weekly awareness report (war) - information warfare...
TRANSCRIPT
05-27
Weekly Awareness Report (WAR)
May 27, 2019
The Cyber Intelligence Report is an Open Source Intelligence AKA OSINT resource focusing on advanced persistent threatsand other digital dangers received by over ten thousand individuals. APTs fit into a cybercrime category directed at bothbusiness and political targets. Attack vectors include system compromise, social engineering, and even traditionalespionage. Included are clickable links to news stories, vulnerabilities, exploits, & other industry risk.
Summary
Symantec ThreatCon Low: Basic network posture
This condition applies when there is no discernible network incident activity and no maliciouscode activity with a moderate or severe risk rating. Under these conditions, only a routinesecurity posture, designed to defeat normal network threats, is warranted. Automated systemsand alerting mechanisms should be used.
Sophos: last 10 Malware* Troj/VBInj-TW* Troj/Mdrop-IQG* Troj/Ransom-FKW* Troj/Inject-ECZ* JS/Drop-BAK* Troj/Inject-ECY* Troj/DocDl-TXE* Troj/DocDl-TXC* Troj/Stealer-QR* Troj/Phish-FEK
Last 10 PUAs* IStartSurfInstaller* iMyMac* Bundlore* VR Brothers* AddDrop Bundled Installs* Genieo* Lalaker1 Game Hacker* DealPly Updater* 4Share Downloader* UltraDownloader
Interesting News
* IT threat evolution Q1 2019Zebrocy and GreyEnergy, four zero-day vulnerabilities in Windows, attacks on cryptocurrency exchanges, a very old bug inWinRAR, attacks on smart devices and other events of the first quarter of 2019.
* * The IWC Cyber Range is scheduled to release a new version May 1st. Ghidra and Grass Marlin are now installed alongwith several more Red/Blue Team tools. If you are interested, we have an active FaceBook Group and YouTube Channel. As always, if you have any suggestions, feel free to let us know. Subscribe if you would like to receive the CIR updates bysending us an email: [email protected]
Index of Sections
Current News
* Packet Storm Security
* Dark Reading
* Krebs on Security
* The Hacker News
* Infosecurity Magazine
* Threat Post
* Naked Security
* Quick Heal - Security Simplified
Hacker Corner: Tools, Hacked Defacements, and Exploits
* Security Conferences
* Packet Storm Security Latest Published Tools
* Zone-H Latest Published Website Defacements
* Packet Storm Security Latest Published Exploits
* Exploit Database Releases
Advisories
* Secunia Chart of Vulnerabilities Identified
* US-Cert (Current Activity-Alerts-Bulletins)
* Symantec's Latest List
* Packet Storm Security's Latest List
Credits
News
Packet Storm Security
* The Ethical Hackers Taking The Bugs To The Bank* Amazon Defeated Rekognition Revolt By A Large Margin* Snapchat Spied On Users With Internal Tool* Intense Scanning Activity Detected For BlueKeep RDP Flaw* Maker Of US Border's License Plate Scanning Tech Ransacked By Hacker, Blueprints And Files DumpedOnline* Instagram Website Leaked Phone Numbers And Emails For Months* United States Rolls Out New 18 Count Indictment On Assange* HCL Employee, Customer Files Found Open To Public* Ethereum Smart Contracts Exploitation Using Right-To-Left Override Character* Mozilla Patches 24 Firefox Vulnerabilities* Would You Pay $1 Million For A Laptop Full Of Malware?* Why A Windows Flaw Patched 9 Days Ago Is Still Spooking The Internet* UK Says It Warned 16 NATO Allies Of Russian Hacking Activities* Millions Of Golfers Land In Privacy Hazard After Cloud Misconfig* Team Viewer Hit By Chinese Hackers In 2016* Huawei Faces Break With UK Chip Giant ARM* Google G Suite Glitch Left Some Passwords Stored In Plain Text For 14 Years* Unsecure Chtrbox AWS Database Exposes Data On 49 Million Instagram Influencers, Accounts* Huawei's Microchip Vulnerability Explained* Linux Variant Of Winnti Malware Spotted In Wild* Baltimore Ransomware Nightmare Could Last Weeks More* Trump's U.S. Golf Association Account Got Hacked* Instagram Hacker Forum Gets Hacked By Hackers* Slack Bug Allows Remote File Hijacking, Malware Injection* Over 20k Linksys Routers Leak Every Device Ever Connected
Dark Reading
* First American Financial Corp. Left Mortgage Data Exposed on Website* Mist Computing Startup Distributes Security AI to the Network Edge* NSS Labs Admits Its Test of CrowdStrike Falcon Was 'Inaccurate'* How Security Vendors Can Address the Cybersecurity Talent Shortage* Master NSA-Grade Security Tools at New Black Hat Trainings Virginia* 7 Recent Wins Against Cybercrime* Researcher Publishes Four Zero-Day Exploits in Three Days* To Manage Security Risk, Manage Data First* Moody's Outlook Downgrade of Equifax: A Wake-up Call to Boards* FEC Gives Green Light for Free Cybersecurity Help in Federal Elections* Mobile Exploit Fingerprints Devices with Sensor Calibration Data* Google's Origin & the Danger of Link Sharing* Microsoft Opens Defender ATP for Mac to Public Preview* Russian Nation-State Hacking Unit's Tools Get More Fancy* Incident Response: 3 Easy Traps & How to Avoid Them* Alphabet's Chronicle Explores Code-Signing Abuse in the Wild* New Software Skims Credit Card Info From Online Credit Card Transactions* Data Asset Management: What Do You Really Need?
News
Krebs on Security
* First American Financial Corp. Leaked Hundreds of Millions of Title Insurance Records* Legal Threats Make Powerful Phishing Lures* Account Hijacking Forum OGusers Hacked* Feds Target $100M 'GozNym' Cybercrime Network* A Tough Week for IP Address Scammers* Microsoft Patches 'Wormable' Flaw in Windows XP, 7 and Windows 2003* Nine Charged in Alleged SIM Swapping Ring* What's Behind the Wolters Kluwer Tax Outage?* Feds Bust Up Dark Web Hub Wall Street Market* Credit Union Sues Fintech Giant Fiserv Over Security Claims
The Hacker News
* U.S. Charges WikiLeaks' Julian Assange With Violating Espionage Act* 5 Cybersecurity Tools Every Business Needs to Know* Tor Browser for Android — First Official App Released On Play Store* Update: Hacker Disclosed 4 New Microsoft Zero-Day Exploits in Last 24 Hours* Hacking and Cyber Security Certification Training Bundle 2019 (10 Courses)* Google Stored G Suite Users' Passwords in Plain-Text for 14 Years* PoC Exploit For Unpatched Windows 10 Zero-Day Flaw Published Online* Core Elastic Stack Security Features Now Available For Free Users As Well* WEBINAR: How to Get Enterprise Cyber Security for your Mid-Sized Organization* US Tech Giants Google, Intel, Qualcomm, Broadcom Break Up With Huawei
Security Week
* First American Financial Exposed Millions of Sensitive Documents* Georgia Supreme Court Rules that State Has No Obligation to Protect Personal Information* GitHub Adds New Tools to Help Developers Secure Code* Microsoft Defender ATP for Mac Now in Public Preview* One Year on, EU's GDPR Sets Global Standard for Data Protection* New York Department of Financial Services Launches Cybersecurity Unit* Microsoft Brings Hardware-Based Isolation to Chrome, Firefox* The Intelligent SOC Can be a Reality Today * Assange Charged With 17 New Counts Under Espionage Act* Facebook Figures Five Percent of Accounts Are Fake* US Officials Say Foreign Election Hacking Is Inevitable* Researcher Drops 3 Separate 0-Day Windows Exploits in 24 Hours* Instagram Says Not Source of Contact Info for Influential Users* Siemens Teams With Chronicle on Cybersecurity Solutions for Energy Industry* NATO Warns Russia of 'Full Range' of Responses to Cyberattack* Best Practices for Securely Moving Workloads Into the Cloud* Comodo Issued Most Certificates for Signed Malware on VirusTotal* Authorities Take Down Cryptocurrency Mixing Service Bestmixer.io* PoC Exploits Created for Wormable Windows RDS Flaw* Moody's Downgrades Equifax Outlook to Negative Over 2017 Data Breach
News
Infosecurity Magazine
* Snapchat: Claims of Employees Spying "Inaccurate" * Moody's Downgrading of Equifax Is a Message to Boards* APT Increasingly Targets Canadian Orgs* GDPR: Security Pros Believe Non-Compliance is Rife* IoT Attacks Cost UK Firms Over £1bn* Assange Hit with New 18-Count Indictment * LinkedIn Admits a Delay in Renewing TLS Cert * Mobile Banking Malware Rose 58% in Q1* Fake Trezor App in Google Play Scams Users * UK Political Parties Fail on Email Security Ahead of Elections
Threat Post
* Chinese Spy Group Mixes Up Its Malware Arsenal with Brand-New Loaders* ThreatList: Top 8 Threat Actors Targeting Canada in 2019* Snapchat Privacy Blunder Piques Concerns About Insider Threats* Joomla and WordPress Found Harboring Malicious Redirect Code* Microsoft Beefs Up Wi-Fi Protection* News Wrap: Which Companies Are Doing Privacy Right and Which Aren't?* Goodbye Passwords: Hello Identity Management* Shade Ransomware Expands to U.S. Targets* Calibration Attack Drills Down on iPhone, Pixel Users* SandboxEscaper Drops Three More Windows Exploits, IE Zero-Day
Naked Security
* Serious Security: Don't let your SQL server attack you with ransomware* Any advance on $1.2m for this virus-infested netbook?* Safari test points to a future with tracker-free ads* Batterygate news: Apple to warn users if iOS updates throttle iPhones* Google Ad Exchange in data privacy probe* Google stored some passwords in plaintext for 14 years* Tor Browser for Android 8.5 offers mobile users privacy boost* Mozilla fixes bugs, improves privacy in latest Firefox release* The city of Baltimore is being held hostage by ransomware* Instagram data from 49 million accounts found lying around online
Quick Heal - Security Simplified
* CVE-2019-11815: Experts discovered a privilege escalation vulnerability in the Linux Kernel* Quick Heal supports the Windows 10 May 2019 Update* What is Emotet?* CVE-2019-0708 - A Critical "Wormable” Remote Code Execution Vulnerability in Windows RDP* Miners snatching open source tools to strengthen their malevolent power!* 5 ways to instantly detect a phishing email and save yourself from phishing attack* PCs fail to boot up / Freeze after receiving Microsoft Windows 9-April-2019 updates and rebooting the PC* JCry - A Ransomware written in Golang!* This summer vacation let your kids explore the internet with safety of parental control
Security Conferences* Upcoming Cybersecurity Conferences in the United States* Upcoming Cybersecurity Conferences in Europe* 29 Amazing TED Cybersecurity Talks (2008 - 2020)* 7 Proven Ideas for Your InfoSec Conference Delegate Acquisition Strategy* An Interview with Jack Daniel: Co-Founder of BSides!
Tools & Techniques* Wireshark Analyzer 3.0.2* GRR 3.3.0.0* Flawfinder 2.0.9* AIDE 0.16.2* OpenDNSSEC 2.1.4* Hydra Network Logon Cracker 9.0* Packet Fence 9.0.0* Falco 0.15.0* GNUnet P2P Framework 0.11.4* I2P 0.9.40* WhoAmIMailBot : Service To Mask Your E-Mails* TeleShadow3 : Telegram Desktop Session Stealer (Windows)* AirpyDump : Analyse Wireless Packets On The Fly* Converto : Installing Kali Linux on VPS Server* CrossLinked : LinkedIn Enumeration Tool To Extract Valid Employee Names From An Organisation* Graffiti : A Tool To Generate Obfuscated One Liners To Aid In Penetration Testing* LANGhost : A LAN Dropbox Chatbot Controllable Via Telegram* Telegram BBBot : Telegram Bug Bounty Bot* Thc Hydra : Tool To Gain Unauthorised Access From Remote To A System* FlashSploit : Exploitation Framework For ATtiny85 Based HID Attacks
Latest Zone-H Website Defacements* https://www.projet.ufop.br* http://bpkd.kalbarprov.go.id* https://dprd-deliserdangkab.go.id* http://desa.kedirikab.go.id/kebonrejo/assets/images/hero.jpg* http://ppdpendang.moe.gov.my/Eg.htm* http://ppdpterap.moe.gov.my/Eg.htm* http://ppdkubangpasu.moe.gov.my/Eg.htm* http://ukrfish.gov.ua/o.htm* https://ppid.sulselprov.go.id* http://www.cnv.gov.py/index.htm* http://burukab.go.id* http://www.pka.gov.my/Eg.htm* http://concejocartagena.gov.co/index.html* https://santaluziadoitanhi.se.gov.br/n.html* https://pedramole.se.gov.br/n.html* https://itaporanga.se.gov.br/n.html* https://gracchocardoso.se.gov.br/n.html* https://cmriachaododantas.se.gov.br/n.html* https://camaradesimaodias.se.gov.br/n.html
Proof of Concept (PoC) & Exploits
Packet Storm Security
* Microsoft Windows Installer Race Condition* Quest KACE Systems Management Appliance 9.0 Cross Site Scripting* Opencart 3.0.3.2 extension/feed/google_base Denial Of Service* Anviz M3 RFID Missing Access Controls* Nagios XI 5.6.1 SQL Injection* Microsoft Windows Win32k Privilege Escalation* Interspire Email Marketer 6.20 Remote Code Execution* Internet Explorer JavaScript Privilege Escalation* Angry Polar Bear 2: Microsoft Windows Error Reporting Local Privilege Escalation* NetAware 1.20 Add Block / Share Name Denial Of Service* WordPress Tigin 1.0.5 Open Redirection* WordPress Xunjin 4.6 Open Redirection* WordPress Divi-Child 1.0 Open Redirection* WordPress Howsci 1.8 Open Redirection* WordPress Antena_Ri Institute 2.0 Open Redirection* WordPress PHPL 1.0 Open Redirection* WordPress Jingke 1.0 Open Redirection* WordPress Ninger 4.6 Open Redirection* Terminal Services Manager 3.2.1 Denial Of Service* WordPress jilijilibegin LTS 4.6 Open Redirection* WordPress Chrome-Extensions 1.0 Open Redirection* WordPress Dankov Planer 1.1.2 Open Redirection
Exploit Database
* [dos] Fast AVI MPEG Joiner - 'License Name' Denial of Service (PoC)* [remote] Microsoft Internet Explorer Windows 10 1809 17763.316 - Scripting Engine Memory Corruption* [dos] Cyberoam General Authentication Client 2.1.2.7 - 'Server Address' Denial of Service (PoC)* [dos] Cyberoam Transparent Authentication Suite 2.1.2.5 - 'NetBIOS Name' Denial of Service (PoC)* [dos] Cyberoam Transparent Authentication Suite 2.1.2.5 - 'Fully Qualified Domain Name' Denial of Service(PoC)* [dos] Cyberoam SSLVPN Client 1.3.1.30 - 'HTTP Proxy' Denial of Service (PoC)* [dos] Cyberoam SSLVPN Client 1.3.1.30 - 'Connect To Server' Denial of Service (PoC)* [local] Axessh 4.2 - 'Log file name' Local Stack-based Buffer Overflow* [webapps] Opencart 3.0.3.2 - 'extension/feed/google_base' Denial of Service PoC* [local] Microsoft Windows - 'Win32k' Local Privilege Escalation* [local] Microsoft Internet Explorer 11 - Sandbox Escape* [local] Microsoft Windows (x84) - Task Scheduler' .job' Import Arbitrary Discretionary Access Control ListWrite / Local Privilege Escalation* [local] Microsoft Windows (x84/x64) - 'Error Reporting' Discretionary Access Control List / Local PrivilegeEscalation* [local] Microsoft Windows 10 (17763.379) - Install DLL* [remote] Shopware - createInstanceFromNamedArguments PHP Object Instantiation Remote Code Execution(Metasploit)* [local] Apple Mac OS X - Feedback Assistant Race Condition (Metasploit)* [dos] Visual Voicemail for iPhone - IMAP NAMESPACE Processing Use-After-Free* [local] Microsoft Windows 10 1809 - 'CmKeyBodyRemapToVirtualForEnum' Arbitrary Key Enumeration
AdvisoriesUS-Cert Alerts & bulletins
* AA19-122A: New Exploits for Unsecure SAP Systems* AA19-024A: DNS Infrastructure Hijacking Campaign* SB19-147: Vulnerability Summary for the Week of May 20, 2019* SB19-140: Vulnerability Summary for the Week of May 13, 2019
Symantec - Latest List
* Microsoft Internet Explorer CVE-2019-0995 Security Bypass Vulnerability* Microsoft Internet Explorer and Edge CVE-2019-0940 Remote Memory Corruption Vulnerability* Microsoft Edge CVE-2019-0938 Remote Privilege Escalation Vulnerability* Microsoft SharePoint Server CVE-2019-0956 Information Disclosure Vulnerability* Microsoft Azure Active Directory Connect CVE-2019-1000 Remote Privilege Escalation Vulnerability* Microsoft Edge Chakra Scripting Engine CVE-2019-0937 Remote Memory Corruption Vulnerability* Microsoft Office Access Connectivity Engine CVE-2019-0945 Remote Code Execution Vulnerability* Microsoft Edge Chakra Scripting Engine CVE-2019-0933 Remote Memory Corruption Vulnerability* Microsoft SharePoint Server CVE-2019-0949 Spoofing Vulnerability* Microsoft Windows Remote Desktop Services CVE-2019-0708 Remote Code Execution Vulnerability* Microsoft Internet Explorer CVE-2019-0930 Information Disclosure Vulnerability* Microsoft SharePoint Server CVE-2019-0952 Remote Code Execution Vulnerability* Microsoft Internet Explorer CVE-2019-0929 Remote Memory Corruption Vulnerability* Microsoft SharePoint Server CVE-2019-0958 Remote Privilege Escalation Vulnerability* Microsoft SharePoint Server CVE-2019-0957 Remote Privilege Escalation Vulnerability* Microsoft .NET CVE-2019-0820 Denial of Service Vulnerability* Microsoft SharePoint Server CVE-2019-0950 Spoofing Vulnerability* Microsoft Edge Chakra Scripting Engine CVE-2019-0927 Remote Memory Corruption Vulnerability* Microsoft Azure DevOps Server and Team Foundation Server Cross Site Scripting Vulnerability* Microsoft SharePoint Server CVE-2019-0963 Cross Site Scripting Vulnerability* Microsoft Edge CVE-2019-0926 Remote Memory Corruption Vulnerability* Microsoft Windows GDI Component CVE-2019-0882 Information Disclosure Vulnerability* Microsoft Edge Chakra Scripting Engine CVE-2019-0925 Remote Memory Corruption Vulnerability* Microsoft Word CVE-2019-0953 Remote Code Execution Vulnerability* Microsoft SQL Server CVE-2019-0819 Information Disclosure Vulnerability* Microsoft Edge Chakra Scripting Engine CVE-2019-0924 Remote Memory Corruption Vulnerability
Packet Storm Security - Latest List
Red Hat Security Advisory 2019-1268-01Red Hat Security Advisory 2019-1268-01 - Kernel-based Virtual Machine offers a full virtualization solution forLinux on numerous hardware platforms. The virt:rhel module contains packages which provide user-spacecomponents used to run virtual machines using KVM. The packages also provide APIs for managing andinteracting with the virtualized systems. Issues addressed include wrong permissions in systemd admin-sockdue to a missing SocketMode parameter.Red Hat Security Advisory 2019-1269-01Red Hat Security Advisory 2019-1269-01 - Mozilla Firefox is an open-source web browser, designed forstandards compliance, performance, and portability. This update upgrades Firefox to version 60.7.0 ESR.Issues addressed include buffer overflow and use-after-free vulnerabilities.Red Hat Security Advisory 2019-1264-01Red Hat Security Advisory 2019-1264-01 - The libvirt library contains a C API for managing and interacting withthe virtualization capabilities of Linux and other operating systems. Issues addressed include wrongpermissions in systemd admin-sock due to a missing SocketMode parameter.Red Hat Security Advisory 2019-1267-01Red Hat Security Advisory 2019-1267-01 - Mozilla Firefox is an open-source web browser, designed forstandards compliance, performance, and portability. This update upgrades Firefox to version 60.7.0 ESR.Issues addressed include buffer overflow and use-after-free vulnerabilities.Red Hat Security Advisory 2019-1265-01Red Hat Security Advisory 2019-1265-01 - Mozilla Firefox is an open-source web browser, designed forstandards compliance, performance, and portability. This update upgrades Firefox to version 60.7.0 ESR.Issues addressed include buffer overflow and use-after-free vulnerabilities.Bitbucket Path Traversal / Remote Code ExecutionBitbucket Data Center had a path traversal vulnerability in the Data Center migration tool. A remote attackerwith authenticated user with admin permissions can exploit this path traversal vulnerability to write files toarbitrary locations which can lead to remote code execution on systems that run a vulnerable version ofBitbucket Data Center. Bitbucket Server versions without a Data Center license are not vulnerable to thisvulnerability. Versions of Bitbucket Server starting with 5.13.0 before 5.13.6 (the fixed version for 5.13.x), from5.14.0 before 5.14.4 (fixed version for 5.14.x), from 5.15.0 before 5.15.3 (fixed version for 5.13.x), from 6.0.0before 6.0.3 (fixed version for 6.0.x), and from 6.1.0 before 6.1.2 (the fixed version for 6.1.x) are affected by thisvulnerability.Slackware Security Advisory - curl UpdatesSlackware Security Advisory - New curl packages are available for Slackware 14.0, 14.1, 14.2, and -current tofix security issues. Debian Security Advisory 4449-1Debian Linux Security Advisory 4449-1 - Several vulnerabilities have been discovered in the FFmpegmultimedia framework, which could result in denial of service or potentially the execution of arbitrary code ifmalformed files/streams are processed.Ubuntu Security Notice USN-3977-2Ubuntu Security Notice 3977-2 - USN-3977-1 provided mitigations for Microarchitectural Data Samplingvulnerabilities in Intel Microcode for a large number of Intel processor families. This update provides thecorresponding updated microcode mitigations for Intel Cherry Trail and Bay Trail processor families. Ke Sun,Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze, Dan Horea Lutas, Andrei Lutas,Volodymyr Pikhur, Stephan van Schaik, Alyssa Milburn, Sebastian Osterlund, Pietro Frigo, Kaveh Razavi,Herbert Bos, Cristiano Giuffrida, Moritz Lipp, Michael Schwarz, and Daniel Gruss discovered that memorypreviously stored in microarchitectural fill buffers of an Intel CPU core may be exposed to a malicious processthat is executing on the same CPU core. A local attacker could use this to expose sensitive information.Various other issues were also addressed.
Debian Security Advisory 4448-1Debian Linux Security Advisory 4448-1 - Multiple security issues have been found in the Mozilla Firefox webbrowser, which could potentially result in the execution of arbitrary code.Ubuntu Security Notice USN-3993-2Ubuntu Security Notice 3993-2 - USN-3993-1 fixed a vulnerability in curl. This update provides thecorresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. It was discovered that curl incorrectlyhandled memory when receiving data from a TFTP server. A remote attacker could use this issue to cause curlto crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were alsoaddressed.Ubuntu Security Notice USN-3992-1Ubuntu Security Notice 3992-1 - A large number of security issues were discovered in the WebKitGTK+ Weband JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploita variety of issues related to web browser security, including cross-site scripting attacks, denial of serviceattacks, and arbitrary code execution.Ubuntu Security Notice USN-3993-1Ubuntu Security Notice 3993-1 - Wenchao Li discovered that curl incorrectly handled memory in thecurl_url_set function. A remote attacker could use this issue to cause curl to crash, resulting in a denial ofservice, or possibly execute arbitrary code. This issue only affected Ubuntu 19.04. It was discovered that curlincorrectly handled memory when receiving data from a TFTP server. A remote attacker could use this issue tocause curl to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issueswere also addressed.Slackware Security Advisory - mozilla-firefox UpdatesSlackware Security Advisory - New mozilla-firefox packages are available for Slackware 14.2 and -current to fixsecurity issues. Ubuntu Security Notice USN-3566-2Ubuntu Security Notice 3566-2 - USN-3566-1 fixed several vulnerabilities in PHP. This update provides thecorresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. It was discovered that PHP incorrectlyhandled certain files. An attacker could possibly use this issue to access sensitive information. It wasdiscovered that PHP incorrectly handled certain files. An attacker could possibly use this issue to accesssensitive information or possibly cause a crash, resulting in a denial of service. Various other issues were alsoaddressed.Red Hat Security Advisory 2019-1260-01Red Hat Security Advisory 2019-1260-01 - Python is an interpreted, interactive, object-oriented programminglanguage, which includes modules, classes, exceptions, very high level dynamic data types and dynamictyping. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.Issues addressed include an information leakage vulnerability.Red Hat Security Advisory 2019-1259-01Red Hat Security Advisory 2019-1259-01 - .NET Core is a managed-software framework. It implements asubset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. A newversion of .NET Core that address security vulnerabilities is now available. The updated version is .NET CoreRuntime 2.1.11 and SDK 2.1.507. Issues addressed include a denial of service vulnerability.JSC DFG Incorrect Decision On BehaviorJSC DFG's doesGC() is incorrect about the HasIndexedProperty operation's behavior on StringObjects.Revive Adserver Weak PRNG CryptographyRevive Adserver versions prior to 4.2.1 make use of a cryptographically weak pseudo-random numbergenerator.WebKitGTK+ / WPE WebKit Code ExecutionWebKitGTK+ and WPE WebKit suffer from multiple memory corruption vulnerabilities and various other issuesthat can lead to code execution. Multiple versions are affected.
Ubuntu Security Notice USN-3991-1Ubuntu Security Notice 3991-1 - Multiple security issues were discovered in Firefox. If a user were tricked in toopening a specially crafted website, an attacker could potentially exploit these to cause a denial of service,spoof the browser UI, trick the user in to launching local executable binaries, obtain sensitive information,conduct cross-site scripting attacks, or execute arbitrary code. Various other issues were also addressed.Red Hat Security Advisory 2019-1258-01Red Hat Security Advisory 2019-1258-01 - MariaDB is a multi-user, multi-threaded SQL database server. Forall practical purposes, MariaDB is binary-compatible with MySQL. Ubuntu Security Notice USN-3989-1Ubuntu Security Notice 3989-1 - It was discovered that LibRaw incorrectly handled photo files. If a user orautomated system were tricked into processing a specially crafted photo file, a remote attacker could causeapplications linked against LibRaw to crash, resulting in a denial of service, or possibly execute arbitrary code.Ubuntu Security Notice USN-3990-1Ubuntu Security Notice 3990-1 - It was discovered that urllib3 incorrectly removed Authorization HTTP headerswhen handled cross-origin redirects. This could result in credentials being sent to unintended hosts. This issueonly affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 18.10. It was discovered that urllib3 incorrectlystripped certain characters from requests. A remote attacker could use this issue to perform CRLF injection.Various other issues were also addressed.
