绿盟科技互联网安全威胁周报NSFOCUS-18-45

绿盟科技发布了本周安全通告,周报编号NSFOCUS-18-45, 绿盟科技漏洞库 本周新增53条,其中高危7条。本次周报建议大家关注QEMU NVM Express Controller 缓冲区溢出漏洞等,此漏洞位于nvme设备的nvme_cmb_ops例程中。攻击者可利用该漏洞造成拒绝服务,也可能运行任意代码。目前厂商已经发布了升级补丁,请用户及时到厂商主页下载补丁修复这个安全问题。

焦点漏洞

  • QEMU NVM Express Controller 缓冲区溢出漏洞
  • CVE ID
    • CVE-2018-16847
  • NSFOCUS ID
    • 41849
  • 受影响版本
    • QEMU QEMU
  • 漏洞点评
    • QEMU在NVM Express Controller模拟中存在基于堆的缓冲区溢出漏洞。此漏洞位于nvme设备的nvme_cmb_ops例程中。攻击者可利用该漏洞造成拒绝服务,也可能运行任意代码。目前厂商已经发布了升级补丁,请用户及时到厂商主页下载补丁修复这个安全问题。

(数据来源:绿盟科技安全研究部&产品规则组)

 

一. 互联网安全威胁态势

1.1 CVE统计

最近一周CVE公告总数与前期相比有明显增长。

1.2 威胁信息回顾

  • 标题:HSBC Bank Data Breach Exposed Account Numbers, Balances, and More By
    • 时间:2018-11-06
    • 简介:A data breach at HSBC Bank has allowed attackers to gain access to a limited amount of customer’s information such as account numbers, balances, addresses, transaction history, and much more.
    • 链接:https://www.bleepingcomputer.com/news/security/hsbc-bank-data-breach-exposed-account-numbers-balances-and-more/
  • 标题:November Android Security Update Fixes Critical Bugs, Drops Media Library
    • 时间:2018-11-07
    • 简介:Google released to all users and partners its November security bulletin for the Android operating system, with fixes for critical remote code execution (RCE) and privilege escalation vulnerabilities.
    • 链接:https://www.bleepingcomputer.com/news/security/november-android-security-update-fixes-critical-bugs-drops-media-library/
  • 标题:Vulnerabilities’ CVSS scores soon to be assigned by AI
    • 时间:2018-11-05
    • 简介:The National Institute of Standards and Technology (NIST) is planning to use IBM’s Watson to evaluate how critical publicly reported computer vulnerabilities are and assign an appropriate severity score.
    • 链接:https://www.helpnetsecurity.com/2018/11/05/ai-assigns-cvss-scores/
  • 标题:Cambodia’s ISPs hit by some of the biggest DDoS attacks in the country’s history
    • 时间:2018-11-08
    • 简介:Several of Cambodia’s biggest internet service providers (ISPs) have been hit by large-scale DDoS attacks over the last few days.
    • 链接:https://www.zdnet.com/article/cambodias-isps-hit-by-some-of-the-biggest-ddos-attacks-in-the-countrys-history/
  • 标题:Popular WooCommerce WordPress Plugin Patches Critical Vulnerability
    • 时间:2018-11-06
    • 简介:If you own an eCommerce website built on WordPress and powered by WooCommerce plugin, then beware of a new vulnerability that could compromise your online store.
    • 链接:https://thehackernews.com/2018/11/woocommerce-wordpress-hacking.html
  • 标题:Amex India data breach saw 700,000 customers information inadvertently exposed online
    • 时间:2018-11-08
    • 简介:Around 700,000 customers of American Express India’s data was left exposed in an unsecured database. The accidental data leak was caused by a MongoDB server that was left exposed without any password protection.
    • 链接:https://cyware.com/news/amex-india-data-breach-saw-700000-customers-information-inadvertently-exposed-online-40b84b0c
  • 标题:UK Government Warns Telcos of 5G Security Review
    • 时间:2018-11-06
    • 简介:The UK government has reminded 5G network providers to ensure their suppliers are heavily vetted for security, in what could signal a change of approach to a major Chinese telecoms player.
    • 链接:https://www.infosecurity-magazine.com/news/uk-government-warns-telcos-5g/
  • 标题:USB drives are primary vector for destructive threats to industrial facilities
    • 时间:2018-11-07
    • 简介:USB removable storage devices are the main vector for malware attacks against industrial facilities, states Honeywell report.
    • 链接:https://securityaffairs.co/wordpress/77676/malware/industrial-facilities-malware.html
  • 标题:GPU side channel attacks can enable spying on web activity, password stealing
    • 时间:2018-11-06
    • 简介:Computer scientists at the University of California, Riverside have revealed for the first time how easily attackers can use a computer’s graphics processing unit, or GPU, to spy on web activity, steal passwords, and break into cloud-based applications.
    • 链接:https://www.helpnetsecurity.com/2018/11/06/gpu-side-channel-attacks/
  • 标题:VirtualBox Zero-Day Vulnerability Details and Exploit Are Publicly Available
    • 时间:2018-11-06
    • 简介:A Russian vulnerability researcher and exploit developer has published detailed information about a zero-day vulnerability in VirtualBox. His explanations include step-by-step instructions for exploiting the bug.According to the initial details in the disclosure, the issue is present in a shared code base of the virtualization software, available on all supported operating systems.
    • 链接:https://www.bleepingcomputer.com/news/security/virtualbox-zero-day-vulnerability-details-and-exploit-are-publicly-available/

(数据来源:绿盟科技 威胁情报与网络安全实验室 收集整理)

二. 漏洞研究

2.1 漏洞库统计

截止到2018年11月9日,绿盟科技漏洞库已收录总条目达到41879条。本周新增漏洞记录53条,其中高危漏洞数量7条,中危漏洞数量29条,低危漏洞数量17条。

  • Red Hat Gluster Storage glusterfs server拒绝服务漏洞(CVE-2018-14661)
    • 危险等级:中
    • cve编号:CVE-2018-14661
  • JasPer 拒绝服务安全漏洞(CVE-2018-18873)
    • 危险等级:低
    • cve编号:CVE-2018-18873
  • EmpireCMS 任意代码执行安全漏洞(CVE-2018-18869)
    • 危险等级:低
    • cve编号:CVE-2018-18869
  • IBM WebSphere Application Server Liberty OpenID Connect任意代码执行漏洞(CVE-2018-1851)
    • 危险等级:中
    • cve编号:CVE-2018-1851
  • MiniCMS 任意代码执行安全漏洞(CVE-2018-18892)
    • 危险等级:低
    • cve编号:CVE-2018-18892
  • MiniCMS 任意文件删除安全漏洞(CVE-2018-18891)
    • 危险等级:低
    • cve编号:CVE-2018-18891
  • MiniCMS 信息泄露安全漏洞(CVE-2018-18890)
    • 危险等级:低
    • cve编号:CVE-2018-18890
  • IBM Robotic Process Automation with Automation Anywhere 安全漏洞(CVE-2018-1552)
    • 危险等级:中
    • cve编号:CVE-2018-1552
  • IBM Robotic Process Automation with Automation Anywhere信息泄露安全漏洞(CVE-2018-1876)
    • 危险等级:中
    • cve编号:CVE-2018-1876
  • IBM Robotic Process Automation with Automation Anywhere 信息泄露漏洞(CVE-2018-1877)
    • 危险等级:中
    • cve编号:CVE-2018-1877
  • IBM Robotic Process Automation with Automation Anywhere信息泄露漏洞(CVE-2018-1878)
    • 危险等级:低
    • cve编号:CVE-2018-1878
  • Cisco ASA和FTD拒绝服务漏洞(CVE-2018-15454)
    • 危险等级:高
    • cve编号:CVE-2018-15454
  • Cisco Advanced Malware Protection for Endpoints for Windows拒绝服务安全漏洞
    • 危险等级:中
    • cve编号:CVE-2018-15452
  • QEMU ‘NBD_OPT_LIST’缓冲区溢出漏洞(CVE-2017-2630)
    • 危险等级:中
    • BID:96265
    • cve编号:CVE-2017-2630
  • Pidgin 越界写安全漏洞(CVE-2017-2640)
    • 危险等级:中
    • BID:96775
    • cve编号:CVE-2017-2640
  • IBM Rational Quality Manager 跨站脚本漏洞(CVE-2017-1609)
    • 危险等级:中
    • cve编号:CVE-2017-1609
  • Libgcrypt 信息泄露漏洞(CVE-2017-7526)
    • 危险等级:中
    • BID:99338
    • cve编号:CVE-2017-7526
  • Apache Tomcat JK (mod_jk) Connector 访问控制绕过漏洞(CVE-2018-11759)
    • 危险等级:高
    • cve编号:CVE-2018-11759
  • LibRaw 缓冲区溢出漏洞(CVE-2018-5805)
    • 危险等级:低
    • cve编号:CVE-2018-5805
  • libexif 整数溢出漏洞(CVE-2016-6328)
    • 危险等级:低
    • cve编号:CVE-2016-6328
  • Microstrategy Web 跨站脚本漏洞(CVE-2018-18776)
    • 危险等级:低
    • cve编号:CVE-2018-18776
  • Microstrategy Web 路径遍历漏洞(CVE-2018-18777)
    • 危险等级:低
    • cve编号:CVE-2018-18777
  • QEMU NVM Express Controller 缓冲区溢出漏洞(CVE-2018-16847)
    • 危险等级:中
    • cve编号:CVE-2018-16847
  • Exiv2 Exiv2::Image::printIFDStructure函数拒绝服务漏洞(CVE-2018-18915)
    • 危险等级:低
    • cve编号:CVE-2018-18915
  • Red Hat Gluster 任意代码执行安全漏洞(CVE-2018-14651)
    • 危险等级:中
    • cve编号:CVE-2018-14651
  • HPE Integrated Lights-Out 5 安全限制绕过漏洞(CVE-2018-7113)
    • 危险等级:低
    • cve编号:CVE-2018-7113
  • Microstrategy Web 跨站脚本漏洞(CVE-2018-18775)
    • 危险等级:低
    • cve编号:CVE-2018-18775
  • IBM Rational Engineering Lifecycle Manager XML外部实体注入漏洞(CVE-2018-1846)
    • 危险等级:中
    • cve编号:CVE-2018-1846
  • Foxit Reader 信息泄露漏洞(CVE-2018-18933)
    • 危险等级:中
    • cve编号:CVE-2018-18933
  • Cisco WebEx Meetings Server 拒绝服务安全漏洞(CVE-2018-18895)
    • 危险等级:中
    • cve编号:CVE-2018-18895
  • Huawei Emily-AL00A 安全限制绕过漏洞(CVE-2018-7925)
    • 危险等级:低
    • cve编号:CVE-2018-7925
  • Schneider Electric BMX 开放重定向漏洞(CVE-2018-7804)
    • 危险等级:低
    • cve编号:CVE-2018-7804
  • ZOHO ManageEngine OpManager SQL注入漏洞(CVE-2018-18949)
    • 危险等级:低
    • cve编号:CVE-2018-18949
  • Dell OpenManage Network Manager 访问控制漏洞(CVE-2018-15768)
    • 危险等级:低
    • cve编号:CVE-2018-15768
  • Dell OpenManage Network Manager 权限提升漏洞(CVE-2018-15767)
    • 危险等级:中
    • cve编号:CVE-2018-15767
  • IBM API Connect CSV注入安全漏洞(CVE-2018-1774)
    • 危险等级:高
    • cve编号:CVE-2018-1774
  • Apache Syncope XML外部实体注入安全漏洞(CVE-2018-17186)
    • 危险等级:中
    • cve编号:CVE-2018-17186
  • Apache Syncope 跨站脚本安全漏洞(CVE-2018-17184)
    • 危险等级:中
    • cve编号:CVE-2018-17184
  • AVEVA InduSoft Web Studio/InTouch Edge HMI栈溢出漏洞(CVE-2018-17916)
    • 危险等级:高
    • cve编号:CVE-2018-17916
  • AVEVA InduSoft Web Studio/InTouch Edge HMI远程代码执行漏洞(CVE-2018-17914)
    • 危险等级:高
    • cve编号:CVE-2018-17914
  • Cisco Stealthwatch Management Console身份验证绕过漏洞(CVE-2018-15394)
    • 危险等级:高
    • cve编号:CVE-2018-15394
  • Cisco Unity Express任意命令执行漏洞(CVE-2018-15381)
    • 危险等级:高
    • cve编号:CVE-2018-15381
  • Cisco Firepower Detection Engine TCP IPS规则绕过漏洞(CVE-2018-15443)
    • 危险等级:中
    • cve编号:CVE-2018-15443
  • Cisco Energy Management Suite XML外部实体漏洞(CVE-2018-15444)
    • 危险等级:中
    • cve编号:CVE-2018-15444
  • Cisco Energy Management Suite 跨站请求伪造漏洞(CVE-2018-15445)
    • 危险等级:中
    • cve编号:CVE-2018-15445
  • Cisco Integrated Management Controller Supervisor SQL注入漏洞(CVE-2018-15447)
    • 危险等级:中
    • cve编号:CVE-2018-15447
  • Cisco Immunet和Cisco AMP for Endpoints 拒绝服务安全漏洞(CVE-2018-15437)
    • 危险等级:中
    • cve编号:CVE-2018-15437
  • Cisco Meeting Server 信息泄露漏洞(CVE-2018-15446)
    • 危险等级:中
    • cve编号:CVE-2018-15446
  • Cisco Prime Collaboration Assurance文件覆盖漏洞(CVE-2018-15450)
    • 危险等级:中
    • cve编号:CVE-2018-15450
  • Cisco Prime Service Catalog 跨站脚本漏洞(CVE-2018-15451)
    • 危险等级:中
    • cve编号:CVE-2018-15451
  • Cisco Registered Envelope Service 信息泄露漏洞(CVE-2018-15448)
    • 危险等级:中
    • cve编号:CVE-2018-15448
  • Cisco Content Security Management Appliance 跨站脚本漏洞(CVE-2018-15393)
    • 危险等级:中
    • cve编号:CVE-2018-15393
  • Cisco Video Surveillance Media Server 拒绝服务漏洞(CVE-2018-15449)
    • 危险等级:中
    • cve编号:CVE-2018-15449

(数据来源:绿盟科技安全研究部&产品规则组)

 

Spread the word. Share this post!

Meet The Author

Leave Comment