绿盟科技发布了本周安全通告,周报编号NSFOCUS-18-45, 绿盟科技漏洞库 本周新增53条,其中高危7条。本次周报建议大家关注QEMU NVM Express Controller 缓冲区溢出漏洞等,此漏洞位于nvme设备的nvme_cmb_ops例程中。攻击者可利用该漏洞造成拒绝服务,也可能运行任意代码。目前厂商已经发布了升级补丁,请用户及时到厂商主页下载补丁修复这个安全问题。
焦点漏洞
- QEMU NVM Express Controller 缓冲区溢出漏洞
- CVE ID
- CVE-2018-16847
- NSFOCUS ID
- 41849
- 受影响版本
- QEMU QEMU
- 漏洞点评
- QEMU在NVM Express Controller模拟中存在基于堆的缓冲区溢出漏洞。此漏洞位于nvme设备的nvme_cmb_ops例程中。攻击者可利用该漏洞造成拒绝服务,也可能运行任意代码。目前厂商已经发布了升级补丁,请用户及时到厂商主页下载补丁修复这个安全问题。
(数据来源:绿盟科技安全研究部&产品规则组)
一. 互联网安全威胁态势
1.1 CVE统计
最近一周CVE公告总数与前期相比有明显增长。
1.2 威胁信息回顾
- 标题:HSBC Bank Data Breach Exposed Account Numbers, Balances, and More By
- 时间:2018-11-06
- 简介:A data breach at HSBC Bank has allowed attackers to gain access to a limited amount of customer’s information such as account numbers, balances, addresses, transaction history, and much more.
- 链接:https://www.bleepingcomputer.com/news/security/hsbc-bank-data-breach-exposed-account-numbers-balances-and-more/
- 标题:November Android Security Update Fixes Critical Bugs, Drops Media Library
- 时间:2018-11-07
- 简介:Google released to all users and partners its November security bulletin for the Android operating system, with fixes for critical remote code execution (RCE) and privilege escalation vulnerabilities.
- 链接:https://www.bleepingcomputer.com/news/security/november-android-security-update-fixes-critical-bugs-drops-media-library/
- 标题:Vulnerabilities’ CVSS scores soon to be assigned by AI
- 时间:2018-11-05
- 简介:The National Institute of Standards and Technology (NIST) is planning to use IBM’s Watson to evaluate how critical publicly reported computer vulnerabilities are and assign an appropriate severity score.
- 链接:https://www.helpnetsecurity.com/2018/11/05/ai-assigns-cvss-scores/
- 标题:Cambodia’s ISPs hit by some of the biggest DDoS attacks in the country’s history
- 时间:2018-11-08
- 简介:Several of Cambodia’s biggest internet service providers (ISPs) have been hit by large-scale DDoS attacks over the last few days.
- 链接:https://www.zdnet.com/article/cambodias-isps-hit-by-some-of-the-biggest-ddos-attacks-in-the-countrys-history/
- 标题:Popular WooCommerce WordPress Plugin Patches Critical Vulnerability
- 时间:2018-11-06
- 简介:If you own an eCommerce website built on WordPress and powered by WooCommerce plugin, then beware of a new vulnerability that could compromise your online store.
- 链接:https://thehackernews.com/2018/11/woocommerce-wordpress-hacking.html
- 标题:Amex India data breach saw 700,000 customers information inadvertently exposed online
- 时间:2018-11-08
- 简介:Around 700,000 customers of American Express India’s data was left exposed in an unsecured database. The accidental data leak was caused by a MongoDB server that was left exposed without any password protection.
- 链接:https://cyware.com/news/amex-india-data-breach-saw-700000-customers-information-inadvertently-exposed-online-40b84b0c
- 标题:UK Government Warns Telcos of 5G Security Review
- 时间:2018-11-06
- 简介:The UK government has reminded 5G network providers to ensure their suppliers are heavily vetted for security, in what could signal a change of approach to a major Chinese telecoms player.
- 链接:https://www.infosecurity-magazine.com/news/uk-government-warns-telcos-5g/
- 标题:USB drives are primary vector for destructive threats to industrial facilities
- 时间:2018-11-07
- 简介:USB removable storage devices are the main vector for malware attacks against industrial facilities, states Honeywell report.
- 链接:https://securityaffairs.co/wordpress/77676/malware/industrial-facilities-malware.html
- 标题:GPU side channel attacks can enable spying on web activity, password stealing
- 时间:2018-11-06
- 简介:Computer scientists at the University of California, Riverside have revealed for the first time how easily attackers can use a computer’s graphics processing unit, or GPU, to spy on web activity, steal passwords, and break into cloud-based applications.
- 链接:https://www.helpnetsecurity.com/2018/11/06/gpu-side-channel-attacks/
- 标题:VirtualBox Zero-Day Vulnerability Details and Exploit Are Publicly Available
- 时间:2018-11-06
- 简介:A Russian vulnerability researcher and exploit developer has published detailed information about a zero-day vulnerability in VirtualBox. His explanations include step-by-step instructions for exploiting the bug.According to the initial details in the disclosure, the issue is present in a shared code base of the virtualization software, available on all supported operating systems.
- 链接:https://www.bleepingcomputer.com/news/security/virtualbox-zero-day-vulnerability-details-and-exploit-are-publicly-available/
(数据来源:绿盟科技 威胁情报与网络安全实验室 收集整理)
二. 漏洞研究
2.1 漏洞库统计
截止到2018年11月9日,绿盟科技漏洞库已收录总条目达到41879条。本周新增漏洞记录53条,其中高危漏洞数量7条,中危漏洞数量29条,低危漏洞数量17条。
- Red Hat Gluster Storage glusterfs server拒绝服务漏洞(CVE-2018-14661)
- 危险等级:中
- cve编号:CVE-2018-14661
- JasPer 拒绝服务安全漏洞(CVE-2018-18873)
- 危险等级:低
- cve编号:CVE-2018-18873
- EmpireCMS 任意代码执行安全漏洞(CVE-2018-18869)
- 危险等级:低
- cve编号:CVE-2018-18869
- IBM WebSphere Application Server Liberty OpenID Connect任意代码执行漏洞(CVE-2018-1851)
- 危险等级:中
- cve编号:CVE-2018-1851
- MiniCMS 任意代码执行安全漏洞(CVE-2018-18892)
- 危险等级:低
- cve编号:CVE-2018-18892
- MiniCMS 任意文件删除安全漏洞(CVE-2018-18891)
- 危险等级:低
- cve编号:CVE-2018-18891
- MiniCMS 信息泄露安全漏洞(CVE-2018-18890)
- 危险等级:低
- cve编号:CVE-2018-18890
- IBM Robotic Process Automation with Automation Anywhere 安全漏洞(CVE-2018-1552)
- 危险等级:中
- cve编号:CVE-2018-1552
- IBM Robotic Process Automation with Automation Anywhere信息泄露安全漏洞(CVE-2018-1876)
- 危险等级:中
- cve编号:CVE-2018-1876
- IBM Robotic Process Automation with Automation Anywhere 信息泄露漏洞(CVE-2018-1877)
- 危险等级:中
- cve编号:CVE-2018-1877
- IBM Robotic Process Automation with Automation Anywhere信息泄露漏洞(CVE-2018-1878)
- 危险等级:低
- cve编号:CVE-2018-1878
- Cisco ASA和FTD拒绝服务漏洞(CVE-2018-15454)
- 危险等级:高
- cve编号:CVE-2018-15454
- Cisco Advanced Malware Protection for Endpoints for Windows拒绝服务安全漏洞
- 危险等级:中
- cve编号:CVE-2018-15452
- QEMU ‘NBD_OPT_LIST’缓冲区溢出漏洞(CVE-2017-2630)
- 危险等级:中
- BID:96265
- cve编号:CVE-2017-2630
- Pidgin 越界写安全漏洞(CVE-2017-2640)
- 危险等级:中
- BID:96775
- cve编号:CVE-2017-2640
- IBM Rational Quality Manager 跨站脚本漏洞(CVE-2017-1609)
- 危险等级:中
- cve编号:CVE-2017-1609
- Libgcrypt 信息泄露漏洞(CVE-2017-7526)
- 危险等级:中
- BID:99338
- cve编号:CVE-2017-7526
- Apache Tomcat JK (mod_jk) Connector 访问控制绕过漏洞(CVE-2018-11759)
- 危险等级:高
- cve编号:CVE-2018-11759
- LibRaw 缓冲区溢出漏洞(CVE-2018-5805)
- 危险等级:低
- cve编号:CVE-2018-5805
- libexif 整数溢出漏洞(CVE-2016-6328)
- 危险等级:低
- cve编号:CVE-2016-6328
- Microstrategy Web 跨站脚本漏洞(CVE-2018-18776)
- 危险等级:低
- cve编号:CVE-2018-18776
- Microstrategy Web 路径遍历漏洞(CVE-2018-18777)
- 危险等级:低
- cve编号:CVE-2018-18777
- QEMU NVM Express Controller 缓冲区溢出漏洞(CVE-2018-16847)
- 危险等级:中
- cve编号:CVE-2018-16847
- Exiv2 Exiv2::Image::printIFDStructure函数拒绝服务漏洞(CVE-2018-18915)
- 危险等级:低
- cve编号:CVE-2018-18915
- Red Hat Gluster 任意代码执行安全漏洞(CVE-2018-14651)
- 危险等级:中
- cve编号:CVE-2018-14651
- HPE Integrated Lights-Out 5 安全限制绕过漏洞(CVE-2018-7113)
- 危险等级:低
- cve编号:CVE-2018-7113
- Microstrategy Web 跨站脚本漏洞(CVE-2018-18775)
- 危险等级:低
- cve编号:CVE-2018-18775
- IBM Rational Engineering Lifecycle Manager XML外部实体注入漏洞(CVE-2018-1846)
- 危险等级:中
- cve编号:CVE-2018-1846
- Foxit Reader 信息泄露漏洞(CVE-2018-18933)
- 危险等级:中
- cve编号:CVE-2018-18933
- Cisco WebEx Meetings Server 拒绝服务安全漏洞(CVE-2018-18895)
- 危险等级:中
- cve编号:CVE-2018-18895
- Huawei Emily-AL00A 安全限制绕过漏洞(CVE-2018-7925)
- 危险等级:低
- cve编号:CVE-2018-7925
- Schneider Electric BMX 开放重定向漏洞(CVE-2018-7804)
- 危险等级:低
- cve编号:CVE-2018-7804
- ZOHO ManageEngine OpManager SQL注入漏洞(CVE-2018-18949)
- 危险等级:低
- cve编号:CVE-2018-18949
- Dell OpenManage Network Manager 访问控制漏洞(CVE-2018-15768)
- 危险等级:低
- cve编号:CVE-2018-15768
- Dell OpenManage Network Manager 权限提升漏洞(CVE-2018-15767)
- 危险等级:中
- cve编号:CVE-2018-15767
- IBM API Connect CSV注入安全漏洞(CVE-2018-1774)
- 危险等级:高
- cve编号:CVE-2018-1774
- Apache Syncope XML外部实体注入安全漏洞(CVE-2018-17186)
- 危险等级:中
- cve编号:CVE-2018-17186
- Apache Syncope 跨站脚本安全漏洞(CVE-2018-17184)
- 危险等级:中
- cve编号:CVE-2018-17184
- AVEVA InduSoft Web Studio/InTouch Edge HMI栈溢出漏洞(CVE-2018-17916)
- 危险等级:高
- cve编号:CVE-2018-17916
- AVEVA InduSoft Web Studio/InTouch Edge HMI远程代码执行漏洞(CVE-2018-17914)
- 危险等级:高
- cve编号:CVE-2018-17914
- Cisco Stealthwatch Management Console身份验证绕过漏洞(CVE-2018-15394)
- 危险等级:高
- cve编号:CVE-2018-15394
- Cisco Unity Express任意命令执行漏洞(CVE-2018-15381)
- 危险等级:高
- cve编号:CVE-2018-15381
- Cisco Firepower Detection Engine TCP IPS规则绕过漏洞(CVE-2018-15443)
- 危险等级:中
- cve编号:CVE-2018-15443
- Cisco Energy Management Suite XML外部实体漏洞(CVE-2018-15444)
- 危险等级:中
- cve编号:CVE-2018-15444
- Cisco Energy Management Suite 跨站请求伪造漏洞(CVE-2018-15445)
- 危险等级:中
- cve编号:CVE-2018-15445
- Cisco Integrated Management Controller Supervisor SQL注入漏洞(CVE-2018-15447)
- 危险等级:中
- cve编号:CVE-2018-15447
- Cisco Immunet和Cisco AMP for Endpoints 拒绝服务安全漏洞(CVE-2018-15437)
- 危险等级:中
- cve编号:CVE-2018-15437
- Cisco Meeting Server 信息泄露漏洞(CVE-2018-15446)
- 危险等级:中
- cve编号:CVE-2018-15446
- Cisco Prime Collaboration Assurance文件覆盖漏洞(CVE-2018-15450)
- 危险等级:中
- cve编号:CVE-2018-15450
- Cisco Prime Service Catalog 跨站脚本漏洞(CVE-2018-15451)
- 危险等级:中
- cve编号:CVE-2018-15451
- Cisco Registered Envelope Service 信息泄露漏洞(CVE-2018-15448)
- 危险等级:中
- cve编号:CVE-2018-15448
- Cisco Content Security Management Appliance 跨站脚本漏洞(CVE-2018-15393)
- 危险等级:中
- cve编号:CVE-2018-15393
- Cisco Video Surveillance Media Server 拒绝服务漏洞(CVE-2018-15449)
- 危险等级:中
- cve编号:CVE-2018-15449
(数据来源:绿盟科技安全研究部&产品规则组)