ÐÅÏ¢°²È«Öܱ¨-2019ÄêµÚ47ÖÜ

°ä²¼¹¦·ò 2019-12-03

>±¾ÖÜ°²È«Ì¬ÊÆ×ÛÊö


2019Äê11ÔÂ25ÈÕÖÁ12ÔÂ01ÈÕ¹²ÊÕ¼°²È«·ì϶48¸ö £¬£¬£¬£¬£¬£¬£¬ÖµµÃ¹Ø×¢µÄÊÇF5 SSL Orchestrator SSL±àÅŻؾø·þÎñ·ì϶; Dell EMC Storage Monitoring and Reporting·´ÐòÁл¯´úÂëÖ´Ðзì϶£»£»£»£»£»£» £»£»TP-Link TL-WR841N http_parser_main»º³åÇøÒç¶Âí½Å£»£»£»£»£»£» £»£»Symantec Critical System Protection°²È«ÈƹýδÊÚȨ½Ó¼û·ì϶£»£»£»£»£»£» £»£»Linux kernel Marvell WiFi chip driver lbs_ibss_join_existing»º³åÇøÒç¶Âí½Å¡£¡£¡£¡£¡£¡£


±¾ÖÜÖµµÃ¹Ø×¢µÄÍøÂ簲ȫÊÂÎñÊÇTrickBotбäÖÖ¿ÉÇÔÈ¡OpenSSHºÍOpenVPNÃÜÔ¿£»£»£»£»£»£» £»£»Fortinet°²È«²úÆ·Ó²±àÂë¼ÓÃÜÃÜÔ¿·ì϶£¨CVE-2018-9195£©£»£»£»£»£»£» £»£»Á½¸öAndroid SDK·¸·¨ÍøÂçFacebook¼°TwitterÓû§Êý¾Ý£»£»£»£»£»£» £»£»»ÝÆÕÖҸ沿ÃÅSSD½«ÔÚͨµç32768Ó×ʱºó²úÉú¹ÊÕÏ£»£»£»£»£»£» £»£»Î÷°àÑÀ°²È«³§ÉÌProsegurÔâµ½ÀÕË÷Èí¼þRyuk¹¥»÷¡£¡£¡£¡£¡£¡£


ƾ¾ÝÒÔÉÏ×ÛÊö £¬£¬£¬£¬£¬£¬£¬±¾ÖÜ°²È«ÍþвΪÖС£¡£¡£¡£¡£¡£


>³ÁÒª°²È«·ì϶Áбí



1. F5 SSL Orchestrator SSL±àÅŻؾø·þÎñ·ì϶


F5 SSL Orchestrator SSL±àÅÅ´¦ÖôæÔÚ°²È«·ì϶ £¬£¬£¬£¬£¬£¬£¬ÔÊÐíÔ¶³Ì¹¥»÷ÕßÀûÓ÷ì϶Ìá½»ÌØÊâµÄÒªÇó £¬£¬£¬£¬£¬£¬£¬¿É½øÐлؾø·þÎñ¹¥»÷ £¬£¬£¬£¬£¬£¬£¬Ê¹TMM±ÀÀ£¡£¡£¡£¡£¡£¡£


https://support.f5.com/csp/article/K21135478


2. Dell EMC Storage Monitoring and Reporting·´ÐòÁл¯´úÂëÖ´Ðзì϶


Dell EMC Storage Monitoring and Reporting Java RMI·þÎñ´æÔÚ·´ÐòÁл¯·ì϶ £¬£¬£¬£¬£¬£¬£¬ÔÊÐíÔ¶³Ì¹¥»÷ÕßÀûÓ÷ì϶Ìá½»ÌØÊâµÄÒªÇó £¬£¬£¬£¬£¬£¬£¬¿ÉʹÀûÓ÷¨Ê½±ÀÀ£»£»£»£»£»£» £»£»òÖ´ÐÐËÁÒâ´úÂë¡£¡£¡£¡£¡£¡£


https://www.zerodayinitiative.com/advisories/ZDI-19-996/


3. TP-Link TL-WR841N http_parser_main»º³åÇøÒç¶Âí½Å


TP-Link TL-WR841N http_parser_main´¦ÖÃHost request´æÔÚ»º³åÇøÒç¶Âí½Å £¬£¬£¬£¬£¬£¬£¬ÔÊÐíÔ¶³Ì¹¥»÷ÕßÀûÓ÷ì϶Ìá½»ÌØÊâµÄÒªÇó £¬£¬£¬£¬£¬£¬£¬¿ÉʹÀûÓ÷¨Ê½±ÀÀ£»£»£»£»£»£» £»£»òÖ´ÐÐËÁÒâ´úÂë¡£¡£¡£¡£¡£¡£


https://www.zerodayinitiative.com/advisories/ZDI-19-992/


4. Symantec Critical System Protection°²È«ÈƹýδÊÚȨ½Ó¼û·ì϶


Symantec Critical System ProtectionʵÏÖ´æÔÚ°²È«·ì϶ £¬£¬£¬£¬£¬£¬£¬ÔÊÐíÔ¶³Ì¹¥»÷ÕßÄܹ»ÀûÓ÷ì϶Ìá½»ÌØÊâµÄÒªÇó £¬£¬£¬£¬£¬£¬£¬¿ÉÈƹý°²È«ÏÞ¶ÈδÊÚȨ½Ó¼û¡£¡£¡£¡£¡£¡£


https://support.symantec.com/us/en/article.SYMSA1498.html


5. Linux kernel Marvell WiFi chip driver lbs_ibss_join_existing»º³åÇøÒç¶Âí½Å


Linux kernel Marvell WiFi chip driverÖеÄdrivers/net/wireless/marvell/libertas/cfg.c lbs_ibss_join_existing´æÔÚ»º³åÇøÒç¶Âí½Å £¬£¬£¬£¬£¬£¬£¬ÔÊÐíÔ¶³Ì¹¥»÷ÕßÄܹ»ÀûÓ÷ì϶Ìá½»ÌØÊâµÄÒªÇó £¬£¬£¬£¬£¬£¬£¬¿ÉʹÀûÓ÷¨Ê½±ÀÀ£»£»£»£»£»£» £»£»òÖ´ÐÐËÁÒâ´úÂë¡£¡£¡£¡£¡£¡£


https://access.redhat.com/security/cve/cve-2019-14896




>³ÁÒª°²È«ÊÂÎñ×ÛÊö


1¡¢TrickBotбäÖÖ¿ÉÇÔÈ¡OpenSSHºÍOpenVPNÃÜÔ¿


8827Ì«Ñô¼¯ÍÅ(Macau)¹É·ÝÓÐÏÞ¹«Ë¾-Official website


Palo Alto NetworksµÄUnit 42×êÑÐÍŶӷ¢ÏÖTrickBotµÄбäÖÖ¸üÐÂÁËÃÜÂëÇÔÈ¡Ä£¿£¿£¿£¿£¿£¿é £¬£¬£¬£¬£¬£¬£¬¿ÉÓÃÓÚÇÔÈ¡OpenSSH˽ԿÒÔ¼°OpenVPNÃÜÂëºÍÅäÖÃÎļþ¡£¡£¡£¡£¡£¡£¸ÃÄ£¿£¿£¿£¿£¿£¿é²¢²»ÊÇÐÂÔö³¤µÄ £¬£¬£¬£¬£¬£¬£¬ÔçÔÚ2018Äê11ÔÂ×êÑÐÈËÔ±¾Í·¢ÏÖÁË¿É´Ó¶à¸öä¯ÀÀÆ÷ºÍÀûÓ÷¨Ê½ÖÐÇÔÈ¡ÃÜÂëµÄÄ£¿£¿£¿£¿£¿£¿é¡£¡£¡£¡£¡£¡£¸ÃÄ£¿£¿£¿£¿£¿£¿éÔÚ2Ô·ݽøÐÐÁËÉý¼¶ £¬£¬£¬£¬£¬£¬£¬Äܹ»ÇÔÈ¡VNC¡¢PuTTY¼°RDP·þÎñÖеÄÉí·ÝÑé֤ʹ´¦¡£¡£¡£¡£¡£¡£´Ë¿Ì11Ô·Ý×êÑÐÈËÔ±·¢ÏÖ¸ÃÄ£¿£¿£¿£¿£¿£¿éÔÚͨ¹ýHTTP POSTÒªÇó½«OpenSSH˽ԿÒÔ¼°OpenVPNÃÜÂëºÍÅäÖÃÎļþ·¢Ë͵½C2·þÎñÆ÷¡£¡£¡£¡£¡£¡£ÕâÅú×¢×Ô2016Äê10Ô±»·¢ÏÖÒÔÀ´ £¬£¬£¬£¬£¬£¬£¬TrickBotÒ»ÏòÔÚ¸üÐÂÆäÖ°ÄܺÍÄ£¿£¿£¿£¿£¿£¿é¡£¡£¡£¡£¡£¡£


Ô­ÎÄÁ´½Ó£º

https://www.bleepingcomputer.com/news/security/trickbot-trojan-getting-ready-to-steal-openssh-and-openvpn-keys/


2¡¢Fortinet°²È«²úÆ·Ó²±àÂë¼ÓÃÜÃÜÔ¿·ì϶£¨CVE-2018-9195£©


8827Ì«Ñô¼¯ÍÅ(Macau)¹É·ÝÓÐÏÞ¹«Ë¾-Official website


SEC Consult°²È«×êÑÐÔ±StefanViehb?ckÔÚFortinetµÄFortiOSÖз¢ÏÖÓ²±àÂëµÄ¼ÓÃÜÃÜÔ¿£¨CVE-2018-9195£© £¬£¬£¬£¬£¬£¬£¬ÊÜÓ°ÏìµÄ²úÆ·Ô̺¬FortiGate·À»ðǽÒÔ¼°MacºÍWindows°æ±¾µÄFortiClientÖն˱£»£»£»£»£»£» £»£»¤Èí¼þ¡£¡£¡£¡£¡£¡£ÕâÈýÖÖ²úƷʹÓÃÈõ¼ÓÃÜ£¨XOR£©²¢ÇÒÊÇÓ²±àÂëµÄ¼ÓÃÜÃÜÔ¿Óë¸÷ÀàFortiGateÔÆ·þÎñ½øÐÐͨѶ¡£¡£¡£¡£¡£¡£¸ÃÃÜÔ¿ÓÃÓÚ¼ÓÃÜFortiGuard Web¹ýÂËÖ°ÄÜ¡¢FortiGuard·´À¬»øÓʼþÖ°ÄܺÍFortiGuard AntiVirusÖ°ÄܵÄÓû§Á÷Á¿¡£¡£¡£¡£¡£¡£¹¥»÷Õß¿ÉÀûÓô˷ì϶Ðá̽Óû§µÄÁ÷Á¿ £¬£¬£¬£¬£¬£¬£¬¸ú×ÙËûÃǵÄä¯ÀÀ¼Í¼»òµç×ÓÓʼþÊý¾Ý¡£¡£¡£¡£¡£¡£×êÑÐÈËÔ±ÓÚ2018Äê5Ô·¢ÏÖ²¢»ã±¨ÁËÕâЩÎÊÌâ £¬£¬£¬£¬£¬£¬£¬µ«Fortinet»¨ÁË10µ½18¸öԵŦ·ò²Åɾ³ýÁËÓ²±àÂëµÄÃÜÔ¿¡£¡£¡£¡£¡£¡£½¨ÒéÓû§¸üÐÂÖÁFortiOS 6.0.7»ò6.2.0¡¢FortiClient Windows 6.2.0¼°FortiClient Mac 6.2.2¡£¡£¡£¡£¡£¡£


Ô­ÎÄÁ´½Ó£º

https://www.zdnet.com/article/some-fortinet-products-shipped-with-hardcoded-encryption-keys/


3¡¢Á½¸öAndroid SDK·¸·¨ÍøÂçFacebook¼°TwitterÓû§Êý¾Ý


8827Ì«Ñô¼¯ÍÅ(Macau)¹É·ÝÓÐÏÞ¹«Ë¾-Official website


×êÑÐÈËÔ±·¢ÏÖÁ½¸öµÚÈý·½SDK£¨OneAudienceºÍMobiburn£©¿É°ÂÃØÍøÂçTwitterºÍFacebookÓû§Êý¾Ý £¬£¬£¬£¬£¬£¬£¬TwitterºÍFacebookÔÚ½øÐе÷²é¡£¡£¡£¡£¡£¡£ÕâÁ½¸öSDK¶¼ÊÇÊý¾ÝÇ®±Ò»¯·þÎñ £¬£¬£¬£¬£¬£¬£¬Í¨¹ýÏò¿ª·¢ÈËÔ±¸¶·ÑÒÔ½«ÆäSDK¼¯³Éµ½ÀûÓÃÖÐ £¬£¬£¬£¬£¬£¬£¬¶øºóÍøÂçÓû§µÄÐÐΪÊý¾ÝÓÃÓÚ¸æ°×ÓªÏú¡£¡£¡£¡£¡£¡£Í¨³£´ËÀàÌ×¼þ²»»á½Ó¼ûÓû§µÇ¼Facebook»òTwitterºóÌìÉúµÄÓ×ÎÒÐÅÏ¢¡¢ÕË»§ÃÜÂëµÈÊý¾Ý¡£¡£¡£¡£¡£¡£TwitterÔÚһƪ²©¿ÍÖÐÈ·ÈÏOneAudience SDK¿Éδ¾­ÊÚȨ´ÓTwitterÕÊ»§ÖÐÍøÂçÓû§µÄÓ×ÎÒÐÅÏ¢¡£¡£¡£¡£¡£¡£TwitterûÓÐй©ÊÜÓ°ÏìµÄÓû§ÊýÁ¿ £¬£¬£¬£¬£¬£¬£¬µ«°µÊ¾Ö»ÓÐAndroidÓû§Êܵ½Ó°Ïì¡£¡£¡£¡£¡£¡£Facebook°µÊ¾Ò²Êܵ½¸ÃÎÊÌâÓ°Ïì £¬£¬£¬£¬£¬£¬£¬Ô̺¬OneAudience SDKºÍMobiBurn SDK¡£¡£¡£¡£¡£¡£Á½¼ÒSDK¿ª·¢Õß»ØÓ¦³ÆËûÃǽöÌṩ¹¤¾ß £¬£¬£¬£¬£¬£¬£¬µ«²»ÒÔÈκη½Ê½²Î¼ÓÊý¾ÝÍøÂç £¬£¬£¬£¬£¬£¬£¬½«ÔðÈιé×ïÓÚÀÄÓÃÆäSDKµÄapp¿ª·¢ÈËÔ±¡£¡£¡£¡£¡£¡£


Ô­ÎÄÁ´½Ó£º

https://thehackernews.com/2019/11/sdk-twitter-facebook-android.html


4¡¢»ÝÆÕÖҸ沿ÃÅSSD½«ÔÚͨµç32768Ó×ʱºó²úÉú¹ÊÕÏ


8827Ì«Ñô¼¯ÍÅ(Macau)¹É·ÝÓÐÏÞ¹«Ë¾-Official website


HPEÖÒ¸æ¶à¿îSSD½«ÔÚͨµç¹¦·òÀۼƴï32768Ó×ʱºó²úÉú¹ÊÕÏ £¬£¬£¬£¬£¬£¬£¬µ¼ÖÂÓ²ÅÌÉϵÄÊý¾ÝÃÔʧÇÒÎÞ·¨¸´Ô­¡£¡£¡£¡£¡£¡£Òì³£¹¦·ò¿Éת»»Îª3Äê270Ìì8Ó×ʱ £¬£¬£¬£¬£¬£¬£¬Ô¶Ó×ÓÚ²úÆ·µÄÕý³£Ê¹ÓÃÊÙÃü £¬£¬£¬£¬£¬£¬£¬ÉõÖÁ²¿ÃÅÐͺŵı£½¨ÆÚÒ²¿ÉÀ©´óÖÁ5Äê¡£¡£¡£¡£¡£¡£ÊÜÓ°ÏìµÄ²úÆ·ÐͺŶà´ï20ÖÖ £¬£¬£¬£¬£¬£¬£¬¶à¿î²úÆ·ÖØÒªÃæÏòÆóÒµ·þÎñÆ÷ £¬£¬£¬£¬£¬£¬£¬Ô̺¬HPE ProLiant¡¢Synergy¡¢Apollo¡¢JBOD D3xxx¡¢D6xxx¡¢D8xxx¡¢MSA¡¢StoreVirtual 4335ºÍStoreVirtual 3200µÈ¡£¡£¡£¡£¡£¡£¸Ã¹«Ë¾ÔÚ11ÔÂ22ÈÕ°ä²¼ÁË8¿î²úÆ·µÄ½¨¸´·¨Ê½ £¬£¬£¬£¬£¬£¬£¬²¢´òËãÔÚ12ÔµĵڶþÖÜ°ä²¼Ôü×Ò²úÆ·µÄ¹Ì¼þ¸üС£¡£¡£¡£¡£¡£


Ô­ÎÄÁ´½Ó£º

https://www.bleepingcomputer.com/news/hardware/hp-warns-that-some-ssd-drives-will-fail-at-32-768-hours-of-use/


5¡¢Î÷°àÑÀ°²È«³§ÉÌProsegurÔâµ½ÀÕË÷Èí¼þRyuk¹¥»÷


8827Ì«Ñô¼¯ÍÅ(Macau)¹É·ÝÓÐÏÞ¹«Ë¾-Official website


Î÷°àÑÀ°²È«³§ÉÌProsegurÔÚÒ»·ÝÉêÃ÷Öа䷢ÔâÀÕË÷Èí¼þ¹¥»÷ £¬£¬£¬£¬£¬£¬£¬Õû¸ö¹«Ë¾µÄÍøÂ綼ÒѹعØ¡£¡£¡£¡£¡£¡£Ö»¹ÜûÓеõ½¹Ù·½È·ÈÏ £¬£¬£¬£¬£¬£¬£¬µ«BleepingComputerÏàʶµ½¸Ã¹¥»÷Ó°ÏìÁËProsegurÔÚÅ·ÖÞµÄËùÓеØÖ·¡£¡£¡£¡£¡£¡£ÔÚTwitterÉϵĸüÐÂÖÐ £¬£¬£¬£¬£¬£¬£¬ProsegurÈ·Èϵ¼ÖÂÆä·þÎñÖжϵĶñÒâÈí¼þÊÇRyuk £¬£¬£¬£¬£¬£¬£¬²¢½«ÊÂÎñÏóÕ÷Ϊ¡°Í¨³£ÐÔ¹¥»÷¡±¡£¡£¡£¡£¡£¡£¸Ã¹«Ë¾°µÊ¾ÒѲÉÈ¡×î´óˮƽµÄ°²È«´ëÊ©×èÖ¹¸Ã¶ñÒâÈí¼þÔÚÆäÄÚ²¿¼°¿Í»§¶ËÍøÂçÖд«²¼¡£¡£¡£¡£¡£¡£×÷ΪԤ·À´ëÊ© £¬£¬£¬£¬£¬£¬£¬¸Ã¹«Ë¾½«³ÖÐøÏÞ¶ÈͨѶ £¬£¬£¬£¬£¬£¬£¬Ö±µ½È·ÈÏÆäϵͳÒѸɾ» £¬£¬£¬£¬£¬£¬£¬²¢ÔÚÖÂÁ¦ÒÔ×î¿ìµÄËٶȸ´Ô­ÊÜÓ°ÏìµÄ·þÎñ¡£¡£¡£¡£¡£¡£


Ô­ÎÄÁ´½Ó£º

https://www.bleepingcomputer.com/news/security/ryuk-ransomware-forces-prosegur-security-firm-to-shut-down-network/