TippingPoint Threat Intelligence and Zero-Day Coverage – Week of June 19, 2017

Yesterday I celebrated my 29th birthday (again) and it was great to celebrate with friends, family, and coworkers. They say age is just a number, and I truly believe that. Unfortunately, we live in a world where laws require us to count numbers so that it can be determined if we can vote, drink, rent a car, and even retire from the workforce.

In our cyber security world, we love to count. In the world of the Zero Day Initiative (ZDI), the number of vulnerabilities disclosed so far in 2017 is just a number, but it’s a really big number! Last year, the ZDI publicly disclosed a record 690 vulnerabilities covering almost 50 vendors. As of the publishing of this blog, the number currently stands at 441! Is this the year we hit 1,000? Only time will tell. In the meantime, I invite you to take a sneak peek into the inner workings of the ZDI by reading Dustin Child’s blog: The Inside Scoop on the World’s Leading Bug Bounty Program. 

Adobe Security Updates

This week’s Digital Vaccine (DV) package includes coverage for Adobe updates released on or before June 13, 2017. The following table maps Digital Vaccine filters to the Adobe updates. Filters marked with an (*) shipped prior to this DV package, providing zero-day protection for our customers. You can get more detailed information on this month’s security updates from Dustin Childs’ June 2017 Security Update Review from the Zero Day Initiative:

Bulletin # CVE # Digital Vaccine Filter # Status
APSB17-17 CVE-2017-3075 *28094
APSB17-17 CVE-2017-3076 28656
APSB17-17 CVE-2017-3077 28669
APSB17-17 CVE-2017-3078 28657
APSB17-17 CVE-2017-3079 28658
APSB17-17 CVE-2017-3081 28659
APSB17-17 CVE-2017-3082 28660
APSB17-17 CVE-2017-3083 28661
APSB17-17 CVE-2017-3084 28662

 

Zero-Day Filters

There are 24 new zero-day filters covering four vendors in this week’s Digital Vaccine (DV) package. A number of existing filters in this week’s DV package were modified to update the filter description, update specific filter deployment recommendation, increase filter accuracy and/or optimize performance. You can browse the list of published advisories and upcoming advisories on the Zero Day Initiative website.

Adobe (16)

  • 28654: ZDI-CAN-4733: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)
  • 28660: HTTP: Adobe Flash determinePreferredLocales Memory Corruption Vulnerability (ZDI-17-408)
  • 28661: HTTP: Adobe Flash Profile Objects Use-After-Free Vulnerability (ZDI-17-406)
  • 28662: HTTP: Adobe Flash AdvertisingMetadata Use-After-Free Vulnerability (ZDI-17-407)
  • 28663: ZDI-CAN-4734: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)
  • 28664: ZDI-CAN-4746: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)
  • 28666: ZDI-CAN-4747: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)
  • 28668: ZDI-CAN-4767: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)
  • 28730: ZDI-CAN-4827: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)
  • 28731: ZDI-CAN-4828: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)
  • 28732: ZDI-CAN-4829: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)
  • 28733: ZDI-CAN-4830: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)
  • 28734: ZDI-CAN-4842: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)
  • 28735: ZDI-CAN-4843: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)
  • 28736: ZDI-CAN-4844: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)
  • 28741: ZDI-CAN-4854: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC) 

Hewlett Packard Enterprise (3)

  • 28633: HTTP: HPE Network Automation FileServlet Information Disclosure Vulnerability (ZDI-17-330)
  • 28634: HTTPS: HPE Network Automation FileServlet Information Disclosure Vulnerability (ZDI-17-330)
  • 28740: ZDI-CAN-4853: Zero Day Initiative Vulnerability (Hewlett Packard Enterprise Intelligent Management) 

Microsoft (2)

  • 28729: ZDI-CAN-4826: Zero Day Initiative Vulnerability (Microsoft Chakra)
  • 28737: ZDI-CAN-4845: Zero Day Initiative Vulnerability (Microsoft Office Word) 

Trend Micro (3)

  • 28535: HTTPS: Trend Micro InterScan Web Security testConfiguration Command Injection (ZDI-17-232)
  • 28723: ZDI-CAN-4780: Zero Day Initiative Vulnerability (Trend Micro Mobile Security for Enterprise)
  • 28724: ZDI-CAN-4784-4785,4805: Zero Day Initiative Vulnerability (Trend Micro Mobile Security) 

Missed Last Week’s News?

Catch up on last week’s news in my weekly recap.



from Trend Micro Simply Security http://ift.tt/2rZereA

Comments

Post a Comment

Popular posts from this blog

AR18-312A: JexBoss – JBoss Verify and EXploitation Tool

Image
Original release date: November 08, 2018 Summary JBoss Verify and EXploitation tool (JexBoss) is an open-source tool used by cybersecurity hunt teams (sometimes referred to as “red teams”) and auditors to conduct authorized security assessments. Threat actors use this tool maliciously to test and exploit vulnerabilities in JBoss Application Server (JBoss AS)—now WildFly—and a variety of Java applications and platforms. JexBoss automates all the phases of a cyberattack, making it a powerful and easy-to-use weapon in a threat actor’s cyber arsenal. This report provides a detailed analysis of JexBoss’ functionality, along with detection, response, prevention, and mitigation recommendations. Description JexBoss JexBoss is a tool used to test and exploit vulnerabilities in Java applications and platforms, including the JBoss AS/WildFly web server framework. JexBoss is written in the Python programming language using standard Python libraries. JexBoss is run from the command-line inter
Keep reading

SB18-141: Vulnerability Summary for the Week of May 14, 2018

Original release date: May 21, 2018 The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD , which contains historical vulnerability information. The vulnerabilities are based on the CVE vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores: High - Vulnerabilities will be labeled High severity if they have a CVSS base score of 7.0 - 10.0 Medium - Vulnerabilities will be labeled Medium severity
Keep reading

SB18-029: Vulnerability Summary for the Week of January 22, 2018

Original release date: January 29, 2018 The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD , which contains historical vulnerability information. The vulnerabilities are based on the CVE vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores: High - Vulnerabilities will be labeled High severity if they have a CVSS base score of 7.0 - 10.0 Medium - Vulnerabilities will be labeled Medium sever
Keep reading

Learn Python Programming – 7 Courses Video Training Bundle

Image
It's no secret that learning how to code is one of the most important things you can do when it comes to the beginning or furthering practically any career in programming and technology. The only problem a beginner often faces is that there are seemingly countless programming languages to choose from, which makes it exceedingly difficult for aspiring or even seasoned programmers to know which from The Hacker News http://bit.ly/2Ug9eJ8
Keep reading

SB18-043: Vulnerability Summary for the Week of February 5, 2018

Original release date: February 12, 2018 The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD , which contains historical vulnerability information. The vulnerabilities are based on the CVE vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores: High - Vulnerabilities will be labeled High severity if they have a CVSS base score of 7.0 - 10.0 Medium - Vulnerabilities will be labeled Medium seve
Keep reading

SB18-057: Vulnerability Summary for the Week of February 19, 2018

Original release date: February 26, 2018 The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD , which contains historical vulnerability information. The vulnerabilities are based on the CVE vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores: High - Vulnerabilities will be labeled High severity if they have a CVSS base score of 7.0 - 10.0 Medium - Vulnerabilities will be labeled Medium seve
Keep reading

SB18-008: Vulnerability Summary for the Week of January 1, 2018

Original release date: January 08, 2018 The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD , which contains historical vulnerability information. The vulnerabilities are based on the CVE vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores: High - Vulnerabilities will be labeled High severity if they have a CVSS base score of 7.0 - 10.0 Medium - Vulnerabilities will be labeled Medium sever
Keep reading

Vulnerability Summary for the Week of October 19, 2020

Original release date: October 26, 2020 The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD . In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.   High Vulnerabilities Primary Vendor -- Product Description Published CVSS Score Source & Patch Info acronis -- cyber_backup Acronis Cyber Backup 12.5 and Cyber Protect 15 include an OpenSSL component that specifies an OPENSSLDIR variable as a subdirectory within C:\jenkins_agent\. Acronis Cyber Backup and Cyber Protect contain a privileged service that uses this OpenSSL component. Because unprivileged Windows users can create subdirectories off of the system root, a user can create the appropriate path to a specially-crafted openssl.cnf file to achieve arbitrary code execution with SYSTEM privileges. 2020-10-21 7.2 CVE-2020-10138 MIS
Keep reading

Vulnerability Summary for the Week of March 2, 2020

Original release date: March 9, 2020 The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD . In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.   High Vulnerabilities Primary Vendor -- Product Description Published CVSS Score Source & Patch Info apple -- multiple_products   A denial of service issue was addressed with improved input validation. 2020-02-28 7.8 CVE-2019-8741 MISC MISC MISC MISC MISC MISC MISC centreon -- centreon   An issue was discovered in Centreon before 2.8.30, 18.10.8, 19.04.5, and 19.10.2. SQL Injection exists via the include/monitoring/status/Hosts/xml/hostXML.php instance parameter. 2020-03-05 7.5 CVE-2019-17647 CONFIRM CONFIRM CONFIRM MISC CONFIRM CONFIRM centreon -- centreon   Centreon 19.10 allows remote authenticated users to ex
Keep reading

SB18-071: Vulnerability Summary for the Week of March 5, 2018

Original release date: March 12, 2018 The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD , which contains historical vulnerability information. The vulnerabilities are based on the CVE vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores: High - Vulnerabilities will be labeled High severity if they have a CVSS base score of 7.0 - 10.0 Medium - Vulnerabilities will be labeled Medium severit
Keep reading