資安新聞及事件週報 2018/08/27 ~ 2018/08/31

資安新聞及事件週報  2018/08/27  ~  2018/08/31
1.重大弱點漏洞
Apache軟體基金會修補Struts 2的遠端程式攻擊漏洞
https://www.ithome.com.tw/news/125473
研究員未通報微軟就公開 Windows 10 漏洞，「現階段無解」殺的大眾措手不及
https://buzzorange.com/techorange/2018/08/30/researcher-open-windows-10-bug-without-notified/
Apache ActiveMQ跨站腳本漏洞
https://activemq.apache.org/activemq-5155-release.html
網站維護者宜升級phpMyAdmin，免除XSS干擾
https://twcert.org.tw/subpages/securityInfo/loophole_details.aspx?id=5013
Mikrotik RouterOS 漏洞
https://mikrotik.com/download/changelogs
https://mikrotik.com/download/changelogs/bugfix-release-tree
OpenSSH連續被踢爆兩個用戶名稱枚舉漏洞
https://www.ithome.com.tw/news/125601
儘速更新各版OpenSSH，解除User enumeration瑕疵
https://twcert.org.tw/subpages/securityInfo/loophole_details.aspx?id=5011
Samba 訪問限制繞過安全漏洞（CVE-2018-10919）
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10919
Cisco IOS/IOS XE Software 漏洞
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180813-rsa-nonce
思科產品執行任意程式碼漏洞
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180823-apache-struts

資安新聞及事件週報 2018/08/20 ~ 2018/08/24

資安新聞及事件週報  2018/08/20  ~  2018/08/24
1.重大弱點漏洞
Red Hat JBoss 多個漏洞
https://www.auscert.org.au/bulletins/66810
https://www.auscert.org.au/bulletins/66834
Cisco Firepower System 漏洞 
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180711-firepower-dos
Cisco FireSIGHT System遠程安全繞過漏洞
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180711-firesight-file-bypass
OpenSSL存在旁路攻擊漏洞，光靠攔截手機電磁訊號就能取得金鑰
https://www.ithome.com.tw/news/125370
McAfee：Belkin智慧插頭含有遠端程式攻擊漏洞
https://www.ithome.com.tw/news/125413
攻擊Samba缺陷，駭客能製造DoS與不當存取
https://twcert.org.tw/subpages/securityInfo/loophole_details.aspx?id=5005
JVNVU#90390242 Ghostscript に -dSAFER オプションによる保護が回避される複数の脆弱性
https://jvn.jp/vu/JVNVU90390242/
JVNVU#98641178 Ghostscript に任意のコードが実行可能な脆弱性
https://jvn.jp/vu/JVNVU98641178/
Ghostscript - Multiple Vulnerabilities
https://www.exploit-db.com/exploits/45243/
Ghostscript 執行任意程式碼漏洞
https://www.kb.cert.org/vuls/id/332928
漏洞預警| Ghostscript存在多個漏洞可導致遠程代碼執行
https://www.anquanke.com/post/id/157380
編譯器Ghostscript嚴重弱點波及多種軟體與OS
https://twcert.org.tw/subpages/securityInfo/loophole_details.aspx?id=5009
Critical Flaws in Ghostscript Could Leave Many Systems at Risk of Hacking
https://bit.ly/2Llsyj5
Adobe Issues Emergency Patches for Critical Flaws in Photoshop CC
https://bit.ly/2wiNpOK

資安新聞及事件週報 2018/08/13 ~ 2018/08/17

資安新聞及事件週報  2018/08/13  ~  2018/08/17
1.重大弱點漏洞
WiFi Protected Access II (WPA2) 阻斷攻擊漏洞
https://www.hkcert.org/my_url/zh/alert/18081001
OpenSSH 洩露敏感資料漏洞
https://github.com/openbsd/src/commit/779974d35b4859c07bc3cb8a12c74b43b0a7d1e0
HP上百款印表機爆遠端執行程式碼嚴重漏洞，用戶應儘速更新韌體
https://www.ithome.com.tw/news/125152
HPSBHF03589 rev. 4 - HP Ink Printers Remote Code Execution
https://support.hp.com/us-en/document/c06097712
多款HP噴墨印表機存在安全漏洞(CVE-2018-5924與CVE-2018-5925)，允許遠端攻擊者執行任意程式碼，請儘速確認並進行更新
https://twcert.org.tw/subpages/securityInfo/loophole_details.aspx?id=5001
華芸科技ASUSTOR Data Master預設帳密及RCE破綻，將危害NAS資料
https://twcert.org.tw/subpages/securityInfo/loophole_details.aspx?id=5003
Apple macOS/OS X敏感信息洩露漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4178
Cybozu Mailwise反射型跨站腳本漏洞
http://jvn.jp/en/jp/JVN52319657/index.html
Apache TomEE console跨站腳本漏洞
https://bit.ly/2P3UD1k
Cortana被爆安全漏洞：可繞過Windows 10鎖屏獲取用户隱私
https://hk.saowen.com/a/24112e7f82969620f47afa3d06fc9eac8919541a3b2920f40a2aeb013dc764f9
松鼠郵遞SquirrelMail用戶，慎防來信夾帶XSS陷阱
https://twcert.org.tw/subpages/securityInfo/loophole_details.aspx?id=5002

資安新聞及事件週報 2018/08/06 ~ 2018/08/10

資安新聞及事件週報  2018/08/06  ~  2018/08/10
1.重大弱點漏洞
tcpflow整數溢出漏洞
https://github.com/simsong/tcpflow/commit/a4e1cd14eb5ccc51ed271b65b3420f7d692c40eb
Linux 內核曝TCP 漏洞，極小流量就可以DoS 癱瘓設備
https://www.oschina.net/news/98791/linux-kernel-bug-leads-tiny-dos-attack
Juniper Junos 阻斷攻擊漏洞
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10876
三星SmartThingsHub智能家居設備現20個安全漏洞
https://read01.com/xDJDGoK.html
TLBleed漏洞竟是通過探測TLB獲取CPU秘鑰
https://my.oschina.net/u/3760760/blog/1924424
WiFi Protected Access II (WPA2) 阻斷攻擊漏洞
https://securitytracker.com/id/1041438
編譯器mingw-w64產出執行檔具先天性缺陷，不受ASLR機制保護
https://twcert.org.tw/subpages/securityInfo/loophole_details.aspx?id=4996
OpenEMR遠程代碼執行漏洞
https://bit.ly/2Ma73qU
NetApp 7-Mode Transition Tool 安全漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5489
Micro Focus GroupWise任意文件上傳漏洞
https://www.novell.com/support/kb/doc.php?id=7023223

資安新聞及事件週報 2018/7/30 ~ 2018/8/3

資安新聞及事件週報  2018/7/30  ~  2018/8/3
1.重大弱點漏洞
Network Manager VPNC插件安全漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10900
ASUS DSL-N12E_C1 1.1.2.3_345 - Remote Command Execution
https://www.exploit-db.com/exploits/45135/
Imperva SecureSphere 11.5 / 12.0 / 13.0 - Privilege Escalation
https://www.exploit-db.com/exploits/45130/
VirtualBox遭爆3D加速功能存在任意讀寫漏洞
https://www.ithome.com.tw/news/124914
GNU Mailman 跨站脚本漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0618
metascrape npm模塊跨站腳本漏洞
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-201807-1971
SonicWall Global Management System - XMLRPC set_time_zone Command Injection (Metasploit)
https://www.exploit-db.com/exploits/45124/
Microsoft Windows - 'dnslint.exe' Drive-By Download
https://www.exploit-db.com/exploits/45079/