s Alert on risks associated with HTTPS inspection.

https://www.us-cert.gov/ncas/current-activity/2019/11/19/nsa-releases-cyber-advisory-managing-risk-transport-layer-security

Google Releases Security Updates for #Chrome

Google has released Chrome 78.0.3904.108 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Chrome Release and apply the necessary updates.

https://www.us-cert.gov/ncas/current-activity/2019/11/19/google-releases-security-updates-chrome

Vulnerabilidad en Security Identy Manager de IBM

Fecha de publicación: 20/11/2019
Importancia: 4 - Alta

Recursos afectados: 
ISIM (SS) versión 6.0.0

Descripción: 
Se ha publicado una vulnerabilidad en Security Identy Manager de IBM.

Solución: 
Actualizar a la versión 6.0.0.22-ISS-SIM-IF0001

https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/vulnerabilidad-security-identy-manager-ibm