Security Bulletins

US-CERT: The United States Computer Emergency Readiness Team   more  xml  hide  
last updated: Sat, 18 Aug 2018 21:49:06 GMT

 Sat, 18 Aug 2018 02:05:47 +0000 Apache Releases Security Updates for Tomcat Native
Original release date: August 17, 2018 | Last revised: August 18, 2018

The Apache Foundation has released security updates to address vulnerabilities in Apache Tomcat Native. A remote attacker could exploit these vulnerabilities to take control of an affected server.

NCCIC encourages users and administrators to review the Apache Advisory and Tomcat Native Downloads page and apply the necessary updates.


This product is provided subject to this Notification and this Privacy & Use policy.


 Wed, 15 Aug 2018 17:48:46 +0000  Cisco Releases Security Updates
Original release date: August 15, 2018

Cisco has released updates to address vulnerabilities affecting Cisco products. A remote attacker could exploit these vulnerabilities to cause a denial-of-service condition.  

NCCIC encourages users and administrators to review the following Cisco Security Advisories and apply the necessary updates:


This product is provided subject to this Notification and this Privacy & Use policy.


 Wed, 15 Aug 2018 02:04:49 +0000 FBI Releases Guidance on Defending Against Travel Scams
Original release date: August 14, 2018

The Federal Bureau of Investigation (FBI) has released an article on building a digital defense against travel scams. FBI explains how scammers trick consumers with "free" vacation ploys. These offers may be fake or involve hidden fees. Legitimate companies will not ask prize winners to pay to claim their reward.

NCCIC encourages consumers to review the FBI Article, the Federal Trade Commission's Travel Tips, and NCCIC's Tip on Avoiding Social Engineering and Phishing Attacks for more information.


This product is provided subject to this Notification and this Privacy & Use policy.


 Tue, 14 Aug 2018 23:16:25 +0000 VMware Releases Security Updates
Original release date: August 14, 2018 | Last revised: August 15, 2018

VMware has released security updates to address vulnerabilities in vSphere, Workstation, Fusion, and Virtual Appliances. An attacker could exploit these vulnerabilities to obtain sensitive information.

NCCIC encourages users and administrators to review VMware Security Advisories VMSA-2018-0020, VMSA-2018-0021, and VMSA-2018-0022 and apply the necessary updates.


This product is provided subject to this Notification and this Privacy & Use policy.


 Tue, 14 Aug 2018 22:23:46 +0000 Samba Releases Security Updates
Original release date: August 14, 2018

The Samba Team has released security updates to address several vulnerabilities in Samba. An attacker could exploit one of these vulnerabilities to take control of an affected system.

NCCIC encourages users and administrators to review the Samba Security Announcements for CVE-2018-10858, CVE-2018-10918, CVE-2018-10919, CVE-2018-1139, and CVE-2018-1140 and apply the necessary updates.


This product is provided subject to this Notification and this Privacy & Use policy.



[logo] SecurityFocus Vulnerabilities   more  xml  hide  
last updated: Sat, 18 Aug 2018 21:41:53 GMT

 2018-08-18 Vuln: Multiple Intel Processors Side Channel Attack Multiple Information Disclosure Vulnerabilities
Multiple Intel Processors Side Channel Attack Multiple Information Disclosure Vulnerabilities
 2018-08-17 Vuln: Cisco Web Security Appliance CVE-2018-0428 Local Privilege Escalation Vulnerability
Cisco Web Security Appliance CVE-2018-0428 Local Privilege Escalation Vulnerability
 2018-08-16 Vuln: Adobe Flash Player CVE-2018-12828 Unspecified Privilege Escalation Vulnerability
Adobe Flash Player CVE-2018-12828 Unspecified Privilege Escalation Vulnerability
 2018-08-16 Vuln: Adobe Flash Player CVE-2018-12825 Unspecified Security Bypass Vulnerability
Adobe Flash Player CVE-2018-12825 Unspecified Security Bypass Vulnerability
  Bugtraq: [SECURITY] [DSA 4269-1] postgresql-9.6 security update
[SECURITY] [DSA 4269-1] postgresql-9.6 security update
  Bugtraq: [SECURITY] [DSA 4268-1] openjdk-8 security update
[SECURITY] [DSA 4268-1] openjdk-8 security update
  Bugtraq: [SECURITY] [DSA 4267-1] kamailio security update
[SECURITY] [DSA 4267-1] kamailio security update
  Bugtraq: [CVE-2018-12584] Heap overflow vulnerability in reSIProcate through 1.10.2
[CVE-2018-12584] Heap overflow vulnerability in reSIProcate through 1.10.2
  More rss feeds from SecurityFocus
News, Infocus, Columns, Vulnerabilities, Bugtraq ...

[logo] Yahoo News - Latest News & Headlines   more  xml  hide  
last updated: Sat, 18 Aug 2018 21:49:08 GMT

 Thu, 16 Aug 2018 19:49:41 -0400 Catholics On Twitter Call For Drastic Reform After Pennsylvania Sexual Abuse Report

Catholics On Twitter Call For Drastic Reform After Pennsylvania Sexual Abuse ReportPennsylvania's newly released grand jury report on clerical sexual abuse


 Thu, 16 Aug 2018 22:56:13 -0400 Judge says Trump campaign screwed up on wording of confidentiality agreements

Judge says Trump campaign screwed up on wording of confidentiality agreementsA Manhattan judge issued a ruling on Thursday that thwarts the Trump campaign’s attempts to keep a lawsuit out of open court.


 Fri, 17 Aug 2018 10:10:44 -0400 Bodies of missing Colorado girls allegedly killed by dad found in oil and gas tanks: report

Bodies of missing Colorado girls allegedly killed by dad found in oil and gas tanks: reportThe bodies of two missing Colorado girls who disappeared along with their


 Fri, 17 Aug 2018 21:20:33 -0400 Ryan Zinke Would 'Sell His Grandkids For Big Oil,' Says Washington Governor

Ryan Zinke Would 'Sell His Grandkids For Big Oil,' Says Washington GovernorWashington Gov. Jay Inslee slammed Ryan Zinke's record on the environment


 Fri, 17 Aug 2018 06:33:22 -0400 Yazidi 'ex-sex slave' trapped both in Iraq and in German exile

Yazidi 'ex-sex slave' trapped both in Iraq and in German exileA young Yazidi woman who fled to Germany but returned home to northern Iraq says she cannot escape her Islamic State group captor who held her as a sex slave for three months. Ashwaq Haji, 19, says she ran into the man in a German supermarket in February. Traumatised by the encounter, she returned to Iraq the following month.



Cisco Security Advisory   more  xml  hide  
last updated: Sat, 18 Aug 2018 21:41:55 GMT

 Fri, 17 Aug 2018 20:17:13 CDT CPU Side-Channel Information Disclosure Vulnerabilities: August 2018
On August 14th, 2018, three vulnerabilities were disclosed by Intel and security researchers that leverage a speculative execution side-channel method referred to as L1 Terminal Fault (L1TF) that affects modern Intel microprocessors. These vulnerabilities could allow an unprivileged, local attacker, in specific circumstances, to read privileged memory belonging to other processes.

The first vulnerability, CVE-2018-3615, affects Intel SGX technology and is referred to by the researchers who discovered it as foreshadow. This vulnerability is not known to affect any Cisco devices as the Cisco devices do not utilize Intel SGX technology.

The second vulnerability, CVE-2018-3620, and the third vulnerability, CVE-2018-3646, are referred to as L1 Terminal Fault attacks by Intel. These two vulnerabilities affect multi-core processors that leverage Intel Hyper-Threading technology supporting Operating System, System Management Mode, and Virtualized workloads. Like the previously disclosed Spectre vulnerabilities, all three new vulnerabilities leverage cache-timing attacks to infer any disclosed data.

To exploit any of these vulnerabilities, an attacker must be able to run crafted or script code on an affected device. Although the underlying CPU and operating system combination in a product or service may be affected by these vulnerabilities, the majority of Cisco products are closed systems that do not allow customers to run custom code and are, therefore, not vulnerable. There is no vector from which to exploit them. Cisco products are considered potentially vulnerable only if they allow customers to execute custom code side-by-side with Cisco code on the same microprocessor.

A Cisco product that may be deployed as a virtual machine or a container, even while not directly affected by any of these vulnerabilities, could be targeted by such attacks if the hosting environment is vulnerable. Cisco recommends that customers harden their virtual environments, tightly control user access, and ensure that all security updates are installed. Customers who are deploying products as a virtual device in multi-tenant hosting environments should ensure that the underlying hardware, as well as the operating system or hypervisor, is patched against the vulnerabilities in question.

Although Cisco cloud services are not directly affected by these vulnerabilities, the infrastructure on which they run may be impacted. See the Affected Products section of this advisory for information about the impact of these vulnerabilities on Cisco cloud services.

Cisco will release software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180814-cpusidechannel


Security Impact Rating: Medium
CVE: CVE-2018-3615,CVE-2018-3620,CVE-2018-3646
 Thu, 16 Aug 2018 14:14:21 CDT Cisco IP Phone 7800 Series and 8800 Series and Cisco Wireless IP Phone 8821 Denial of Service Vulnerability

A vulnerability in the Session Initiation Protocol (SIP) call-handling functionality of Cisco IP Phone 7800 Series, IP Phone 8800 Series, and Wireless IP Phone 8821 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected phone.

The vulnerability is due to incomplete input validation of SIP Session Description Protocol (SDP) parameters by the SDP parser of an affected phone. An attacker could exploit this vulnerability by sending a malformed SIP packet to an affected phone. A successful exploit could allow the attacker to cause all active phone calls on the affected phone to be dropped while the SIP process on the phone unexpectedly restarts, resulting in a DoS condition.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180516-ip-phone-dos


Security Impact Rating: Medium
CVE: CVE-2018-0325
 Thu, 16 Aug 2018 13:48:18 CDT Vulnerability in Linux Kernel Affecting Cisco Products: October 2016
On October 19, 2016, a new vulnerability related to a race condition in the memory manager of the Linux Kernel was disclosed. This vulnerability could allow unprivileged, local users to gain write access to otherwise read-only memory mappings to increase their privileges on the system.

Cisco has released software updates that address this vulnerability. For information about affected and fixed software releases, consult the Cisco bug IDs in the Vulnerable Products table.

This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161026-linux
Security Impact Rating: Medium
CVE: CVE-2016-5195
 Wed, 15 Aug 2018 19:27:12 CDT Cisco Adaptive Security Appliance Web Services Denial of Service Vulnerability
A vulnerability in the web interface of the Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. It is also possible on certain software releases that the ASA will not reload, but an attacker could view sensitive system information without authentication by using directory traversal techniques.

The vulnerability is due to lack of proper input validation of the HTTP URL. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. An exploit could allow the attacker to cause a DoS condition or unauthenticated disclosure of information. This vulnerability applies to IPv4 and IPv6 HTTP traffic.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-asaftd
Security Impact Rating: High
CVE: CVE-2018-0296
 Wed, 15 Aug 2018 16:00:00 CDT Cisco ASR 9000 Series Aggregation Services Routers Precision Time Protocol Denial of Service Vulnerability

A vulnerability in the Local Packet Transport Services (LPTS) feature set of Cisco ASR 9000 Series Aggregation Services Router Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.

The vulnerability is due to a lack of input and validation checking on certain Precision Time Protocol (PTP) ingress traffic to an affected device. An attacker could exploit this vulnerability by injecting malformed traffic into an affected device. A successful exploit could allow the attacker to cause services on the device to become unresponsive, resulting in a DoS condition.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180815-asr-ptp-dos


Security Impact Rating: Medium
CVE: CVE-2018-0418

powered by zFeeder

Reload this page to check for the most recent news updates.

Please read our legal disclaimer for the use of this information.

Stay Secure
Axiom understands how vital the security of your data is to your organization. Please don't hesitate to contact us if you would like a professional assessment of your network infrastructure.
Home Axiom Advisor Security Bulletins