绿盟科技发布了本周安全通告,周报编号NSFOCUS-18-23, 绿盟科技漏洞库本周新增漏洞记录99条,其中高危漏洞5条。本次周报建议大家关注Git远程代码执行漏洞(CVE-2018-11235) 等,Git在实现上存在远程代码执行漏洞,该漏洞源于在用git clone时没有对submodule的文件夹命名做足够的验证。攻击者可以通过构造一个恶意的.gitmodules文件从而远程执行任意代码。目前厂商已经发布了升级补丁以修复这个安全问题,请用户及时到厂商主页下载更新。
焦点漏洞
- Git远程代码执行漏洞
- NSFOCUS ID
- 39932
- CVE ID
- CVE-2018-11235
- 受影响版本
- GIT < 2.13.7
- GIT 2.17.x < 2.17.1
- GIT 2.16.x < 2.16.4
- GIT 2.15.x < 2.15.2
- GIT 2.14.x < 2.14.4
- 漏洞点评
- Git是一套免费、开源的分布式版本控制系统。Git在实现上存在远程代码执行漏洞,该漏洞源于在用git clone时没有对submodule的文件夹命名做足够的验证,当用户在使用“git clone –recurse-submodules”时, 攻击者可以通过构造一个恶意的.gitmodules文件从而远程执行任意代码。目前厂商已经发布了升级补丁以修复这个安全问题,请用户及时到厂商主页下载更新。
(数据来源:绿盟科技安全研究部&产品规则组)
一. 互联网安全威胁态势
1.1 CVE统计
最近一周CVE公告总数与前期相比基本持平。
1.2 威胁信息回顾
- 标题:Confirmed—Microsoft Buys GitHub For $7.5 Billion
- 时间:2018-06-03
- 简介:For those unaware, GitHub is a popular code repository hosting service that allows developers to host their projects, documentation, and code in the cloud using the popular Git source management system, invented in 2005 by Linux founder Linus Torvalds
- 链接:https://thehackernews.com/2018/06/microsoft-acquires-github.html
- 标题:Zip Slip漏洞可导致RCE 多个语言库受影响 JAVA影响最大 含POC
- 时间:2018-06-06
- 摘要:Zip Slip漏洞“任意文件覆盖”和“目录遍历”问题的结合,可能导致攻击者可以将文件解压缩到正常解压缩路径之外并覆盖敏感文件,如关键OS库或服务器配置文件。
- 链接: http://toutiao.secjia.com/article/page?topid=110275
- 标题:Over 115,000 Drupal Sites Still Vulnerable to Drupalgeddon2 Exploit
- 时间:2018-06-04
- 简介:Hundreds of thousands of websites running on the Drupal CMS—including those of major educational institutions and government organizations around the world—have been found vulnerable to a highly critical flaw for which security patches were released almost two months ago
- 链接:https://thehackernews.com/2018/06/drupalgeddon2-exploit.html
- 标题:Adobe Flash修复0day漏洞 发布新版本 请用户及时更新
- 时间:2018-06-08
- 摘要:近期,研究人员发发现Adobe Flash存在一个0day漏洞CVE-2018-5002,它可以被攻击者利用进行任意代码执行,Adobe确认漏洞可以针对Windows用户进行0day攻击。Adobe已针对本次漏洞发布了最新版本,请用户及时更新。
- 链接: http://toutiao.secjia.com/article/page?topid=110299
- 标题:你的Android系统该更新了 谷歌修补了57个Andorid高危漏洞
- 时间:2018-06-07
- 摘要:谷歌在周一修补了57个Andorid漏洞,其中包括两个高危的远程代码执行漏洞,都与Andorid媒体框架有关,各手机厂商先后提供补丁。谷歌表示,Pixel和Nexus设备将于周一开始接受无线更新。大约需要一周半的时间才能将更新发送到所有的Nexus设备
- 链接: http://toutiao.secjia.com/article/page?topid=110282
- 标题:92 million MyHeritage email addresses found on private server
- 时间:2018-06-05
- 简介:In a disclosure notice, MyHeritage said 92 million email addresses and hashed passwords were discovered on a private server. Is this the first post-GDPR data breach?
- 链接:https://www.csoonline.com/article/3278595/security/92-million-myheritage-email-addresses-found-on-private-server.html#tk.rss_all
- 标题:Facebook bug changed 14 million users’ default privacy settings to public
- 时间:2018-06-07
- 简介:Facebook admits as many as 14 millions of its users who thought they’re sharing content privately with only friends may have inadvertently shared their posts with everyone because of a software bug
- 链接:https://thehackernews.com/2018/06/facebook-privacy-setting.html
- 标题:Facebook protests against NYT’s privacy breach claim
- 时间:2018-06-04
- 简介:Facebook has rejected claims by the New York Times that its sharing of personal data with smartphone firms represented a breach of privacy pledges that it had made to its members and a US regulator.
- 链接:https://www.bbc.com/news/technology-44355560
- 标题:Apple jams Facebook’s web-tracking tools
- 时间:2018-06-04
- 简介:Apple will attempt to frustrate tools used by Facebook to automatically track web users, within the next version of its iOS and Mac operating systems.
- 链接:https://www.bbc.com/news/technology-44360273
- 标题:Marcus Hutchins, WannaCry-killer, hit with four new charges by the FBI
- 时间:2018-06-07
- 简介:Marcus Hutchins, the British malware analyst who helped stop global Wannacry menace, is now facing four new charges related to malware he allegedly created and promoted it online to steal financial information
- 链接:https://thehackernews.com/2018/06/marcus-hutchins-malware.html
(数据来源:绿盟科技 威胁情报与网络安全实验室 收集整理)
二. 漏洞研究
2.1 漏洞库统计
截止到2018年6月8日,绿盟科技漏洞库已收录总条目达到40038条。本周新增漏洞记录99条,其中高危漏洞数量5条,中危漏洞数量28条,低危漏洞数量66条。
- Espruino jsparse.c拒绝服务漏洞(CVE-2018-11597)
- 危险等级:中
- cve编号:CVE-2018-11597
- Espruino jswrap_graphics.c拒绝服务漏洞(CVE-2018-11592)
- 危险等级:中
- cve编号:CVE-2018-11592
- Espruino jslex.c拒绝服务漏洞(CVE-2018-11593)
- 危险等级:中
- cve编号:CVE-2018-11593
- Espruino jsparse.c拒绝服务漏洞(CVE-2018-11594)
- 危险等级:中
- cve编号:CVE-2018-11594
- Espruino strncat拒绝服务漏洞(CVE-2018-11595)
- 危险等级:中
- cve编号:CVE-2018-11595
- Espruino jsvar.c拒绝服务漏洞(CVE-2018-11596)
- 危险等级:中
- cve编号:CVE-2018-11596
- Git 信息泄露漏洞(CVE-2018-11233)
- 危险等级:高
- cve编号:CVE-2018-11233
- Quest DR Series Disk Backup权限提升漏洞(CVE-2018-11193)
- 危险等级:低
- cve编号:CVE-2018-11193
- Quest DR Series Disk Backup权限提升漏洞(CVE-2018-11194)
- 危险等级:低
- cve编号:CVE-2018-11194
- LibSaas Sass::Inspect::operator拒绝服务漏洞(CVE-2018-11696)
- 危险等级:低
- cve编号:CVE-2018-11696
- LibSaas Sass::Prelexer::exactly() 信息泄露漏洞(CVE-2018-11697)
- 危险等级:低
- cve编号:CVE-2018-11697
- LibSaas Sass::handle_error信息泄露漏洞(CVE-2018-11698)
- 危险等级:低
- cve编号:CVE-2018-11698
- LibSaas Sass::Prelexer::skip_over_scopes信息泄露漏洞(CVE-2018-11693)
- 危险等级:低
- cve编号:CVE-2018-11693
- LibSaas Sass::Functions::selector_append拒绝服务漏洞(CVE-2018-11694)
- 危险等级:低
- cve编号:CVE-2018-11694
- LibSaas Sass::Expand::operator 拒绝服务漏洞(CVE-2018-11695)
- 危险等级:低
- cve编号:CVE-2018-11695
- Liblouis栈缓冲区溢出漏洞(CVE-2018-11683)
- 危险等级:中
- cve编号:CVE-2018-11683
- Liblouis栈缓冲区溢出漏洞(CVE-2018-11684)
- 危险等级:中
- cve编号:CVE-2018-11684
- Liblouis栈缓冲区溢出漏洞(CVE-2018-11685)
- 危险等级:中
- cve编号:CVE-2018-11685
- Natus Medical 拒绝服务漏洞(CVE-2017-2860)
- 危险等级:高
- cve编号:CVE-2017-2860
- Mozilla Thunderbird 信息泄露漏洞(CVE-2018-5162)
- 危险等级:中
- cve编号:CVE-2018-5162
- Mozilla Thunderbird 信息泄露漏洞(CVE-2018-5184)
- 危险等级:中
- cve编号:CVE-2018-5184
- Mozilla Thunderbird 信息泄露漏洞(CVE-2018-5185)
- 危险等级:中
- cve编号:CVE-2018-5185
- Natus Medical 缓冲区错误漏洞(CVE-2017-2858)
- 危险等级:高
- cve编号:CVE-2017-2858
- Quest DR Series Disk Backup命令注入漏洞(CVE-2018-11182)
- 危险等级:低
- cve编号:CVE-2018-11182
- Quest DR Series Disk Backup命令注入漏洞(CVE-2018-11183)
- 危险等级:低
- cve编号:CVE-2018-11183
- Quest DR Series Disk Backup命令注入漏洞(CVE-2018-11185)
- 危险等级:低
- cve编号:CVE-2018-11185
- Quest DR Series Disk Backup命令注入漏洞(CVE-2018-11186)
- 危险等级:低
- cve编号:CVE-2018-11186
- Quest DR Series Disk Backup命令注入漏洞(CVE-2018-11184)
- 危险等级:低
- cve编号:CVE-2018-11184
- Quest DR Series Disk Backup命令注入漏洞(CVE-2018-11187)
- 危险等级:低
- cve编号:CVE-2018-11187
- Quest DR Series Disk Backup命令注入漏洞(CVE-2018-11188)
- 危险等级:低
- cve编号:CVE-2018-11188
- Quest DR Series Disk Backup权限提升漏洞(CVE-2018-11189)
- 危险等级:低
- cve编号:CVE-2018-11189
- Quest DR Series Disk Backup权限提升漏洞(CVE-2018-11190)
- 危险等级:低
- cve编号:CVE-2018-11190
- Quest DR Series Disk Backup权限提升漏洞(CVE-2018-11191)
- 危险等级:低
- cve编号:CVE-2018-11191
- Quest DR Series Disk Backup命令注入漏洞(CVE-2018-11143)
- 危险等级:低
- cve编号:CVE-2018-11143
- Quest DR Series Disk Backup命令注入漏洞(CVE-2018-11145)
- 危险等级:低
- cve编号:CVE-2018-11145
- Quest DR Series Disk Backup命令注入漏洞(CVE-2018-11144)
- 危险等级:低
- cve编号:CVE-2018-11144
- Quest DR Series Disk Backup命令注入漏洞(CVE-2018-11148)
- 危险等级:低
- cve编号:CVE-2018-11148
- Quest DR Series Disk Backup命令注入漏洞(CVE-2018-11147)
- 危险等级:低
- cve编号:CVE-2018-11147
- Quest DR Series Disk Backup命令注入漏洞(CVE-2018-11146)
- 危险等级:低
- cve编号:CVE-2018-11146
- Quest DR Series Disk Backup命令注入漏洞(CVE-2018-11150)
- 危险等级:低
- cve编号:CVE-2018-11150
- Quest DR Series Disk Backup命令注入漏洞(CVE-2018-11149)
- 危险等级:低
- cve编号:CVE-2018-11149
- Quest DR Series Disk Backup命令注入漏洞(CVE-2018-11152)
- 危险等级:低
- cve编号:CVE-2018-11152
- Quest DR Series Disk Backup命令注入漏洞(CVE-2018-11151)
- 危险等级:低
- cve编号:CVE-2018-11151
- Quest DR Series Disk Backup命令注入漏洞(CVE-2018-11153)
- 危险等级:低
- cve编号:CVE-2018-11153
- Quest DR Series Disk Backup命令注入漏洞(CVE-2018-11155)
- 危险等级:低
- cve编号:CVE-2018-11155
- Quest DR Series Disk Backup命令注入漏洞(CVE-2018-11154)
- 危险等级:低
- cve编号:CVE-2018-11154
- Quest DR Series Disk Backup命令注入漏洞(CVE-2018-11157)
- 危险等级:低
- cve编号:CVE-2018-11157
- Quest DR Series Disk Backup命令注入漏洞(CVE-2018-11156)
- 危险等级:低
- cve编号:CVE-2018-11156
- Quest DR Series Disk Backup命令注入漏洞(CVE-2018-11160)
- 危险等级:低
- cve编号:CVE-2018-11160
- Quest DR Series Disk Backup命令注入漏洞(CVE-2018-11159)
- 危险等级:低
- cve编号:CVE-2018-11159
- Quest DR Series Disk Backup命令注入漏洞(CVE-2018-11158)
- 危险等级:低
- cve编号:CVE-2018-11158
- Quest DR Series Disk Backup命令注入漏洞(CVE-2018-11161)
- 危险等级:低
- cve编号:CVE-2018-11161
- Quest DR Series Disk Backup命令注入漏洞(CVE-2018-11163)
- 危险等级:低
- cve编号:CVE-2018-11163
- Quest DR Series Disk Backup命令注入漏洞(CVE-2018-11162)
- 危险等级:低
- cve编号:CVE-2018-11162
- Quest DR Series Disk Backup命令注入漏洞(CVE-2018-11165)
- 危险等级:低
- cve编号:CVE-2018-11165
- Quest DR Series Disk Backup命令注入漏洞(CVE-2018-11164)
- 危险等级:低
- cve编号:CVE-2018-11164
- Quest DR Series Disk Backup命令注入漏洞(CVE-2018-11166)
- 危险等级:低
- cve编号:CVE-2018-11166
- Quest DR Series Disk Backup命令注入漏洞(CVE-2018-11167)
- 危险等级:低
- cve编号:CVE-2018-11167
- Quest DR Series Disk Backup命令注入漏洞(CVE-2018-11168)
- 危险等级:低
- cve编号:CVE-2018-11168
- Quest DR Series Disk Backup命令注入漏洞(CVE-2018-11170)
- 危险等级:低
- cve编号:CVE-2018-11170
- Quest DR Series Disk Backup命令注入漏洞(CVE-2018-11169)
- 危险等级:低
- cve编号:CVE-2018-11169
- Quest DR Series Disk Backup命令注入漏洞(CVE-2018-11173)
- 危险等级:低
- cve编号:CVE-2018-11173
- Quest DR Series Disk Backup命令注入漏洞(CVE-2018-11172)
- 危险等级:低
- cve编号:CVE-2018-11172
- Quest DR Series Disk Backup命令注入漏洞(CVE-2018-11171)
- 危险等级:低
- cve编号:CVE-2018-11171
- Quest DR Series Disk Backup命令注入漏洞(CVE-2018-11174)
- 危险等级:低
- cve编号:CVE-2018-11174
- Quest DR Series Disk Backup命令注入漏洞(CVE-2018-11175)
- 危险等级:低
- cve编号:CVE-2018-11175
- Quest DR Series Disk Backup命令注入漏洞(CVE-2018-11176)
- 危险等级:低
- cve编号:CVE-2018-11176
- Quest DR Series Disk Backup命令注入漏洞(CVE-2018-11177)
- 危险等级:低
- cve编号:CVE-2018-11177
- Quest DR Series Disk Backup命令注入漏洞(CVE-2018-11180)
- 危险等级:低
- cve编号:CVE-2018-11180
- Quest DR Series Disk Backup命令注入漏洞(CVE-2018-11179)
- 危险等级:低
- cve编号:CVE-2018-11179
- Quest DR Series Disk Backup命令注入漏洞(CVE-2018-11178)
- 危险等级:低
- cve编号:CVE-2018-11178
- Quest DR Series Disk Backup命令注入漏洞(CVE-2018-11181)
- 危险等级:低
- cve编号:CVE-2018-11181
- Quest DR Series Disk Backup权限提升漏洞(CVE-2018-11192)
- 危险等级:低
- cve编号:CVE-2018-11192
- Apple iOS/macOS inkPresentation安全漏洞(CVE-2018-4187)
- 危险等级:低
- cve编号:CVE-2018-4187
- Apple iOS/macOS Crash Reporter拒绝服务漏洞(CVE-2018-4206)
- 危险等级:中
- cve编号:CVE-2018-4206
- Eclipse Mosquitto Broker拒绝服务漏洞(CVE-2017-7653)
- 危险等级:中
- cve编号:CVE-2017-7653
- Eclipse Mosquitto Broker内存泄露漏洞(CVE-2017-7654)
- 危险等级:中
- cve编号:CVE-2017-7654
- ISC BIND 远程拒绝服务漏洞(CVE-2018-5737)
- 危险等级:低
- cve编号:CVE-2018-5737
- Linux Kernel本地拒绝服务漏洞(CVE-2018-1120)
- 危险等级:低
- BID:104229
- cve编号:CVE-2018-1120
- Symantec Content Analysis/Mail Transfer Defense跨站请求伪造漏洞(CVE-2016-9092)
- 危险等级:中
- BID:104182
- cve编号:CVE-2016-9092
- Adobe Acrobat和Reader任意代码执行漏洞(CVE-2018-4971)
- 危险等级:高
- BID:104169
- cve编号:CVE-2018-4971
- Apache Storm 欺骗漏洞(CVE-2018-1332)
- 危险等级:中
- cve编号:CVE-2018-1332
- Apache Storm 任意文件写漏洞(CVE-2018-8008)
- 危险等级:中
- cve编号:CVE-2018-8008
- IBM InfoSphere Information Server权限提升漏洞(CVE-2017-1350)
- 危险等级:高
- cve编号:CVE-2017-1350
- IBM InfoSphere Information Server跨站请求伪造漏洞(CVE-2017-1432)
- 危险等级:低
- cve编号:CVE-2017-1432
- IBM InfoSphere Information Server信息泄露漏洞(CVE-2017-1454)
- 危险等级:低
- cve编号:CVE-2017-1454
- IBM Security Access Manager Appliance信息泄露漏洞(CVE-2017-1474)
- 危险等级:低
- cve编号:CVE-2017-1474
- IBM Security Access Manager Appliance信息泄露漏洞(CVE-2017-1476)
- 危险等级:低
- cve编号:CVE-2017-1476
- IBM Security Access Manager Appliance信息泄露漏洞(CVE-2017-1480)
- 危险等级:低
- cve编号:CVE-2017-1480
- ManageEngine Applications Manager Java RMI 远程代码执行漏洞(CVE-2016-9498)
- 危险等级:中
- BID:97394
- cve编号:CVE-2016-9498
- ManageEngine Applications Manager SQL注入漏洞(CVE-2016-9488)
- 危险等级:中
- BID:97394
- cve编号:CVE-2016-9488
- ManageEngine Applications Manager权限提升漏洞(CVE-2016-9489)
- 危险等级:中
- BID:97394
- cve编号:CVE-2016-9489
- ManageEngine Applications Manager XML eXternal实体漏洞(CVE-2016-9491)
- 危险等级:中
- BID:97394
- cve编号:CVE-2016-9491
- ManageEngine Applications Manager跨站脚本漏洞(CVE-2016-9490)
- 危险等级:中
- BID:97394
- cve编号:CVE-2016-9490
- WUZHI CMS SQL注入漏洞(CVE-2018-11722)
- 危险等级:中
- cve编号:CVE-2018-11722
- The Sleuth Kit (TSK)信息泄露漏洞(CVE-2018-11740)
- 危险等级:中
- cve编号:CVE-2018-11740
- The Sleuth Kit (TSK)信息泄露漏洞(CVE-2018-11739)
- 危险等级:中
- cve编号:CVE-2018-11739
- The Sleuth Kit (TSK)信息泄露漏洞(CVE-2018-11738)
- 危险等级:中
- cve编号:CVE-2018-11738
- The Sleuth Kit (TSK)信息泄露漏洞(CVE-2018-11737)
- 危险等级:中
- cve编号:CVE-2018-11737
(数据来源:绿盟科技安全研究部&产品规则组)