Security Bulletins

US-CERT: The United States Computer Emergency Readiness Team   more  xml  hide  
last updated: Sat, 20 Jan 2018 18:56:32 GMT

 Fri, 19 Jan 2018 06:20:06 +0000 Lenovo Releases Security Advisory
Original release date: January 19, 2018

Lenovo has released security updates to address a vulnerability affecting Enterprise Network Operating System (ENOS) firmware. An attacker could exploit this vulnerability to obtain sensitive information.

NCCIC/US-CERT encourages users and administrators to review Lenovo's Security Advisory and the Canadian Cyber Incident Response Centre (CCIRC)'s Lenovo Security Advisory for more information and apply the necessary updates or mitigations.


This product is provided subject to this Notification and this Privacy & Use policy.


 Thu, 18 Jan 2018 18:57:50 +0000 NCSC Releases Security Advisory
Original release date: January 18, 2018

The United Kingdom's National Cyber Security Centre (NCSC) has released a report updating its guidance on Turla Neuron malware, which provides a platform to steal sensitive data. NCSC provides enhanced cybersecurity services to protect against cybersecurity threats.

NCCIC/US-CERT encourages users and administrators to review the NCSC advisory to access the report and for more information.


This product is provided subject to this Notification and this Privacy & Use policy.


 Wed, 17 Jan 2018 18:52:16 +0000 Cisco Releases Security Updates
Original release date: January 17, 2018 | Last revised: January 18, 2018

Cisco has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit one of these vulnerabilities to take control of an affected system.

NCCIC/US-CERT encourages users and administrators to review the following Cisco Security Advisories and apply the necessary updates:


This product is provided subject to this Notification and this Privacy & Use policy.


 Tue, 16 Jan 2018 23:58:39 +0000 ISC Releases Security Advisories for DHCP, BIND
Original release date: January 16, 2018

The Internet Systems Consortium (ISC) has released updates or workarounds that address vulnerabilities in versions of ISC Dynamic Host Configuration Protocol (DHCP) and Berkeley Internet Name Domain (BIND). A remote attacker could exploit these vulnerabilities to cause a denial-of-service condition.

NCCIC/US-CERT encourages users and administrators to review ISC Knowledge Base Articles AA-01541 and AA-01542 and apply the necessary updates or workarounds.


This product is provided subject to this Notification and this Privacy & Use policy.


 Tue, 16 Jan 2018 22:31:37 +0000 Oracle Releases January 2018 Security Bulletin
Original release date: January 16, 2018

Oracle has released its Critical Patch Update for January 2018 to address 237 vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to obtain access to sensitive information.

NCCIC/US-CERT encourages users and administrators to review the Oracle January 2018 Critical Patch Update and apply the necessary updates.


This product is provided subject to this Notification and this Privacy & Use policy.



[logo] SecurityFocus Vulnerabilities   more  xml  hide  
last updated: Sat, 20 Jan 2018 18:48:34 GMT

 2018-01-19 Vuln: WordPress MediaElement Cross Site Scripting Vulnerability
WordPress MediaElement Cross Site Scripting Vulnerability
 2018-01-19 Vuln: Microsoft Outlook CVE-2018-0793 Remote Code Execution Vulnerability
Microsoft Outlook CVE-2018-0793 Remote Code Execution Vulnerability
 2018-01-19 Vuln: Microsoft Word CVE-2018-0794 Remote Code Execution Vulnerability
Microsoft Word CVE-2018-0794 Remote Code Execution Vulnerability
 2018-01-19 Vuln: Microsoft Office for MAC CVE-2018-0819 Spoofing Vulnerability
Microsoft Office for MAC CVE-2018-0819 Spoofing Vulnerability
  Bugtraq: [SECURITY] [DSA 4092-1] awstats security update
[SECURITY] [DSA 4092-1] awstats security update

[logo] Yahoo News - Latest News & Headlines   more  xml  hide  
last updated: Sat, 20 Jan 2018 18:56:33 GMT

 Thu, 18 Jan 2018 14:00:38 -0500 The resistance is organized and ready in district where Trump is visiting

The resistance is organized and ready in district where Trump is visitingDemocrats, especially women, have been organizing ever since last year’s election. And they think they have a chance to take the seat in this heavily Republican district.


 Thu, 18 Jan 2018 14:30:06 -0500 Parents Charged With Torture And Abuse Of 13 Kids May Face Life In Prison

Parents Charged With Torture And Abuse Of 13 Kids May Face Life In PrisonA California couple accused of holding their 13 children captive in their home for years face up to life in prison.


 Thu, 18 Jan 2018 15:18:23 -0500 Russian Money Ties to NRA Under FBI Scrutiny

Russian Money Ties to NRA Under FBI ScrutinyGreg Gordon, investigative reporter for McClatchy DC, talks with Rachel Maddow about news that the FBI is looking into whether Russian money was funneled to the Trump campaign through the NRA.


 Thu, 18 Jan 2018 19:02:08 -0500 House Blocks Trump's Order To Deport Palestinian Man Living In U.S. For 39 Years

House Blocks Trump's Order To Deport Palestinian Man Living In U.S. For 39 YearsLast month, with a deportation order hanging over his head, Amer Othman Adi, 57, and his family were making preparations to leave their life in Youngstown, Ohio, willingly.


 Thu, 18 Jan 2018 18:52:09 -0500 Helicopter with Zimbabwe opposition leader crashes, kills 5

Helicopter with Zimbabwe opposition leader crashes, kills 5RATON, N.M. (AP) — A group of prominent friends, including a key Zimbabwean opposition leader and a Texas-based investor and philanthropist, was heading to a ranch in the U.S. state of New Mexico when their helicopter crashed and burned in a remote area, killing five people aboard.



Cisco Security Advisory   more  xml  hide  
last updated: Sat, 20 Jan 2018 19:08:01 GMT

 Fri, 19 Jan 2018 21:29:40 CST Cisco NX-OS System Software Management Interface Denial of Service Vulnerability
A vulnerability in management interface access control list (ACL) configuration of Cisco NX-OS System Software could allow an unauthenticated, remote attacker to bypass configured ACLs on the management interface. This could allow traffic to be forwarded to the NX-OS CPU for processing, leading to high CPU utilization and a denial of service (DoS) condition.

The vulnerability is due to a bad code fix in the 7.3.2 code train that could allow traffic to the management interface to be misclassified and not match the proper configured ACLs. An attacker could exploit this vulnerability by sending crafted traffic to the management interface. An exploit could allow the attacker to bypass the configured management interface ACLs and impact the CPU of the targeted device, resulting in a DoS condition.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180117-nxos
Security Impact Rating: Medium
CVE: CVE-2018-0090
 Fri, 19 Jan 2018 21:04:12 CST CPU Side-Channel Information Disclosure Vulnerabilities
On January 3, 2018, researchers disclosed three vulnerabilities that take advantage of the implementation of speculative execution of instructions on many modern microprocessor architectures to perform side-channel information disclosure attacks. These vulnerabilities could allow an unprivileged local attacker, in specific circumstances, to read privileged memory belonging to other processes or memory allocated to the operating system kernel.

The first two vulnerabilities, CVE-2017-5753 and CVE-2017-5715, are collectively known as Spectre. The third vulnerability, CVE-2017-5754, is known as Meltdown. The vulnerabilities are all variants of the same attack and differ in the way that speculative execution is exploited.

To exploit any of these vulnerabilities, an attacker must be able to run crafted code on an affected device. Although the underlying CPU and operating system combination in a product or service may be affected by these vulnerabilities, the majority of Cisco products are closed systems that do not allow customers to run custom code and are, therefore, not vulnerable. There is no vector to exploit them. Cisco products are considered potentially vulnerable only if they allow customers to execute custom code side-by-side with Cisco code on the same microprocessor.

A Cisco product that may be deployed as a virtual machine or a container, even while not directly affected by any of these vulnerabilities, could be targeted by such attacks if the hosting environment is vulnerable. Cisco recommends that customers harden their virtual environments, tightly control user access, and ensure that all security updates are installed. Customers who are deploying products as a virtual device in multi-tenant hosting environments should ensure that the underlying hardware, as well as operating system or hypervisor, is patched against the vulnerabilities in question.

Although Cisco cloud services are not directly affected by these vulnerabilities, the infrastructure on which they run may be impacted. Refer to the “Affected Products” section of this advisory for information about the impact of these vulnerabilities on Cisco cloud services.

Cisco will release software updates that address these vulnerabilities.
 
This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180104-cpusidechannel
Security Impact Rating: Medium
CVE: CVE-2017-5715,CVE-2017-5753,CVE-2017-5754
 Wed, 17 Jan 2018 16:00:00 CST Cisco Small Business 300 and 500 Series Managed Switches Cross-Site Scripting Vulnerability
A vulnerability in the web framework of Cisco Small Business Managed Switches software could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the web interface of an affected system.
   
The vulnerability is due to insufficient input validation of parameters that are passed to the web server of the affected system. An attacker could exploit this vulnerability by convincing a user to follow a malicious link or by intercepting and injecting code into a user request. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected web interface or allow the attacker to access sensitive browser-based information.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180117-300-500-smb1
Security Impact Rating: Medium
CVE: CVE-2017-12307
 Wed, 17 Jan 2018 16:00:00 CST Cisco Web Security Appliance Reflected Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device.

The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180117-wsa1
Security Impact Rating: Medium
CVE: CVE-2018-0093
 Wed, 17 Jan 2018 16:00:00 CST Cisco WebEx Meetings Server Information Disclosure Vulnerability
A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to access sensitive data about the application. An attacker could exploit this vulnerability to gain information to conduct additional reconnaissance attacks.

The vulnerability is due to a design flaw in Cisco WebEx Meetings Server, which could include internal network information that should be restricted. An attacker could exploit the vulnerability by utilizing available resources to study the customer network. An exploit could allow the attacker to discover sensitive data about the application.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180117-wms3
Security Impact Rating: Medium
CVE: CVE-2018-0111

powered by zFeeder

Reload this page to check for the most recent news updates.

Please read our legal disclaimer for the use of this information.

Stay Secure
Axiom understands how vital the security of your data is to your organization. Please don't hesitate to contact us if you would like a professional assessment of your network infrastructure.
Home Axiom Advisor Security Bulletins