ÐÅÏ¢Çå¾²Öܱ¨-2019ÄêµÚ15ÖÜ

Ðû²¼Ê±¼ä 2019-04-15

±¾ÖÜÇ徲̬ÊÆ×ÛÊö



2019Äê4ÔÂ08ÈÕÖÁ14ÈÕ±¾Öܹ²ÊÕ¼Çå¾²Îó²î84¸ö£¬ÖµµÃ¹Ø×¢µÄÊÇJuniper Networks Junos OSÃÜÂëÐÞ¸ÄÎó²î£»Ubiquiti Networks EdgeSwitchí§ÒâÏÂÁîÖ´ÐÐÎó²î; Apache Tomcat CVE-2019-0232í§Òâ´úÂëÖ´ÐÐÎó²î£»Microsoft Office Access Connectivity Engine CVE-2019-0825í§Òâ´úÂëÖ´ÐÐÎó²î£»Adobe AcrobatºÍReader CVE-2019-7117ÀàÐÍ»ìÏý´úÂëÖ´ÐÐÎó²î¡£


±¾ÖÜÖµµÃ¹Ø×¢µÄÍøÂçÇå¾²ÊÂÎñÊÇÅ·Ã˳ÉÔ±¹ú¾ÙÐÐÍøÂçÇå¾²ÑÝÏ°£¬ÔöÇ¿Ó¦¶ÔÑ¡¾Ùʱ´úµÄÍøÂçÍþв£»Ñо¿Ö°Ô±Ê¹ÓÃ3D´òÓ¡µÄÖ¸ÎÆÄ£×ÓÀֳɽâËøGalaxy S10 +£»WPA3Ò²²»Çå¾² £¿DragonbloodÎó²î¿ÉÆƽâWi-FiÃÜÂ룻Apache TomcatÔ¶³Ì´úÂëÖ´ÐÐÎó²î£¨CVE-2019-0232£©£»TP-Link WR940NºÍWR941ND·ÓÉÆ÷ÁãÈÕÎó²î£¬¿Éµ¼ÖÂ×°±¸±»½ÓÊÜ¡£


ƾ֤ÒÔÉÏ×ÛÊö£¬±¾ÖÜÇå¾²ÍþвΪÖС£



Ö÷ÒªÇå¾²Îó²îÁбí



1. Juniper Networks Junos OSÃÜÂëÐÞ¸ÄÎó²î


Juniper Networks Junos OSÆôÓá®set system ports console insecure¡¯±£´æÇå¾²Îó²î£¬ÍâµØ¹¥»÷ÕßʹÓÃÎó²îÌá½»¡®set system root-authentication plain-text-password¡¯ÐÞ¸ÄrootÃÜÂë¡£
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10924&actp=METADATA 

2. Ubiquiti Networks EdgeSwitchí§ÒâÏÂÁîÖ´ÐÐÎó²î


Ubiquiti Networks EdgeSwitch±£´æÇå¾²Îó²î£¬ÔÊÐíÔ¶³Ì¹¥»÷ÕßʹÓÃÎó²îÌá½»ÌØÊâµÄÇëÇó£¬Ö´ÐÐí§ÒâosÏÂÁî¡£
https://community.ubnt.com/t5/EdgeMAX-Updates-Blog/EdgeMAX-EdgeSwitch-X-software-release-v1-1-1/ba-p/2731137 

3. Apache Tomcat CVE-2019-0232í§Òâ´úÂëÖ´ÐÐÎó²î


Apache Tomcat enableCmdLineArguments´¦Öóͷ£±£´æÇå¾²Îó²î£¬ÔÊÐíÔ¶³Ì¹¥»÷ÕßʹÓÃÎó²îÌá½»ÌØÊâµÄÇëÇ󣬿ÉÖ´ÐÐí§Òâ´úÂë¡£
https://vigilance.fr/vulnerability/Apache-Tomcat-code-execution-via-Windows-enableCmdLineArguments-28999 

4. Microsoft Office Access Connectivity Engine CVE-2019-0825í§Òâ´úÂëÖ´ÐÐÎó²î


Microsoft Office´¦Öóͷ£ÌØÊâÎļþ±£´æÇå¾²Îó²î£¬ÔÊÐíÔ¶³Ì¹¥»÷ÕßʹÓÃÎó²îÌá½»ÌØÊâµÄÎļþÇëÇó£¬ÓÕʹÓû§ÆÊÎö£¬¿ÉÖ´ÐÐí§Òâ´úÂë¡£
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0825 

5. Adobe AcrobatºÍReader CVE-2019-7117ÀàÐÍ»ìÏý´úÂëÖ´ÐÐÎó²î


Adobe AcrobatºÍReader´¦Öóͷ£Îļþ±£´æÀàÐÍ»ìÏýÎó²î£¬ÔÊÐíÔ¶³Ì¹¥»÷ÕßʹÓÃÎó²îÌá½»ÌØÊâµÄÎļþÇëÇ󣬿ÉʹӦÓóÌÐò±ÀÀ£»òÕßÖ´ÐÐí§Òâ´úÂë¡£
https://helpx.adobe.com/security/products/acrobat/apsb19-17.html 


 Ö÷ÒªÇå¾²ÊÂÎñ×ÛÊö



1¡¢Å·Ã˳ÉÔ±¹ú¾ÙÐÐÍøÂçÇå¾²ÑÝÏ°£¬ÔöÇ¿Ó¦¶ÔÑ¡¾Ùʱ´úµÄÍøÂçÍþв

ÓÅ·¢¹ú¼Ê¡¤ËæÓŶø¶¯Ò»´¥¼´·¢

ΪÁËÓ­½Ó¼´½«ÔÚ2019Äê5ÔÂ23ÈÕÖÁ26ÈÕ¾ÙÐеÄÅ·ÃËÒé»áÑ¡¾Ù£¬Å·ÃËÍøÂçÇå¾²¾Ö£¨ENISA£©¼°Å·Ã˳ÉÔ±¹úÍŽá¾ÙÐÐÁËÒ»ÏîÃûΪEU ELEx19µÄÑÝÏ°£¬ÒÔÔöÇ¿Ó¦¶ÔÑ¡¾Ùʱ´úµÄÍøÂçÇå¾²Íþв¡£Æ¾Ö¤Å·ÃËÒé»á£¬ÕâÏîÑÝÏ°µÄÄ¿µÄÊÇÕÒµ½Ô¤·À¡¢¼ì²â¼°»º½âÓ°ÏìÅ·ÃËÑ¡¾ÙµÄÍøÂçÇå¾²ÊÂÎñµÄÒªÁì¡£ÕâÏîÑÝÏ°¿ÉÒÔʹŷÃ˳ÉÔ±¹ú²âÊÔÆäΣ»úÏìÓ¦¼Æ»®£¬²¢Ìá¸ß¿ç¾³Ð­µ÷ÏìÓ¦µÄÄÜÁ¦¡£

Ô­ÎÄÁ´½Ó£º
https://www.bleepingcomputer.com/news/security/eu-states-test-and-strengthen-readiness-for-election-cyber-threats/

2¡¢Ñо¿Ö°Ô±Ê¹ÓÃ3D´òÓ¡µÄÖ¸ÎÆÄ£×ÓÀֳɽâËøGalaxy S10 +


ÓÅ·¢¹ú¼Ê¡¤ËæÓŶø¶¯Ò»´¥¼´·¢


Ñо¿Ö°Ô±·¢Ã÷ÈýÐǵij¬Éù²¨Ö¸ÎÆʶ±ð¿Éͨ¹ý3D´òÓ¡µÄÖ¸ÎÆÄ£×ÓÀ´Èƹý¡£Æ¾Ö¤ImgurÓû§darksharkÐû²¼µÄÎÄÕ£¬ËûÓÃÖÇÄÜÊÖ»ú´ÓÓðõüµÄ²àÃæÅÄÏÂÁËËûµÄÖ¸ÎÆÕÕƬ£¬È»ºóʹÓÃ3DS MaxÈí¼þ½¨Éè3DÖ¸ÎÆÄ£×Ó£¬²¢Ê¹ÓÃAnyCubic Photon LCD´òÓ¡»ú´òÓ¡³öÖ¸ÎÆÄ£×Ó£¬Õâ¿éÖ¸ÎÆÄ£×Ó¼´¿É½âËøGalaxy S10 +¡£

Ô­ÎÄÁ´½Ó£º
https://mashable.com/article/samsung-fingerprint-scanner-fooled-3d-printing/#4pCm_5_D_PqO

3¡¢WPA3Ò²²»Çå¾² £¿DragonbloodÎó²î¿ÉÆƽâWi-FiÃÜÂë


ÓÅ·¢¹ú¼Ê¡¤ËæÓŶø¶¯Ò»´¥¼´·¢


ÔÚ4ÔÂ10ÈÕ½ÒÏþµÄһƪÂÛÎÄÖУ¬Çå¾²Ñо¿Ö°Ô±Mathy VanhoefºÍEyal Ronen·¢Ã÷WPA3-PersonalЭÒé±£´æÐÂÎó²îDragonblood£¬ÕâЩÎó²î¿ÉÔÊÐíDZÔÚ¹¥»÷ÕßÆƽâWi-FiÃÜÂë²¢ÇÔÈ¡¼ÓÃÜÁ÷Á¿¡£ÔÚÂÛÎÄÖÐÑо¿Ö°Ô±ÏêϸÏÈÈÝÁËWPA3µÄÁ½ÖÖÉè¼ÆȱÏÝ£ºÒ»ÖÖÊǽµ¼¶¹¥»÷£¬Ò»ÖÖÊDzàÐŵÀй¶¡£Ê×ÏÈWPA3Ìṩ¹ý¶ÉģʽÒÔÖ§³Ö¾É×°±¸£¬µ«¹¥»÷Õß¿ÉÒÔÀÄÓÃÕâЩÉèÖÃÀ´ÆÈʹWPA3×°±¸Ê¹Óò»Çå¾²µÄWPA2µÄ4´ÎÎÕÊÖ£¬²¢ÇÒÕâÖÖ½µ¼¶¹¥»÷Ö»ÐèÒªÖªµÀWPA3ÍøÂçµÄSSID¡£Æä´ÎÑо¿Ö°Ô±ÏÈÈÝÁËÁ½ÖÖ²àÐŵÀ¹¥»÷-»ùÓÚ»º´æ£¨CVE-2019-9494£©ºÍ»ùÓÚʱÐò£¨CVE-2019-9494£©£¬¿ÉÓÃÓÚ»ñÈ¡Wi-FiÃÜÂëºÍÇÔÈ¡¼ÓÃÜ´«ÊäµÄÃô¸ÐÐÅÏ¢¡£Ñо¿Ö°Ô±½«ÔÚGitHubÉÏÐû²¼PoC²âÊÔ¹¤¾ß¡£Wi-FiͬÃËÈ·ÈϳÆÕýÔÚÓ빩ӦÉÌÏàÖúÐÞ²¹ÏÖÓеÄWPA3ÈÏ֤װ±¸¡£

Ô­ÎÄÁ´½Ó£º
https://thehackernews.com/2019/04/wpa3-hack-wifi-password.html

4¡¢Apache TomcatÔ¶³Ì´úÂëÖ´ÐÐÎó²î£¨CVE-2019-0232£©


ÓÅ·¢¹ú¼Ê¡¤ËæÓŶø¶¯Ò»´¥¼´·¢


4ÔÂ10ÈÕApache¹Ù·½Ðû²¼Í¨¸æ³Æ½«ÔÚа汾ÖÐÐÞ¸´Ô¶³Ì´úÂëÖ´ÐÐÎó²î£¨CVE-2019-0232£©¡£ÓÉÓÚJREÔÚ½«²ÎÊýת´ïµ½WindowsÇéÐÎʱCGI ServletÖб£´æÊäÈëÑéÖ¤¹ýʧ£¬µ¼ÖÂÔ¶³Ì¹¥»÷Õß¿Éͨ¹ý·¢ËͶñÒâÇëÇóÒÔTomcatµÄȨÏÞÔÚϵͳÉÏ×¢ÈëºÍÖ´ÐÐí§ÒâOSÏÂÁî¡£ÊÜÓ°ÏìµÄTomcat°æ±¾°üÀ¨9.0.13¡¢9.0.14ºÍ9.0.16¡£Apache¹Ù·½ÉÐδÐû²¼ÐÞ¸´²¹¶¡£¬µ«Óû§¿Éͨ¹ý½ûÓÃenableCmdLineArgumentsÑ¡ÏîÔÝʱ¾ÙÐзÀ»¤¡£

Ô­ÎÄÁ´½Ó£º
https://www.cybersecurity-help.cz/vdb/SB2019041101?affChecked=1

5¡¢TP-Link WR940NºÍWR941ND·ÓÉÆ÷ÁãÈÕÎó²î£¬¿Éµ¼ÖÂ×°±¸±»½ÓÊÜ

ÓÅ·¢¹ú¼Ê¡¤ËæÓŶø¶¯Ò»´¥¼´·¢


IBM SecurityÑо¿ÍŶӷ¢Ã÷TP-Link TL-WR940NºÍTL-WR941NDÁ½¿î·ÓÉÆ÷±£´æ»º³åÇøÒç³öÎó²î£¬¿Éµ¼Ö¶ñÒâµÚÈý·½Ô¶³Ì¿ØÖƸÃ×°±¸¡£¸ÃÎó²îÓë×°±¸µÄWeb¿ØÖÆÃæ°åÓйØ£¬ËäȻƾ֤TP-LinkµÄ·ÓÉÆ÷Ïà¹ØÎĵµ£¬ÕâÁ½ÖÖÐͺŶ¼ÒÑÍ£²ú£¬µ«ËüÃÇÈÔ¿ÉÒÔ´ÓTargetºÍWalmartµÈÁãÊÛÉÌ´¦¹ºÖá£TP-LinkÓÚ3ÔÂ12ÈÕÐû²¼Á˹̼þ¸üУ¬½¨ÒéÓû§¾¡¿ì¾ÙÐиüС£

Ô­ÎÄÁ´½Ó£º
https://threatpost.com/tp-link-routers-vulnerable-to-zero-day-buffer-overflow-attack/143575/