05-20

Weekly Awareness Report (WAR)

May 20, 2019

The Cyber Intelligence Report is an Open Source Intelligence AKA OSINT resource focusing on advanced persistent threatsand other digital dangers received by over ten thousand individuals. APTs fit into a cybercrime category directed at bothbusiness and political targets. Attack vectors include system compromise, social engineering, and even traditionalespionage. Included are clickable links to news stories, vulnerabilities, exploits, & other industry risk.

Summary

Symantec ThreatCon Low: Basic network posture

This condition applies when there is no discernible network incident activity and no maliciouscode activity with a moderate or severe risk rating. Under these conditions, only a routinesecurity posture, designed to defeat normal network threats, is warranted. Automated systemsand alerting mechanisms should be used.

Sophos: last 10 Malware* Troj/Fareit-HQZ* Troj/PDFUri-HJB* Troj/Stealer-PW* Troj/RTFDl-VX* Troj/Inject-EBZ* Troj/Fareit-HQY* Troj/Inject-ECA* Troj/Rozena-V* Troj/Phish-FDN* Troj/NanoCr-BI

Last 10 PUAs* IStartSurfInstaller* 4Share Downloader* UltraDownloader* OutBrowse Revenyou* Universal Virus Sniffer* AdvancedMacCleaner* WZTeam Software Cracks* Remo Software Drive Defrag* C2R Crack Tool* MacKeeper

Interesting News

* ScarCruft continues to evolve, introduces Bluetooth harvesterAfter publishing our initial series of blogposts back in 2016, we have continued to track the ScarCruft threat actor. ScarCruftis a Korean-speaking and allegedly state-sponsored threat actor that usually targets organizations and companies with linksto the Korean peninsula.

* * The IWC Cyber Range is scheduled to release a new version May 1st. Ghidra and Grass Marlin are now installed alongwith several more Red/Blue Team tools. If you are interested, we have an active FaceBook Group and YouTube Channel. As always, if you have any suggestions, feel free to let us know. Subscribe if you would like to receive the CIR updates bysending us an email: CIR@informationwarfarecenter.com

Index of Sections

Current News

* Packet Storm Security

* Dark Reading

* Krebs on Security

* The Hacker News

* Infosecurity Magazine

* Threat Post

* Naked Security

* Quick Heal - Security Simplified

Hacker Corner: Tools, Hacked Defacements, and Exploits

* Security Conferences

* Packet Storm Security Latest Published Tools

* Zone-H Latest Published Website Defacements

* Packet Storm Security Latest Published Exploits

* Exploit Database Releases

Advisories

* Secunia Chart of Vulnerabilities Identified

* US-Cert (Current Activity-Alerts-Bulletins)

* Symantec's Latest List

* Packet Storm Security's Latest List

Credits

News

Packet Storm Security

* Trump's U.S. Golf Association Account Got Hacked* Instagram Hacker Forum Gets Hacked By Hackers* Slack Bug Allows Remote File Hijacking, Malware Injection* Over 20k Linksys Routers Leak Every Device Ever Connected* Everything You Need To Know About GDPR* Magecart POS Malware Found On Forbes Subscription Page* Senate Unlikely To Vote On Election Security Despite Risk* Hacktivist Attacks Dropped By 95% Since 2015* US Telcos Say They Stopped Selling User Location Data, With A Few Exceptions* ARIN Recovers 735,000 Fraudulently Obtained IPv4 Addresses* GozNym Bank Malware Gang That Stole Millions Busted* Cisco / WebEx Flaws Offer Up Remote Code Execution* Hackers Interrupt Israeli Eurovision Webcast With Fake Explosions* Plane Radio Navigation For Landing Is Insecure And Can Be Hacked* Microsoft Warns Wormable Windows Bug Could Lead To Another WannaCry* UK Hacking Powers Can Be Challenged In Court, Judge Rules* WhatsApp To Refer Security Breach To U.S. Authorities* SilverTerrier Cybergang Evolving New Techniques For BEC Scams* San Francisco Could Become The First City To Ban Facial Recognition Tech On Tuesday* Over 25,000 Linksys Routers Are Leaking Sensitive Data* WhatsApp Vuln Allowed Secretive Installation Of Spyware* Facebook Facing 20 Year Consent Agreement After Privacy Lapses* Twitter Accidentally Shares User Location Data* Equifax Data Breach Recovery Costs Pass $1 Billion* SIM Hijacking Ring Dismantled By The Feds

Dark Reading

* Financial Sector Under Siege* Killer SecOps Skills: Soft Is the New Hard* 7 Signs of the Rising Threat of Magecart Attacks in 2019* How a Manufacturing Firm Recovered from a Devastating Ransomware Attack* Black Hat Q&A: Bruce Schneier Calls For Public-Interest Technologists* Artist Uses Malware in Installation* Q1 2019 Smashes Record For Most Reported Vulnerabilities in a Quarter* DevOps Repository Firms Establish Shared Analysis Capability* When Older Windows Systems Won't Die* Exposed Elasticsearch Database Compromises Data on 8M People* A Trustworthy Digital Foundation Is Essential to Digital Government* Google to Replace Titan Security Keys Affected by Bluetooth Bug* Executive Order Limits Certain Tech Sales, Hits Huawei Hard* US Charges Members of GozNym Cybercrime Gang* The Data Problem in Security* Cyber Workforce Exec Order: Right Question, Wrong Answer * GDPR Drives Changes, but Privacy by Design Proves Elusive* New Intel Vulnerabilities Bring Fresh CPU Attack Dangers

News

Krebs on Security

* Account Hijacking Forum OGusers Hacked* Feds Target $100M 'GozNym' Cybercrime Network* A Tough Week for IP Address Scammers* Microsoft Patches 'Wormable' Flaw in Windows XP, 7 and Windows 2003* Nine Charged in Alleged SIM Swapping Ring* What's Behind the Wolters Kluwer Tax Outage?* Feds Bust Up Dark Web Hub Wall Street Market* Credit Union Sues Fintech Giant Fiserv Over Security Claims* Data: E-Retail Hacks More Lucrative Than Ever* P2P Weakness Exposes Millions of IoT Devices

The Hacker News

* US Tech Giants Google, Intel, Qualcomm, Broadcom Break Up With Huawei* Report Reveals TeamViewer Was Breached By Chinese Hackers In 2016* Hackers Breach Stack Overflow Q&A Site, Some Users' Data Exposed* 'GozNym' Banking Malware Gang Dismantled by International Law Enforcement* Bluetooth Flaw Found in Google Titan Security Keys; Get Free Replacement* New Class of CPU Flaws Affect Almost Every Intel Processor Since 2011* Microsoft Releases Patches For A Critical 'Wormable Flaw' and 78 Other Issues* Adobe Releases Critical Patches for Flash, Acrobat Reader, and Media Encoder* Flaw Affecting Millions of Cisco Devices Let Attackers Implant Persistent Backdoor* Cryptocurrency Hacks Still Growing — What Does That Mean for the Industry?

Security Week

* Faulty Database Script Exposed Salesforce Data to Wrong Users* Huawei Vows to Deliver Android Security Updates After Google Cut-Off* TeamViewer Confirms It Was Hacked in 2016* How to Evaluate Threat Intelligence Vendors That Cover the Deep & Dark Web* User Data Exposed in Stack Overflow Hack* Hacktivist Attacks Declined 95 Percent Since 2015: IBM* Slack Flaw Allows Hackers to Steal, Manipulate Downloads* Tenable Updates Free Vulnerability Assessment Solution* Wormable Windows RDS Vulnerability Poses Serious Risk to ICS* Stack Overflow Discloses Security Breach* How to Securely Blend Your IoT Data with Business Data* Authorities Takedown GozNym Cybercrime Group That Stole an Estimated $100 Million* Cisco Patches Critical Vulnerabilities in Prime Infrastructure (PI) Software* Group Seeks Investigation of Deep Packet Inspection Use by ISPs* Facebook Partially Restores Privacy Feature Abused in Massive Breach* Dutch Probe China's Huawei for Possible Spying: Report* Business Email Compromise Still Reigns* Google Starts Tracking Zero-Days Exploited in the Wild* Red Cross Website Hacked in Latest Singapore Cyber Attack* Microsoft Releases Attack Surface Analyzer 2.0

News

Infosecurity Magazine

* LeakedSource Company Pleads Guilty * Ex-CIA Man Gets 20 Years for Handing China Secrets* Chipmakers Cut Huawei Shipments * Download Hijack Flaw Patched in Slack Patches for Windows* More Orgs Use Booby Traps for Counterintelligence* Baltimore Won't Pay Ransom, Systems Remain Down * Hacktivist Attacks Have Fallen 95% Since 2015* Facebook Bans Israeli Firm For Election Meddling* Europol and US Police Disrupt $100m Cybercrime Gang* Critical Vulnerabilities in Cisco Products

Threat Post

* Salesforce Woes Linger as Admins Clean Up After Service Outage* Behind the Naming of ZombieLoad and Other Intel Spectre-Like Flaws* Slack Bug Allows Remote File Hijacking, Malware Injection* ZombieLoad: How Intel's Latest Side Channel Bug Was Discovered and Disclosed* WordPress WP Live Chat Support Plugin Fixes XSS Flaw* Ransomware 'Remediation' Firm Exposed: Researchers Weigh in on Paying* How Decoding Network Traffic Can Save Your Data Bacon* News Wrap: WhatsApp, Microsoft, Intel and Cisco Flaws* Mobile Risks Boom in a Post-Perimeter World* Forbes Becomes Latest Victim of Magecart Payment Card Skimmer

Naked Security

* CEO told to hand back 757,000 fraudulently obtained IP addresses* Brave browser concerned that Client Hints could be abused for tracking* Facebook bans accounts of fake news firm* Bots rigged Russian finale of 'The Voice Kids' talent show* Monday review - the hot 20 stories of the week* Google recalls Titan Bluetooth keys after finding security flaw* Hacking gang stole millions in cryptocurrency via SIM swaps* Europol arrests end GozNym banking malware gang* Trump seeks tales of social media bias - and your phone number* Please vote for Naked Security at the European Blogger Awards 2019!

Quick Heal - Security Simplified

* CVE-2019-0708 - A Critical "Wormable” Remote Code Execution Vulnerability in Windows RDP* Miners snatching open source tools to strengthen their malevolent power!* 5 ways to instantly detect a phishing email and save yourself from phishing attack* PCs fail to boot up / Freeze after receiving Microsoft Windows 9-April-2019 updates and rebooting the PC* JCry - A Ransomware written in Golang!* This summer vacation let your kids explore the internet with safety of parental control* 3059 android malware detected per day in 2018 - Are you still counting on free android antivirus forprotection?* Essential cyber safety tips every woman should follow* Quick Heal Threat Report - Cryptojacking rising but Ransomware still #1 threat for consumers

Security Conferences* Upcoming Events in the United States* Upcoming Events In Europe* 29 Amazing TED Cybersecurity Talks (2008 - 2020)* 7 Proven Ideas for Your InfoSec Conference Delegate Acquisition Strategy* An Interview with Jack Daniel: Co-Founder of BSides!

Tools & Techniques* Packet Fence 9.0.0* Falco 0.15.0* GNUnet P2P Framework 0.11.4* I2P 0.9.40* Lets Map Your Network* SQLMAP - Automatic SQL Injection Tool 1.3.5* Suricata IDPE 4.1.4* ifchk 1.1.1* TestSSL 3.0rc5* TestSSL 2.9.5-8* Miteru : An Experimental Phishing Kit Detection Tool* Security RAT : Tool For Handling Security Requirements In Development* Rogue : An Extensible Toolkit Providing Penetration Testers An Easy-To-Use Platform* SecureTea Project : OWASP Application Designed To Help Secure Unauthorised Access* DeepSearch - Advanced Web Dir Scanner For Bruteforce* JWT Tool : A Toolkit For Testing, Tweaking & Cracking JSON Web Tokens* TrigMap : A Wrapper For Nmap To Automate The Pentest* Pown Recon : A Powerful Target Reconnaissance Framework Powered By Graph Theory* WAFw00f : Identify & Fingerprint Web Application Firewall (WAF) Products Protecting A Website* LNK-KISSER : AutoIt HackTool, Shortcuts.lnk Payloads Generator

Latest Zone-H Website Defacements* http://dpupr.pandeglangkab.go.id/riz.html* http://aardram.kerala.gov.in* http://slna.kerala.gov.in* https://rera.kerala.gov.in* http://sipp.pa-panyabungan.go.id/asifa.html* http://suanmon.go.th* http://ppnr.go.th* http://khnlocal.go.th* http://hintang.go.th* http://hanjoth.go.th* http://inspektorat.penajamkab.go.id/pwnd.htm* http://bappedalitbang.pesisirselatankab.go.id/asset/img_album/sayang.gif* http://silautkec.pesisirselatankab.go.id/asset/img_album/sayang.gif* http://ranahpesisirkec.pesisirselatankab.go.id/asset/img_album/sayang.gif* http://kotoxitarusankec.pesisirselatankab.go.id/asset/img_album/sayang.gif* http://linggosaribagantikec.pesisirselatankab.go.id/asset/img_album/sayang.gif* http://lengayangkec.pesisirselatankab.go.id/asset/img_album/sayang.gif* http://bayangkec.pesisirselatankab.go.id/asset/img_album/sayang.gif* http://airpurakec.pesisirselatankab.go.id/asset/img_album/sayang.gif

Proof of Concept (PoC) & Exploits

Packet Storm Security

* Emerson Network Power Liebert Challenger 5.1E0.5 Cross Site Scripting* Common Desktop Environment 2.3.0 dtprintinfo Privilege Escalation* Huawei eSpace 1.1.11.103 Meeting Heap Overflow* Huawei eSpace 1.1.11.103 Meeting Image File Format Handling Buffer Overflow* Huawei eSpace 1.1.11.103 Unicode Stack Buffer Overflow* Huawei eSpace 1.1.11.103 DLL Hijacking* Cisco Expressway Gateway 11.5.1 Directory Traversal* GAT-Ship Web Module 1.30 Information Disclosure* GetSimpleCMS 3.3.15 Remote Code Execution* SEL AcSELerator Architect 2.2.24 Denial Of Service* Axessh 4.2 Denial Of Service* ZOC Terminal 7.23.4 Denial Of Service* JetAudio jetCast Server 2.0 Buffer Overflow* WeChat 7.0.4 Denial Of Service* VMware Workstation DLL Hijacking* RSA NetWitness Authorization Bypass* Legrand BTicino Driver Manager F454 1.0.51 Cross Site Scripting* Legrand BTicino Driver Manager F454 1.0.51 Cross Site Request Forgery* DeepSound 1.0.4 SQL Injection* CommSy 8.6.5 SQL Injection* Tomabo MP4 Converter 3.25.22 Denial Of Service* Schneider Electric U.Motion Builder 1.3.4 Command Injection

Exploit Database

* [webapps] Interspire Email Marketer 6.20 - 'surveys_submit.php' Remote Code Execution* [local] Iperius Backup 6.1.0 - Privilege Escalation* [dos] CEWE Photo Importer 6.4.3 - '.jpg' Denial of Service (PoC)* [dos] CEWE Photoshow 6.4.3 - 'Password' Denial of Service (PoC)* [dos] Sandboxie 5.30 - 'Programs Alerts' Denial of Service (PoC)* [dos] SEL AcSELerator Architect 2.2.24 - CPU Exhaustion Denial of Service* [dos] Axessh 4.2 - 'Log file name' Denial of Service (PoC)* [dos] ZOC Terminal v7.23.4 - 'Shell' Denial of Service (PoC)* [dos] ZOC Terminal v7.23.4 - 'Private key file' Denial of Service (PoC)* [dos] ZOC Terminal 7.23.4 - 'Script' Denial of Service (PoC)* [local] JetAudio jetCast Server 2.0 - 'Log Directory' Local SEH Alphanumeric Encoded Buffer Overflow* [dos] WeChat for Android 7.0.4 - 'vcodec2_hls_filter' Denial of Service* [webapps] DeepSound 1.0.4 - SQL Injection* [local] VMware Workstation 15.1.0 - DLL Hijacking* [webapps] Legrand BTicino Driver Manager F454 1.0.51 - Cross-Site Request Forgery / Cross-Site Scripting* [webapps] CommSy 8.6.5 - SQL injection* [dos] Tomabo MP4 Converter 3.25.22 - Denial of Service (PoC)* [webapps] PasteShr 1.6 - Multiple SQL Injection

AdvisoriesUS-Cert Alerts & bulletins

* AA19-122A: New Exploits for Unsecure SAP Systems* AA19-024A: DNS Infrastructure Hijacking Campaign* SB19-133: Vulnerability Summary for the Week of May 6, 2019* SB19-126: Vulnerability Summary for the Week of April 29, 2019

Symantec - Latest List

* Microsoft Internet Explorer CVE-2019-0995 Security Bypass Vulnerability* Microsoft Internet Explorer and Edge CVE-2019-0940 Remote Memory Corruption Vulnerability* Microsoft Edge CVE-2019-0938 Remote Privilege Escalation Vulnerability* Microsoft SharePoint Server CVE-2019-0956 Information Disclosure Vulnerability* Microsoft Azure Active Directory Connect CVE-2019-1000 Remote Privilege Escalation Vulnerability* Microsoft Edge Chakra Scripting Engine CVE-2019-0937 Remote Memory Corruption Vulnerability* Microsoft Office Access Connectivity Engine CVE-2019-0945 Remote Code Execution Vulnerability* Microsoft Edge Chakra Scripting Engine CVE-2019-0933 Remote Memory Corruption Vulnerability* Microsoft SharePoint Server CVE-2019-0949 Spoofing Vulnerability* Microsoft Windows Remote Desktop Services CVE-2019-0708 Remote Code Execution Vulnerability* Microsoft Internet Explorer CVE-2019-0930 Information Disclosure Vulnerability* Microsoft SharePoint Server CVE-2019-0952 Remote Code Execution Vulnerability* Microsoft Internet Explorer CVE-2019-0929 Remote Memory Corruption Vulnerability* Microsoft SharePoint Server CVE-2019-0958 Remote Privilege Escalation Vulnerability* Microsoft SharePoint Server CVE-2019-0957 Remote Privilege Escalation Vulnerability* Microsoft .NET CVE-2019-0820 Denial of Service Vulnerability* Microsoft SharePoint Server CVE-2019-0950 Spoofing Vulnerability* Microsoft Edge Chakra Scripting Engine CVE-2019-0927 Remote Memory Corruption Vulnerability* Microsoft Azure DevOps Server and Team Foundation Server Cross Site Scripting Vulnerability* Microsoft SharePoint Server CVE-2019-0963 Cross Site Scripting Vulnerability* Microsoft Edge CVE-2019-0926 Remote Memory Corruption Vulnerability* Microsoft Windows GDI Component CVE-2019-0882 Information Disclosure Vulnerability* Microsoft Edge Chakra Scripting Engine CVE-2019-0925 Remote Memory Corruption Vulnerability* Microsoft Word CVE-2019-0953 Remote Code Execution Vulnerability* Microsoft SQL Server CVE-2019-0819 Information Disclosure Vulnerability* Microsoft Edge Chakra Scripting Engine CVE-2019-0924 Remote Memory Corruption Vulnerability

Packet Storm Security - Latest List

Red Hat Security Advisory 2019-1243-01Red Hat Security Advisory 2019-1243-01 - Chromium is an open-source web browser, powered by WebKit.This update upgrades Chromium to version 74.0.3729.131. Issues addressed include an out of bounds accessvulnerability.Ubuntu Security Notice USN-3988-1Ubuntu Security Notice 3988-1 - It was discovered that MediaInfo contained multiple security issues whenhandling certain multimedia files. If a user were tricked into opening a crafted multimedia file, an attacker couldcause MediaInfo to crash, resulting in a denial of service.Ubuntu Security Notice USN-3986-1Ubuntu Security Notice 3986-1 - It was discovered that Wireshark improperly handled certain input. A remote orlocal attacker could cause Wireshark to crash by injecting malformed packets onto the wire or convincingsomeone to read a malformed packet trace file.Red Hat Security Advisory 2019-1238-01Red Hat Security Advisory 2019-1238-01 - IBM Java SE version 8 includes the IBM Java Runtime Environmentand the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP35.Issues addressed include a buffer overflow vulnerability.Red Hat Security Advisory 2019-1237-01Red Hat Security Advisory 2019-1237-01 - The rh-python35-python-jinja2 package contains Jinja2, a templateengine written in pure Python. Jinja2 provides a Django inspired non-XML syntax but supports inlineexpressions and an optional sandboxed environment. Issues addressed include an information leakagevulnerability.Slackware Security Advisory - rdesktop UpdatesSlackware Security Advisory - New rdesktop packages are available for Slackware 14.0, 14.1, 14.2, and-current to fix security issues. Red Hat Security Advisory 2019-1236-01Red Hat Security Advisory 2019-1236-01 - .NET Core is a managed-software framework. It implements asubset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versionsof .NET Core that address security vulnerabilities are now available. The updated versions are .NET Core1.0.16, 1.1.13, 2.1.11, and 2.2.5. Issues addressed include a denial of service vulnerability.Ubuntu Security Notice USN-3985-1Ubuntu Security Notice 3985-1 - Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze,Dan Horea Lutas, Andrei Lutas, Volodymyr Pikhur, Stephan van Schaik, Alyssa Milburn, SebastianÖsterlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Moritz Lipp, Michael Schwarz,and Daniel Gruss discovered that memory previously stored in microarchitectural fill buffers of an Intel CPUcore may be exposed to a malicious process that is executing on the same CPU core. A local attacker coulduse this to expose sensitive information. Various other issues were also addressed.Red Hat Security Advisory 2019-1235-01Red Hat Security Advisory 2019-1235-01 - Ruby is an extensible, interpreted, object-oriented, scriptinglanguage. It has features to process text files and to perform system management tasks. Issues addressedinclude a code execution vulnerability.Red Hat Security Advisory 2019-1234-01Red Hat Security Advisory 2019-1234-01 - The flash-plugin package contains a Mozilla Firefox compatibleAdobe Flash Player web browser plug-in. This update upgrades Flash Player to version 32.0.0.192. Issuesaddressed include a code execution vulnerability.Debian Security Advisory 4447-1Debian Linux Security Advisory 4447-1 - This update ships updated CPU microcode for most types of IntelCPUs. It provides mitigations for the MSBDS, MFBDS, MLPDS and MDSUM hardware vulnerabilities.Ubuntu Security Notice USN-3983-2

Ubuntu Security Notice 3983-2 - USN-3983-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS.This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 14.04LTS for Ubuntu 12.04 LTS. Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze, DanHorea Lutas, Andrei Lutas, Volodymyr Pikhur, Stephan van Schaik, Alyssa Milburn, Sebastian Osterlund,Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Moritz Lipp, Michael Schwarz, and Daniel Grussdiscovered that memory previously stored in microarchitectural fill buffers of an Intel CPU core may be exposedto a malicious process that is executing on the same CPU core. A local attacker could use this to exposesensitive information. Various other issues were also addressed.Ubuntu Security Notice USN-3981-2Ubuntu Security Notice 3981-2 - USN-3981-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS.This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 18.04LTS for Ubuntu 16.04 LTS and for the Linux Azure kernel for Ubuntu 14.04 LTS.Red Hat Security Advisory 2019-1205-01Red Hat Security Advisory 2019-1205-01 - The rhvm-setup-plugins package adds functionality exclusive only toRed Hat Virtualization Manager, and is not available for the upstream ovirt-engine. It includes the configurationof the Red Hat Support plugin, copying downstream-only artifacts to the ISO domain, and links to theknowledgebase and other support material. Issues addressed include a CPU related vulnerability.FreeBSD Security Advisory - FreeBSD-SA-19:07.mdsFreeBSD Security Advisory - On some Intel processors utilizing speculative execution a local process may beable to infer stale information from microarchitectural buffers to obtain a memory disclosure. An attacker maybe able to read secret data from the kernel or from a process when executing untrusted code (for example, in aweb browser).Ubuntu Security Notice USN-3982-2Ubuntu Security Notice 3982-2 - USN-3982-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS.This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04for Ubuntu 14.04 LTS.FreeBSD Security Advisory - FreeBSD-SA-19:06.pfFreeBSD Security Advisory - States in pf(4) let ICMP and ICMP6 packets pass if they have a packet in theirpayload matching an existing condition. pf(4) does not check if the outer ICMP or ICMP6 packet has the samedestination IP as the source IP of the inner protocol packet. A maliciously crafted ICMP/ICMP6 packet couldbypass the packet filter rules and be passed to a host that would otherwise be unavailable. FreeBSD Security Advisory - FreeBSD-SA-19:05.pfFreeBSD Security Advisory - A bug in the pf(4) IPv6 fragment reassembly logic incorrectly uses the lastextension header offset from the last received packet instead of from the first packet. Malicious IPv6 packetswith different IPv6 extensions could cause a kernel panic or potentially a filtering rule bypass. Ubuntu Security Notice USN-3980-2Ubuntu Security Notice 3980-2 - USN-3980-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.10. Thisupdate provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 18.10 forUbuntu 18.04 LTS.Red Hat Security Advisory 2019-1206-01Red Hat Security Advisory 2019-1206-01 - The rhvm-setup-plugins package adds functionality exclusive only toRed Hat Virtualization Manager, and is not available for the upstream ovirt-engine. It includes the configurationof the Red Hat Support plugin, copying downstream-only artifacts to the ISO domain, and links to theknowledgebase and other support material. Issues addressed include a CPU related vulnerability.Ubuntu Security Notice USN-3984-1Ubuntu Security Notice 3984-1 - Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze,Dan Horea Lutas, Andrei Lutas, Volodymyr Pikhur, Stephan van Schaik, Alyssa Milburn, SebastianÖsterlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Moritz Lipp, Michael Schwarz,and Daniel Gruss discovered that memory previously stored in microarchitectural fill buffers of an Intel CPU

core may be exposed to a malicious process that is executing on the same CPU core. A local attacker coulduse this to expose sensitive information. Various other issues were also addressed.Debian Security Advisory 4446-1Debian Linux Security Advisory 4446-1 - It was discovered that the Lemonldap::NG web SSO systemperformed insufficient validation of session tokens if the "tokenUseGlobalStorage" option is enabled, whichcould grant users with access to the main session database access to an anonymous session.Ubuntu Security Notice USN-3981-1Ubuntu Security Notice 3981-1 - Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze,Dan Horea Lutas, Andrei Lutas, Volodymyr Pikhur, Stephan van Schaik, Alyssa Milburn, SebastianÖsterlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Moritz Lipp, Michael Schwarz,and Daniel Gruss discovered that memory previously stored in microarchitectural fill buffers of an Intel CPUcore may be exposed to a malicious process that is executing on the same CPU core. A local attacker coulduse this to expose sensitive information. Various other issues were also addressed.Red Hat Security Advisory 2019-1204-01Red Hat Security Advisory 2019-1204-01 - The VDSM service is required by a Virtualization Manager tomanage the Linux hosts. VDSM manages and monitors the host's storage, memory and networks as well asvirtual machine creation, other host administration tasks, statistics gathering, and log collection. Issuesaddressed include a CPU related vulnerability.

https://www.informationwarfarecenter.com