

Rewterz Threat Alert – Gustuff Banking Botnet Targeting Financial Institutions
April 18, 2019
Rewterz Threat Advisory – CVE-2019-0008 – Juniper QFX5000 / EX4300 / EX4600 Junos OS FXPC Buffer Overflow Vulnerability
April 19, 2019
Rewterz Threat Alert – Gustuff Banking Botnet Targeting Financial Institutions
April 18, 2019
Rewterz Threat Advisory – CVE-2019-0008 – Juniper QFX5000 / EX4300 / EX4600 Junos OS FXPC Buffer Overflow Vulnerability
April 19, 2019Severity
Medium
Analysis summary
CVE-2018-10858
A heap-buffer overflow was found in the way samba clients processed extra long filename in a directory listing. A malicious samba server could use this flaw to cause arbitrary code execution on a samba client. Samba versions before 4.6.16, 4.7.9 and 4.8.4 are vulnerable.
CVE-2018-11237
An AVX-512-optimized implementation of the mempcpy function in the GNU C Library (aka glibc or libc6) 2.27 and earlier may write data beyond the target buffer, leading to a buffer overflow in __mempcpy_avx512_no_vzeroupper.
CVE-2018-0732
During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can send a very large prime value to the client. This will cause the client to spend an unreasonably long period of time generating a key for this prime resulting in a hang until the client has finished. This could be exploited in a Denial Of Service attack. Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2-1.0.2o).
CVE-2018-11784
When the default servlet in Apache Tomcat versions 9.0.0.M1 to 9.0.11, 8.5.0 to 8.5.33 and 7.0.23 to 7.0.90 returned a redirect to a directory (e.g. redirecting to ‘/foo/’ when the user requested ‘/foo’) a specially crafted URL could be used to cause the redirect to be generated to any URI of the attackers choice.
CVE-2018-1729
An unspecified error can be exploited to disclose certain information.
Impact
- Exposure of sensitive information
- System access
- Denial of Service
- Spoofing
Affected Vendors
IBM
Affected Products
IBM Security QRadar SIEM 7.x
Remediation
Update to version 7.3.1 Patch 8.
QRadar / QRM / QVM / QRIF / QNI 7.3.1 Patch 8