Embed Size (px)
Citation preview
04-22
Weekly Awareness Report (WAR)
April 22, 2019
The Cyber Intelligence Report is an Open Source Intelligence AKA OSINT resource focusing on advanced persistent threatsand other digital dangers received by over ten thousand individuals. APTs fit into a cybercrime category directed at bothbusiness and political targets. Attack vectors include system compromise, social engineering, and even traditionalespionage. Included are clickable links to news stories, vulnerabilities, exploits, & other industry risk.
Summary
Symantec ThreatCon Low: Basic network posture
This condition applies when there is no discernible network incident activity and no maliciouscode activity with a moderate or severe risk rating. Under these conditions, only a routinesecurity posture, designed to defeat normal network threats, is warranted. Automated systemsand alerting mechanisms should be used.
Sophos: last 10 Malware* Troj/Emotet-BDV* Troj/Bladabi-PJ* Troj/Bladabi-PI* Troj/PDFUri-HFY* Troj/Dharma-H* Troj/VBInjec-PO* Troj/RTFDl-RZ* Troj/Formboo-LX* Troj/DocDl-TFP* Troj/Formboo-LW
Last 10 PUAs* FileTour* Adposhel* IStartSurfInstaller* MediaMagnet* Medusa Menu* Android GameGuardian* EarthWorm* XMR-Stak Miner* Desktop Locker* Baymax Patcher
Interesting News
* Large-scale SIM swap fraudIf someone steals your phone number, you'll face a lot of problems, especially because most of our modern two-factorauthentication systems are based on SMSs that can be intercepted using this technique.
* * The I.W.C. Academy is currently updating thier practice test simulators for the CEH and CySA. The online training forthe CEH beta should be completed by the end of the week and the CySA shortly after. Stay tuned for more info. If you areinterested, we have an active FaceBook Group and YouTube Channel. As always, if you have any suggestions, feel free tolet us know. Subscribe if you would like to receive the CIR updates by sending us an email: [email protected]
Index of Sections
Current News
* Packet Storm Security
* Dark Reading
* Krebs on Security
* The Hacker News
* Infosecurity Magazine
* Threat Post
* Naked Security
* Quick Heal - Security Simplified
Hacker Corner: Tools, Hacked Defacements, and Exploits
* Security Conferences
* Packet Storm Security Latest Published Tools
* Zone-H Latest Published Website Defacements
* Packet Storm Security Latest Published Exploits
* Exploit Database Releases
Advisories
* Secunia Chart of Vulnerabilities Identified
* US-Cert (Current Activity-Alerts-Bulletins)
* Symantec's Latest List
* Packet Storm Security's Latest List
Credits
News
Packet Storm Security
* Court Rules Chelsea Manning Must Stay In Jail* Facebook Urged To Tackle Spread Of Fake Profiles Used By US Police* jQuery Impacted By Prototype Pollution Flaw* EU Votes To Create Gigantic Biometrics Database* Noisebridge May Be Pushed Out Of The Mission District* Hacker Dumps Thousands Of Sensitive Mexican Embassy Documents Online* Millions Using 123456 As Password, Security Study Finds* Twitter Bot Activity Spiked After The Release Of The Mueller Report* U.S. Intelligence Says Huawei Funded By Chinese State Security* Marcus Hutchins Pleads Guilty To Two Counts Of Banking Malware Creation* Ransomware Ravages Municipalities Nationwide This Week* Facebook Fights To Shield Zuckerberg In US Privacy Probe* Weather Channel Knocked Off-Air In Dangerous Precedent* Facebook Security Lapse Affects Millions More Instragram Users Than First Stated* Unexpected Security Feature In Microsoft Edge Subverts IE Security* Mueller Report Dives Into Russia And Trump* State-Sponsored DNS Hijacking Infiltrates 40 Firms Globally* EA Origin Client Bug Allows Threat Actors To Run Remote Code* Facebook Uploaded Email Contacts For 1.5m Users Without Consent* Shopify API Flaw Leaked Revenue Data Of Thousands Of Stores* US Government Admits It Doesn't Know If Assange Cracked Password For Manning* Oracle Squashes 53 Critical Bugs In April Security Update* Windows Zero Day Emerges In Active Exploits* The Curious Case Of The Spamhaus Port Scanning Scandal* Bad Bots Now Make Up 20 Percent Of Web Traffic
Dark Reading
* 4 Tips to Protect Your Business Against Social Media Mistakes* Researchers Find Clues for Dramatically Reducing IDS Traffic Volume* Russia Hacked Clinton's Computers Five Hours After Trump's Call* APT34 Toolset, Victim Data Leaked via Telegram* Free Princeton Application Provides IoT Traffic Insight* Why We Need a 'Cleaner Internet' * Third-Party Cyber-Risk by the Numbers* Cisco Issues 31 Mid-April Security Alerts* Creator of Hub for Stolen Credit Cards Sentenced to 90 Months* 6 Takeaways from Ransomware Attacks in Q1* Cloud Security Spend Set to Reach $12.6B by 2023* The Cybersecurity Automation Paradox* How to Raise the Level of AppSec Competency in Your Organization* Former Student Admits to USB Killer Attack* GoT Guide to Cybersecurity: Preparing for Battle During a Staffing Shortage* Facebook Accidentally Imported 1.5M Users' Email Data Sans Consent* Nation-State Hacker Group Hijacking DNS to Redirect Email, Web Traffic* VPN Vulnerabilities Point Out Need for Comprehensive Remote Security
News
Krebs on Security
* Marcus "MalwareTech” Hutchins Pleads Guilty to Writing, Selling Banking Malware* Wipro Intruders Targeted Other Major IT Firms* How Not to Acknowledge a Data Breach* Experts: Breach at IT Outsourcing Giant Wipro* 'Land Lordz' Service Powers Airbnb Scams* Android 7.0+ Phones Can Now Double as Google Security Keys* Patch Tuesday Lowdown, April 2019 Edition* A Year Later, Cybercrime Groups Still Rampant on Facebook* Alleged Chief of Romanian ATM Skimming Gang Arrested in Mexico* Canadian Police Raid 'Orcus RAT' Author
The Hacker News
* Hacker Breaks Into French Government's New Secure Messaging App* Facebook Stored Millions of Instagram Users' Passwords in Plaintext * Facebook Collected Contacts from 1.5 Million Email Accounts Without Users' Permission* Drupal Releases Core CMS Updates to Patch Several Vulnerabilities* Researcher Hijacks a Microsoft Service Using Loophole in Azure Cloud Platform* Over 100 Million JustDial Users' Personal Data Found Exposed On the Internet* Google Makes it Tough for Rogue App Developers Get Back on Android Play Store* Scranos: New Rapidly Evolving Rootkit-Enabled Spyware Discovered* Google Helps Police Identify Devices Close to Crime Scenes Using Location Data* Apache Tomcat Patches Important Remote Code Execution Flaw
Security Week
* Source Code of Iran-Linked Hacking Tools Posted Online* Examining Triton Attack Framework: Lessons Learned in Protecting Industrial Systems* WannaCry 'Hero' Marcus Hutchins Pleads Guilty to Creating Malware* Google to Block Logins From Embedded Browsers to Prevent Phishing* Facebook Collected Email Contacts of 1.5 Million Users Without Consent* Operator of Codeshop Cybercrime Marketplace Sentenced to Prison* State-Sponsored Hackers Use Sophisticated DNS Hijacking in Ongoing Attacks* Respect Is Key for Retaining Top Security Talent* Russian Hackers Use RATs to Target Financial Entities* Symfony, jQuery Vulnerabilities Patched in Drupal* Network DoS Attack on PLCs Can Disrupt Physical Processes* Cisco Patches Critical Flaw in ASR 9000 Routers* Mysterious Operative Haunted Kaspersky Critics* Bad Bots Steal Accounts, Content and Skew the Web Ecosystem* Fortinet Settles Whistleblower Case for $545,000* Russian Hackers Scrambled to Erase Digital Footprints After Triton Attribution Report* Brazilian Hackers Described as Adaptable Pirates* Iranian Hackers Heavily Reliant on DNS Tunneling* European Commission: No Evidence of Issues With Kaspersky Products* Oracle Releases 297 Fixes in April 2019 Critical Patch Update
News
Infosecurity Magazine
* Singapore Responds to Recent Cybersecurity Attacks* WannaCry "Hero" Pleads Guilty to Writing Malware in US Court* Password "123456" Used by 23.2 Million Users Worldwide* Mueller Report: Individuals Deleted Data During Investigation* Cyber-Attack Knocks the Weather Channel Off the Air* Facebook Uploaded 1.5 Million Email Contacts Without Consent* LinkedIn Data Found in Unsecured Databases* TA505 Targets Financial and Retail Using 'Undetectable' Methods* Fraudsters Exploit Sympathies Surrounding Notre Dame Tragedy* Cloud Security Spending Set to Top $12bn by 2023
Threat Post
* France's 'Secure' Telegram Replacement Hacked in an Hour* WannaCry Hero Pleads Guilty to Kronos Malware Charges* Millions of Medical Documents for Addiction and Recovery Patients Leaked* Microsoft's Latest Patch Hoses Some Antivirus Software* Three-Fourths of Consumers Don't Trust Facebook, Threatpost Poll Finds* Insecure Ride App Database Leaks Data of 300K Iranian Drivers* Weather Channel Knocked Off-Air in Dangerous Precedent* Shopify Flaw Exposed Thousands of Merchants' Revenue, Traffic Numbers* Poll: Facebook Harvests Email Contacts for 1.5M Users - Is Enough, Enough?* Easter Attack Affects Half a Billion Apple iOS Users via Chrome Bug
Naked Security
* Can you get hit by someone else's ransomware? [VIDEO]* WannaCry hero Hutchins now officially a convicted cybercriminal* Facebook: we logged 100x more Instagram plaintext passwords than we thought* Serious Security: Ransomware you'll never find - and how to stop it* Facebook user data used as bargaining chip, according to leaked docs* Google plays Whack-A-Mole with naughty Android developers* Chrome flaw on iOS leads to 500 million unwanted pop-up ads* Oracle issues nearly 300 patches in quarterly update* Ep. 028 - SPEWS, Android security and scary Facebook messages [PODCAST]* Mozilla to Apple: Protect user privacy with rotating phone IDs
Quick Heal - Security Simplified
* 5 ways to instantly detect a phishing email and save yourself from phishing attack* PCs fail to boot up / Freeze after receiving Microsoft Windows 9-April-2019 updates and rebooting the PC* JCry - A Ransomware written in Golang!* This summer vacation let your kids explore the internet with safety of parental control* 3059 android malware detected per day in 2018 - Are you still counting on free android antivirus forprotection?* Essential cyber safety tips every woman should follow* Quick Heal Threat Report - Cryptojacking rising but Ransomware still #1 threat for consumers* GandCrab Riding Emotet's Bus!* This Valentine fall for true love not for fake online dating apps
Security Conferences* This Months Upcoming Events in the United States* This Months Upcoming Events in Europe* Cybersecurity Conferences and Events in New Mexico* Cybersecurity Conferences and Events in South Dakota* Cybersecurity Conferences and Events in the United States
Tools & Techniques* Lynis Auditing Tool 2.7.4* OpenSSH 8.0p1* Raptor WAF 0.6* Mandos Encrypted File System Unattended Reboot Utility 1.8.4* Stegano 0.9.3* GNUnet P2P Framework 0.11.0* Wireshark Analyzer 3.0.1* Stegano 0.9.2* Faraday 3.7.0* PHPGGC unserialize() Payload Tool* Linux-based Autopilot and Other Technologies in Cars* EfiGuard - Disable PatchGuard and DSE at Boot Time* FireELF : Fileless Linux Malware Framework* Flashmingo : Automatic Analysis of SWF Files Based On Some Heuristics* Platypus : A modern Multiple Reverse Shell Sessions Manager Written In Go* SilkETW : Tool To Abstract Away The Complexities Of ETW* Monitor Smartphone usage with Cocospy Keylogger* InstantBox : Get a Clean, Ready-To-Go Linux Box in Seconds* Pepe : Collect Information About Email Addresses From Pastebin* W12Scan : A Simple Asset Discovery Engine for Cybersecurity
Latest Zone-H Website Defacements* http://absensi.kemendag.go.id/bitch.html* http://pkk.mubakab.go.id* http://www.pped.ie.ufrj.br/media/* http://www.app.ie.ufrj.br/media/* http://www.gic.ie.ufrj.br/media/* http://apps.secb.gov.sa/ir.html* http://online.scth.gov.sa/ir.html* https://pressfile.scth.gov.sa/ir.html* http://nbhc.gov.sa/ir.html* http://kec-trenggalek.trenggalekkab.go.id/id.html* http://kec-panggul.trenggalekkab.go.id/id.html* http://kec-gandusari.trenggalekkab.go.id/id.html* https://www.itapora.to.gov.br* http://paudarco.to.gov.br* http://harisk.nah.go.th/zz.htm* http://educationarmy3.nah.go.th/zz.htm* http://wcochitwan.gov.np/index.html* http://acikkaynak.gov.tr/ip.php* http://www.ramsurin.go.th/zz.htm
Proof of Concept (PoC) & Exploits
Packet Storm Security
* WordPress Contact Form Builder 1.0.67 CSRF / LFI* Google Chrome 73.0.3683.103 V8 JavaScript Engine Denial Of Service* Ease Audio Converter 5.30 Denial Of Service* LabF nfsAxe 3.7 Ping Client Buffer Overflow* Zikula Core CMS 2.0.13 Database Disclosure* RingsDB Software 1.0.0 Database Disclosure* OpenDocMan Document Management System 1.3.5 Database Disclosure* ChurchCRM Software 3.3.2 Database Disclosure* Oracle Business Intelligence Directory Traversal* Oracle Business Intelligence And XML Publisher XML Injection* QNAP myQNAPcloud Connect 1.3.4.0317 Username/Password Denial Of Service* SystemTap 1.3 MODPROBE_OPTIONS Privilege Escalation* Atlassian Confluence Widget Connector Macro Velocity Template Injection* Netwide Assembler (NASM) 2.14rc15 Null Pointer Dereference* ManageEngine Applications Manager 14 SQL Injection / Remote Code Execution* Evernote 7.9 Path Traversal / Code Execution* LibreOffice Macro Code Execution* Oracle Java Runtime Environment GlyphIterator::setCurrGlyphID Heap Corruption* Oracle Java Runtime Environment sc_FindExtrema4 Heap Corruption* OAMbuster Multi-Threaded CVE-2018-2879 Scanner* DHCP Server 2.5.2 Denial Of Service* ASUS HG100 Denial Of Service
Exploit Database
* [remote] ManageEngine Applications Manager 14.0 - Authentication Bypass / Remote Command Execution(Metasploit)* [webapps] Msvod 10 - Cross-Site Request Forgery (Change User Information)* [webapps] 74CMS 5.0.1 - Cross-Site Request Forgery (Add New Admin User)* [local] LabF nfsAxe 3.7 Ping Client - 'Host IP' Buffer Overflow (Direct Ret)* [shellcode] Linux/ARM - Password-Protected Reverse TCP Shellcode (100 bytes)* [dos] Google Chrome 73.0.3683.103 V8 JavaScript Engine - Out-of-Memory in Invalid Table Size Denial ofService (PoC)* [webapps] WordPress Plugin Contact Form Builder 1.0.67 - Cross-Site Request Forgery / Local File Inclusion* [dos] QNAP myQNAPcloud Connect 1.3.4.0317 - 'Username/Password' Denial of Service* [dos] Ease Audio Converter 5.30 - '.mp4' Denial of Service (PoC)* [remote] Atlassian Confluence Widget Connector Macro - Velocity Template Injection (Metasploit)* [local] SystemTap 1.3 - MODPROBE_OPTIONS Privilege Escalation (Metasploit)* [webapps] Oracle Business Intelligence / XML Publisher 11.1.1.9.0 / 12.2.1.3.0 / 12.2.1.4.0 - XML ExternalEntity Injection* [webapps] Oracle Business Intelligence 11.1.1.9.0 / 12.2.1.3.0 / 12.2.1.4.0 - Directory Traversal* [local] LibreOffice * [dos] Netwide Assembler (NASM) 2.14rc15 - NULL Pointer Dereference (PoC)* [remote] ManageEngine Applications Manager 11.0 * [local] Evernote 7.9 - Code Execution via Path Traversal* [dos] Oracle Java Runtime Environment - Heap Corruption During TTF font Rendering inGlyphIterator::setCurrGlyphID
AdvisoriesUS-Cert Alerts & bulletins
* AA19-024A: DNS Infrastructure Hijacking Campaign* AA18-337A: SamSam Ransomware* SB19-112: Vulnerability Summary for the Week of April 15, 2019* SB19-105: Vulnerability Summary for the Week of April 8, 2019
Symantec - Latest List
* Microsoft Azure CVE-2019-0816 Security Bypass Vulnerability* Microsoft Windows Win32k CVE-2019-0859 Local Privilege Escalation Vulnerability* Multiple CPU Hardware CVE-2017-5754 Information Disclosure Vulnerability* Multiple CPU Hardware CVE-2017-5753 Information Disclosure Vulnerability* Microsoft Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability* Microsoft Azure DevOps Server and Team Foundation Server Cross Site Scripting Vulnerability* Microsoft Windows LUAFV Driver CVE-2019-0836 Local Privilege Escalation Vulnerability* Microsoft Azure DevOps Server CVE-2019-0874 Cross Site Scripting Vulnerability* Microsoft Azure DevOps Server CVE-2019-0857 Spoofing Vulnerability* Microsoft Azure DevOps Server and Team Foundation Server Cross Site Scripting Vulnerability* Microsoft Azure DevOps Server and Team Foundation Server Cross Site Scripting Vulnerability* Microsoft Azure DevOps Server and Team Foundation Server Cross Site Scripting Vulnerability* Microsoft Azure DevOps Server CVE-2019-0869 HTML Injection Vulnerability* Microsoft Windows MS XML CVE-2019-0793 Remote Code Execution Vulnerability* Microsoft Windows MS XML CVE-2019-0795 Remote Code Execution Vulnerability* Microsoft Windows MS XML CVE-2019-0792 Remote Code Execution Vulnerability* Microsoft Internet Explorer VBScript Engine CVE-2019-0862 Remote Code Execution Vulnerability* Microsoft Open Enclave SDK CVE-2019-0876 Information Disclosure Vulnerability* Microsoft Windows MS XML CVE-2019-0791 Remote Code Execution Vulnerability* Microsoft ASP.NET Core CVE-2019-0815 Denial of Service Vulnerability* Microsoft Edge Chakra Scripting Engine CVE-2019-0739 Remote Memory Corruption Vulnerability* Microsoft Edge CVE-2019-0833 Information Disclosure Vulnerability* Microsoft Edge and Internet Explorer CVE-2019-0764 Tampering Security Bypass Vulnerability* Microsoft Windows JET Database Engine CVE-2019-0879 Remote Code Execution Vulnerability* Microsoft Windows VBScript Engine CVE-2019-0842 Remote Code Execution Vulnerability* Microsoft Windows MS XML CVE-2019-0790 Remote Code Execution Vulnerability
Packet Storm Security - Latest List
Ubuntu Security Notice USN-3950-1Ubuntu Security Notice 3950-1 - It was discovered that ZNC incorrectly handled certain invalid encodings. Anauthenticated remote user could use this issue to cause ZNC to crash, resulting in a denial of service, orpossibly execute arbitrary code.Slackware Security Advisory - libpng UpdatesSlackware Security Advisory - New libpng packages are available for Slackware 14.2 and -current to fixsecurity issues. Gentoo Linux Security Advisory 201904-19Gentoo Linux Security Advisory 201904-19 - Multiple vulnerabilities have been found in Dovecot, the worst ofwhich could result in root privilege escalation. Versions less than 2.3.5.1 are affected.Red Hat Security Advisory 2019-0782-01Red Hat Security Advisory 2019-0782-01 - The jackson-databind package provides general data-bindingfunctionality for Jackson, which works on top of Jackson core streaming API. Issues addressed include codeexecution and deserialization vulnerabilities.Gentoo Linux Security Advisory 201904-18Gentoo Linux Security Advisory 201904-18 - A vulnerability in libseccomp allows for privilege escalation.Versions less than 2.4.0 are affected.Ubuntu Security Notice USN-3914-2Ubuntu Security Notice 3914-2 - USN-3914-1 fixed vulnerabilities in NTFS-3G. As an additional hardeningmeasure, this update removes the setuid bit from the ntfs-3g binary. A heap buffer overflow was discovered inNTFS-3G when executing it with a relative mount point path that is too long. A local attacker could potentiallyexploit this to execute arbitrary code as the administrator. Various other issues were also addressed.Gentoo Linux Security Advisory 201904-17Gentoo Linux Security Advisory 201904-17 - Multiple vulnerabilities have been found in Patch, the worst ofwhich could result in the execution of arbitrary code. Versions less than 2.7.6-r3 are affected.Red Hat Security Advisory 2019-0778-01Red Hat Security Advisory 2019-0778-01 - The java-11-openjdk packages provide the OpenJDK 11 JavaRuntime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include a slowconversion of BigDecimal to long.Red Hat Security Advisory 2019-0775-01Red Hat Security Advisory 2019-0775-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 JavaRuntime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include an out ofbounds access vulnerability.Red Hat Security Advisory 2019-0774-01Red Hat Security Advisory 2019-0774-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 JavaRuntime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include an out ofbounds access vulnerability.Debian Security Advisory 4433-1Debian Linux Security Advisory 4433-1 - Several vulnerabilities have been discovered in the Rubygemsincluded in the interpreter for the Ruby language, which may result in denial of service or the execution ofarbitrary code.Debian Security Advisory 4432-1Debian Linux Security Advisory 4432-1 - Cedric Buissart discovered two vulnerabilities in Ghostscript, the GPLPostScript/PDF interpreter, which could result in bypass of file system restrictions of the dSAFER sandbox.Ubuntu Security Notice USN-3918-4Ubuntu Security Notice 3918-4 - USN-3918-1 fixed vulnerabilities in Firefox. The update caused webcompatibility and performance issues with some websites. This update fixes the problem. Multiple securityissues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker
could potentially exploit these to cause a denial of service via application crash, denial of service viasuccessive FTP authorization prompts or modal alerts, trick the user with confusing permission requestprompts, obtain sensitive information, conduct social engineering attacks, or execute arbitrary code. Amechanism was discovered that removes some bounds checking for string, array, or typed array accesses ifSpectre mitigations have been disabled. If a user were tricked in to opening a specially crafted website withSpectre mitigations disabled, an attacker could potentially exploit this to cause a denial of service, or executearbitrary code. It was discovered that Upgrade-Insecure-Requests was incorrectly enforced for same-originnavigation. An attacker could potentially exploit this to conduct man-in-the-middle attacks. Various other issueswere also addressed.Ubuntu Security Notice USN-3949-1Ubuntu Security Notice 3949-1 - It was discovered that a memory disclosure issue existed in the OpenJDKLibrary subsystem. An attacker could use this to expose sensitive information and possibly bypass Javasandbox restrictions. Please note that with this update, the OpenJDK package in Ubuntu 18.04 LTS hastransitioned from OpenJDK 10 to OpenJDK 11. Several additional packages were updated to be compatiblewith OpenJDK 11.Ubuntu Security Notice USN-3948-1Ubuntu Security Notice 3948-1 - A large number of security issues were discovered in the WebKitGTK+ Weband JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploita variety of issues related to web browser security, including cross-site scripting attacks, denial of serviceattacks, and arbitrary code execution.Red Hat Security Advisory 2019-0766-01Red Hat Security Advisory 2019-0766-01 - The mod_auth_mellon module for the Apache HTTP Server is anauthentication service that implements the SAML 2.0 federation protocol. The module grants access based onthe attributes received in assertions generated by an IdP server. Issues addressed include a bypassvulnerability.Red Hat Security Advisory 2019-0765-01Red Hat Security Advisory 2019-0765-01 - Python is an interpreted, interactive, object-oriented programminglanguage, which includes modules, classes, exceptions, very high level dynamic data types and dynamictyping. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.Issues addressed include an information leakage vulnerability.Gentoo Linux Security Advisory 201904-15Gentoo Linux Security Advisory 201904-15 - A vulnerability in libTIFF could lead to a Denial of Servicecondition. Versions less than 4.0.10 are affected.Ubuntu Security Notice USN-3947-2Ubuntu Security Notice 3947-2 - USN-3947-1 fixed a vulnerability in Libxslt. This update provides thecorresponding update for Ubuntu 12.04 ESM. It was discovered that Libxslt incorrectly handled certaindocuments. An attacker could possibly use this issue to access sensitive information. Various other issueswere also addressed.Gentoo Linux Security Advisory 201904-16Gentoo Linux Security Advisory 201904-16 - Multiple vulnerabilities have been found in phpMyAdmin, the worstof which could result in the arbitrary execution of code. Versions less than 4.8.4 are affected.Ubuntu Security Notice USN-3947-1Ubuntu Security Notice 3947-1 - It was discovered that Libxslt incorrectly handled certain documents. Anattacker could possibly use this issue to access sensitive information.Debian Security Advisory 4431-1Debian Linux Security Advisory 4431-1 - Chris Coulson discovered several vulnerabilities in libssh2, a SSH2client-side library, which could result in denial of service, information leaks or the execution of arbitrary code.Gentoo Linux Security Advisory 201904-14Gentoo Linux Security Advisory 201904-14 - Multiple vulnerabilities have been found in GnuTLS, the worst of
which could result in a Denial of Service condition. Versions less than 3.6.7 are affected.Ubuntu Security Notice USN-3945-1Ubuntu Security Notice 3945-1 - It was discovered that Ruby incorrectly handled certain RubyGems. Anattacker could possibly use this issue to execute arbitrary commands. It was discovered that Ruby incorrectlyhandled certain inputs. An attacker could possibly use this issue to execute arbitrary code.
