¡¶Î¬ËûÃü¡·ÖðÈÕ°²È«¼òѶ20181018

°ä²¼¹¦·ò 2018-10-22

1 £¬×êÑÐÍŶӷ¢ÏÖÕë¶ÔÎÚ¿ËÀ¼ºÍ²¨À¼ÄÜÔ´¹«Ë¾µÄÐÂAPT×éÖ¯GreyEnergy


28Ȧ-28Ȧ¹Ù·½ÍøÕ¾-ÏàÐÅÆ·ÅƵÄÁ¦Á¿

ESET×êÑÐÍŶӷ¢ÏÖÒ»¸öеÄAPT×éÖ¯GreyEnergy £¬¸ÃAPT×éÖ¯±»ÒÔΪÊÇBlackEnergyµÄ¼Ì³ÐÕß¡£ÔÚ´ÓǰÈýÄêÄÚ £¬GreyEnergyÖØÒªÕë¶ÔÎÚ¿ËÀ¼ºÍ²¨À¼µÄÄÜÔ´¹«Ë¾µÈ¸ß¼ÛÖµÖ¸±ê¡£GreyEnergyµÄ¶ñÒâÈí¼þ¿ò¼ÜÓëBlackEnergyÓµÓкöàÀàËÆÖ®´¦¡£×êÑÐÈËÔ±²¢Ã»Óй۲쵽רÃÅÕë¶ÔICSµÄ¶ñÒâÈí¼þÄ£¿é £¬µ«GreyEnergyµÄ¹¥»÷Õ½ÊõÒ»ÏòÊÇÕë¶Ô¹Ø¼ü»ù´¡ÉèÊ©ÖеÄSCADA¹¤×÷Õ¾ºÍ·þÎñÆ÷µÈ¡£


 Ô­ÎÄÁ´½Ó£º
https://www.welivesecurity.com/2018/10/17/greyenergy-updated-arsenal-dangerous-threat-actors/

2 £¬Oracle°ä²¼µÚÈý¼¾¶È³ÁÒª²¹¶¡¸üР£¬¹²½¨¸´301¸ö·ì϶

28Ȧ-28Ȧ¹Ù·½ÍøÕ¾-ÏàÐÅÆ·ÅƵÄÁ¦Á¿

Oracle°²È«ÍŶӰ䲼2018ÄêµÚÈý¼¾¶ÈµÄ³ÁÒª²¹¶¡¸üУ¨CPU£© £¬¹²½¨¸´301¸ö·ì϶¡£ÆäÖÐ48¸ö·ì϶µÄCVSSÆÀ·ÖΪ9.8·Ö £¬»¹ÓÐÒ»¸ö·ì϶µÄÆÀ·ÖΪÂú·Ö10·Ö¡£Õâ¸ö·ì϶ÊÇOracle GoldenGateµÄMonitoring Manager×é¼þÖеÄÕ»»º³åÇøÒç¶Âí½Å£¨CVE-2018-2913£© £¬Î´¾­Éí·ÝÑéÖ¤µÄÔ¶³Ì¹¥»÷Õß¿Éͨ¹ý¶ñÒâGGSCIÖ¸Áî´¥·¢¸Ã·ì϶¡£¾ßÌå·ì϶ÁбíÇë²Î¿¼ÒÔÏÂÁ´½Ó¡£¸ÃCPUÒ²ÊÇOracle2018ÄêµÄ×îºóÒ»¸öCPU¡£


 Ô­ÎÄÁ´½Ó£º
https://www.zdnet.com/article/oracle-patches-301-vulnerabilities-including-46-with-a-9-8-severity-rating/

3 £¬Libssh°ä²¼°²È«¸üР£¬½¨¸´Éí·ÝÑéÖ¤ÈÆ¹ý·ì϶£¨CVE-2018-10933£©


28Ȧ-28Ȧ¹Ù·½ÍøÕ¾-ÏàÐÅÆ·ÅƵÄÁ¦Á¿


Libssh½¨¸´·þÎñÆ÷¶ËÉí·ÝÈÏÖ¤ÈÆ¹ý·ì϶£¨CVE-2018-10993£©¡£¸Ã·ì϶´æÔÚÓÚlibssh 0.6¼°ÒÔÉϵİ汾ÖÐ £¬ÔÚÏòlibssh·þÎñÆ÷¶ËÈÏÖ¤µÄÁ÷³ÌÖÐ £¬¹¥»÷Õß¿Éͨ¹ý½«SSH2_MSG_USERAUTH_REQUESTÐÂÎÅ´úÌæÎªSSH2_MSG_USERAUTH_SUCCESSÐÂÎÅ £¬ÔÚûÓÐÓÐЧʹ´¦µÄÇé¿öÏÂÈÏÖ¤³É¹¦²¢ÊÕÊÜ·þÎñÆ÷¡£libsshÔÚ°æ±¾0.8.4ºÍ0.7.6Öн¨¸´Á˸÷ì϶¡£

 

Ô­ÎÄÁ´½Ó£º

https://thehackernews.com/2018/10/libssh-ssh-protocol-library.html

4 £¬VMware°ä²¼°²È«¸üР£¬½¨¸´ËÁÒâ´úÂëÖ´Ðзì϶£¨CVE-2018-6974£©

28Ȧ-28Ȧ¹Ù·½ÍøÕ¾-ÏàÐÅÆ·ÅƵÄÁ¦Á¿

VMware°ä²¼°²È«¸üР£¬½¨¸´ÆäSVGAÐé¹¹ÏÔ¿¨ÖеÄÒ»¸öËÁÒâ´úÂëÖ´Ðзì϶¡£¸Ã·ì϶£¨CVE-2018-6974£©Ó°ÏìÁËVMware ESXi¡¢FusionºÍWorkstation²úÆ·¡£ZDIÔÚ6ÔÂÖÐÑ®ÏòVMware»ã±¨Á˸÷ì϶¡£Æ¾¾ÝZDIµÄ˵·¨ £¬¸Ã·ì϶ÊÇÒ»¸ö¶Ñ»º³åÇøÒç¶Âí½Å £¬¹¥»÷ÕßÄܹ»ÀûÓô˷ì϶½áºÏÆäËü·ì϶ÔÚÖ÷»úϵͳÉÏÖ´ÐÐËÁÒâ´úÂë¡£


 Ô­ÎÄÁ´½Ó£º
https://securityaffairs.co/wordpress/77176/security/vmware-code-execution-flaws-2.html

5 £¬Ë¼¿ÆTalosÅû¶Linksys EϵÁзÓÉÆ÷ÖеĶà¸ö°²È«·ì϶

28Ȧ-28Ȧ¹Ù·½ÍøÕ¾-ÏàÐÅÆ·ÅƵÄÁ¦Á¿

˼¿ÆTalosÍŶӷ¢ÏÖLinksys EϵÁзÓÉÆ÷ÖдæÔÚ¶à¸ö¿ÉÀûÓõÄOSºÅÁî×¢Èë·ì϶¡£EϵÁзÓÉÆ÷ÖØÒªºÏÓÃÓÚ¼ÒÍ¥»òÓ×ÐͰ칫ÊÒ £¬ÓÃÓÚÏνӵçÄÔ¡¢µçÊÓ¡¢ÊÖ»úºÍÓÎÏ·»úµÈÉ豸¡£¹¥»÷Õß¿Éͨ¹ýHTTPÒªÇóÀûÓÃÕâЩ·ì϶£¨CVE-2018-3953¡¢CVE-2018-3954ºÍCVE-2018-3955£©²¢Ö´ÐÐËÁÒâ´úÂë¡£½¨ÒéÓû§½«¸Ã·ÓÉÆ÷µÄ¹Ì¼þ¸üÐÂÖÁ×îа汾¡£


 Ô­ÎÄÁ´½Ó£º
https://blog.talosintelligence.com/2018/10/vulnerability-spotlight-linksys-eseries.html

6 £¬Ë¼¿Æ°ä²¼°²È«¸üР£¬½¨¸´¶à¿î²úÆ·ÖеÄ15¸ö°²È«·ì϶

28Ȧ-28Ȧ¹Ù·½ÍøÕ¾-ÏàÐÅÆ·ÅƵÄÁ¦Á¿

˼¿Æ½¨¸´¶à¿î²úÆ·ÖеÄ15¸ö°²È«·ì϶ £¬ÆäÖÐ5¸ö·ì϶£¨CVE-2018-0443¡¢CVE-2018-0456¡¢CVE-2018-0378¡¢CVE-2018-0395ºÍCVE-2018-0441£©¿Éµ¼Ö»ؾø·þÎñ £¬2¸ö·ì϶£¨CVE-2018-0417ºÍCVE-2018-0443£©¿Éµ¼ÖÂÌáȨºÍÐÅϢй¶ £¬ÆäËü·ì϶»¹Ô̺¬Ä¿Â¼±éÀú¡¢XSSºÍCSRFµÈ¡£Ë¼¿ÆµÄ²úÆ·°²È«ÊÂÎñÏìÓ¦Ó××飨PSIRT£©³ÆÃ»Óз¢ÏÖÕâЩ·ì϶±»Ò°±íÀûÓõļ£Ïó¡£

 

Ô­ÎÄÁ´½Ó£º

https://news.softpedia.com/news/cisco-patches-remotely-exploitable-high-risk-security-bugs-in-multiple-products-523295.shtml


ÉêÃ÷£º±¾×ÊѶÓÉ28ȦάËûÃü°²È«Ó××é·­ÒëºÍÕû¶Ù