TippingPoint Threat Intelligence and Zero-Day Coverage – Week of November 6, 2017

2017-11-10T14:36:42
ID TRENDMICROBLOG:34BB8D285C72EA3451D9971318315484
Type trendmicroblog
Reporter Elisa Lippincott (TippingPoint Global Product Marketing)
Modified 2017-11-10T14:36:42

Description

I started a 14-day detox this week that eliminates common food allergens and hormones. It’s going to be two weeks of no fun, but it’s good to give your body a little reset. Plus, I’ll be done just in time for the Thanksgiving holiday. Eliminating toxins from your body can be compared to eliminating threats from your network, and funny enough, I remembered that there was a print advertisement we ran (in the early days of TippingPoint) more than 13 years ago that made the same analogy.

It said something along the lines of “If you want to know the benefits of our solution, start by removing your liver.” Hopefully you remember what you learned in biology class about liver function.

Fast forward to 2017 and we’re still eliminating toxins from networks. Earlier this week, our TippingPoint 8400TX Threat Protection System was awarded the “Recommended” rating from NSS Labs. The 8400TX had an overall security effectiveness rating of 99.6% and an above average total cost of ownership (TCO) at $6 per protected Mbps. To learn more and to download the full report, click here.

Zero-Day Filters

There are 50 new zero-day filters covering 11 vendors in this week’s Digital Vaccine (DV) package. A number of existing filters in this week’s DV package were modified to update the filter description, update specific filter deployment recommendation, increase filter accuracy and/or optimize performance. You can browse the list of published advisories and upcoming advisories on the Zero Day Initiative website. You can also follow the Zero Day Initiative on Twitter @thezdi and on their blog.

Apple (6)

|

  • 29903: PWN2OWN ZDI-CAN-5340: Zero Day Initiative Vulnerability (Apple Safari)
  • 29904: PWN2OWN ZDI-CAN-5344: Zero Day Initiative Vulnerability (Apple Safari)
  • 29910: PWN2OWN ZDI-CAN-5352: Zero Day Initiative Vulnerability (Apple Safari)
  • 29911: PWN2OWN ZDI-CAN-5353: Zero Day Initiative Vulnerability (Apple Safari)
  • 29916: PWN2OWN ZDI-CAN-5366: Zero Day Initiative Vulnerability (Apple Safari)
  • 29917: PWN2OWN ZDI-CAN-5342: Zero Day Initiative Vulnerability (Apple Safari)
    ---|---
    |

Cisco (1)

|

  • 29880: HTTPS: Cisco Prime Collaboration Provisioning logconfigtracer Directory Traversal (ZDI-17-448)
    ---|---
    |

Dell (1)

|

  • 29887: ZDI-CAN-5293: Zero Day Initiative Vulnerability (Dell EMC Storage Manager)
    ---|---
    |

Delta (16)

|

  • 29861: ZDI-CAN-5265: Zero Day Initiative Vulnerability (Delta Industrial Automation DOPSoft)
  • 29862: ZDI-CAN-5266: Zero Day Initiative Vulnerability (Delta Industrial Automation DOPSoft)
  • 29863: ZDI-CAN-5267: Zero Day Initiative Vulnerability (Delta Industrial Automation DOPSoft)
  • 29864: ZDI-CAN-5268: Zero Day Initiative Vulnerability (Delta Industrial Automation DOPSoft)
  • 29867: ZDI-CAN-5269,5276: Zero Day Initiative Vulnerability (Delta Industrial Automation DOPSoft)
  • 29868: ZDI-CAN-5270: Zero Day Initiative Vulnerability (Delta Industrial Automation DOPSoft)
  • 29869: ZDI-CAN-5271: Zero Day Initiative Vulnerability (Delta Industrial Automation DOPSoft)
  • 29870: ZDI-CAN-5272: Zero Day Initiative Vulnerability (Delta Industrial Automation DOPSoft)
  • 29871: ZDI-CAN-5273: Zero Day Initiative Vulnerability (Delta Industrial Automation DOPSoft)
  • 29872: ZDI-CAN-5274: Zero Day Initiative Vulnerability (Delta Industrial Automation DOPSoft)
  • 29873: ZDI-CAN-5275: Zero Day Initiative Vulnerability (Delta Industrial Automation DOPSoft)
  • 29877: ZDI-CAN-5283: Zero Day Initiative Vulnerability (Delta Industrial Automation DOPSoft)
  • 29878: ZDI-CAN-5284: Zero Day Initiative Vulnerability (Delta Industrial Automation DOPSoft)
  • 29879: ZDI-CAN-5285: Zero Day Initiative Vulnerability (Delta Industrial Automation DOPSoft)
  • 29882: ZDI-CAN-5286: Zero Day Initiative Vulnerability (Delta Industrial Automation DOPSoft)
  • 29883: ZDI-CAN-5287: Zero Day Initiative Vulnerability (Delta Industrial Automation DOPSoft)
    ---|---
    |

Foxit (6)

|

  • 29885: ZDI-CAN-5288: Zero Day Initiative Vulnerability (Foxit Reader)
  • 29886: ZDI-CAN-5290: Zero Day Initiative Vulnerability (Foxit Reader)
  • 29888: ZDI-CAN-5294: Zero Day Initiative Vulnerability (Foxit Reader)
  • 29889: ZDI-CAN-5295: Zero Day Initiative Vulnerability (Foxit Reader)
  • 29895: ZDI-CAN-5296: Zero Day Initiative Vulnerability (Foxit Reader)
  • 29898: ZDI-CAN-5282: Zero Day Initiative Vulnerability (Foxit Reader)
    ---|---
    |

Huawei (5)

|

  • 29905: PWN2OWN ZDI-CAN-5347: Zero Day Initiative Vulnerability (Huawei Browser)
  • 29906: PWN2OWN ZDI-CAN-5348: Zero Day Initiative Vulnerability (Huawei Browser)
  • 29907: PWN2OWN ZDI-CAN-5349: Zero Day Initiative Vulnerability (Huawei Browser)
  • 29908: PWN2OWN ZDI-CAN-5350: Zero Day Initiative Vulnerability (Huawei Browser)
  • 29909: PWN2OWN ZDI-CAN-5351: Zero Day Initiative Vulnerability (Huawei Browser)
    ---|---
    |

Microsoft (2)

|

  • 29897: ZDI-CAN-5090: Zero Day Initiative Vulnerability (Microsoft Windows)
  • 29900: ZDI-CAN-5242: Zero Day Initiative Vulnerability (Microsoft Chakra)
    ---|---
    |

NetGain Systems (1)

|

  • 29896: ZDI-CAN-5080: Zero Day Initiative Vulnerability (NetGain Systems Enterprise Manager)
    ---|---
    |

QNAP (4)

|

  • 29859: ZDI-CAN-5262: Zero Day Initiative Vulnerability (QNAP QTS)
  • 29860: ZDI-CAN-5263: Zero Day Initiative Vulnerability (QNAP QTS)
  • 29875: ZDI-CAN-5278,5280: Zero Day Initiative Vulnerability (QNAP QTS)
  • 29876: ZDI-CAN-5279: Zero Day Initiative Vulnerability (QNAP QTS)
    ---|---
    |

Samsung (5)

|

  • 29902: PWN2OWN ZDI-CAN-5332: Zero Day Initiative Vulnerability (Samsung Internet Browser)
  • 29912: PWN2OWN ZDI-CAN-5355: Zero Day Initiative Vulnerability (Samsung Internet Browser)
  • 29913: PWN2OWN ZDI-CAN-5356: Zero Day Initiative Vulnerability (Samsung Internet Browser)
  • 29914: PWN2OWN ZDI-CAN-5361: Zero Day Initiative Vulnerability (Samsung Internet Browser)
  • 29915: PWN2OWN ZDI-CAN-5365: Zero Day Initiative Vulnerability (Samsung Internet Browser)
    ---|---
    |

Trend Micro (3)

|

  • 29782: HTTP: Trend Micro Control Manager Debug Level Authentication Bypass Vulnerability (ZDI-17-497)
  • 29846: HTTP: Trend Micro Mobile Security for Enterprise query_user search_by SQL Injection (ZDI-17-771)
  • 29858: ZDI-CAN-5234: Zero Day Initiative Vulnerability (Trend Micro Control Manager)
    ---|---
    |

Missed Last Week’s News?

Catch up on last week’s news in my weekly recap.