ÐÅÏ¢Çå¾²Öܱ¨-2019ÄêµÚ51ÖÜ

Ðû²¼Ê±¼ä 2019-12-30

>±¾ÖÜÇå¾²Ì¬ÊÆ×ÛÊö


2019Äê12ÔÂ23ÈÕÖÁ29ÈÕ¹²ÊÕ¼Çå¾²Îó²î43¸ö£¬£¬£¬£¬£¬£¬£¬ÖµµÃ¹Ø×¢µÄÊÇPalo Alto Networks PA-7080 ROOTȨÏÞ»ñÈ¡Îó²î; Mozilla Network Security Services»º³åÇøÒç³öÎó²î£»£» £»£»Docker docker-credential-secretserviceÄÚ´æ¹ýʧӦÓÃȨÏÞÌáÉýÎó²î£»£» £»£»TigerVNC ZlibInStreamÔ¶³Ì´úÂëÖ´ÐÐÎó²î£»£» £»£»D-Link DCS-960L HNAP SOAPActionÕ»Òç³ö´úÂëÖ´ÐÐÎó²î¡£¡£¡£¡£¡£


±¾ÖÜÖµµÃ¹Ø×¢µÄÍøÂçÇå¾²ÊÂÎñÊÇÓÎÏ·¿ª·¢ÉÌZyngaй¶½ü1.73ÒÚÓû§ÕË»§ÐÅÏ¢£»£» £»£»CitrixËùÓвúÆ·±£´æ´úÂëÖ´ÐÐÎó²î£¨CVE-2019-19781£©£»£» £»£»¶íÂÞ˹Õþ¸®Ðû²¼ÀֳɾÙÐл¥ÁªÍø¶Ï¿ª²âÊÔ£»£» £»£»P2P½©Ê¬ÍøÂçMoziÖ÷ÒªÕë¶ÔÍø¼þ¡¢D-LinkºÍ»ªÎªÂ·ÓÉÆ÷£»£» £»£»°¢ÁªÇõ±»Ö¸¿Ø¼àÊÓToTokÊý°ÙÍòÓû§£¬£¬£¬£¬£¬£¬£¬¹È¸èÆ»¹û½ôÆÈϼÜ¡£¡£¡£¡£¡£


ƾ֤ÒÔÉÏ×ÛÊö£¬£¬£¬£¬£¬£¬£¬±¾ÖÜÇå¾²ÍþвΪÖС£¡£¡£¡£¡£


>Ö÷ÒªÇå¾²Îó²îÁбí


1. Palo Alto Networks PA-7080 ROOTȨÏÞ»ñÈ¡Îó²î


Palo Alto Networks PA-7080ûÓÐ׼ȷÏÞÖÆ¶ÔLog Forwarding CardͨѶµÄÏÞÖÆ£¬£¬£¬£¬£¬£¬£¬ÔÊÐíÍâµØ¹¥»÷ÕßʹÓÃÎó²îÌá½»ÌØÊâµÄÇëÇ󣬣¬£¬£¬£¬£¬£¬¿É»ñÈ¡rootȨÏÞ¡£¡£¡£¡£¡£

https://nvd.nist.gov/vuln/detail/CVE-2019-17440


2. Mozilla Network Security Services»º³åÇøÒç³öÎó²î


Mozilla Network Security Services cryptographic primitives³¤¶È´¦Öóͷ£±£´æ»º³åÇøÒç³öÎó²î£¬£¬£¬£¬£¬£¬£¬ÔÊÐíÔ¶³Ì¹¥»÷Õß¿ÉÒÔʹÓÃÎó²î¹¹½¨¶ñÒâWEBÒ³£¬£¬£¬£¬£¬£¬£¬ÓÕʹÇëÇ󣬣¬£¬£¬£¬£¬£¬¿ÉʹӦÓóÌÐò±ÀÀ£»£» £»£»òÖ´ÐÐí§Òâ´úÂë¡£¡£¡£¡£¡£

https://access.redhat.com/security/cve/cve-2019-17006


3. Docker docker-credential-secretserviceÄÚ´æ¹ýʧӦÓÃȨÏÞÌáÉýÎó²î


Docker docker-credential-secretservice±£´æÁ½´ÎÊÍ·ÅÎó²î£¬£¬£¬£¬£¬£¬£¬ÔÊÐíÍâµØ¹¥»÷ÕßʹÓÃÎó²îÌá½»ÌØÊâµÄÇëÇ󣬣¬£¬£¬£¬£¬£¬¿ÉÌáÉýȨÏÞ²¢Ö´ÐдúÂë¡£¡£¡£¡£¡£

https://www.zerodayinitiative.com/advisories/ZDI-19-1030/


4. TigerVNC ZlibInStreamÔ¶³Ì´úÂëÖ´ÐÐÎó²î


TigerVNC ZlibInStream±£´æÄÚ´æÆÆËðÎó²î£¬£¬£¬£¬£¬£¬£¬ÔÊÐíÔ¶³Ì¹¥»÷ÕßʹÓÃÎó²îÌá½»ÌØÊâµÄЧÀÍÇëÇ󣬣¬£¬£¬£¬£¬£¬¿ÉʹӦÓóÌÐò±ÀÀ£»£» £»£»òÕßÖ´ÐÐí§Òâ´úÂë¡£¡£¡£¡£¡£

https://github.com/CendioOssman/tigervnc/commit/d61a767d6842b530ffb532ddd5a3d233119aad40


5. D-Link DCS-960L HNAP SOAPActionÕ»Òç³ö´úÂëÖ´ÐÐÎó²î


D-Link DCS-960L HNAP SOAPAction±£´æÕ»Òç³öÎó²î£¬£¬£¬£¬£¬£¬£¬ÔÊÐíÔ¶³Ì¹¥»÷ÕßʹÓÃÎó²îÌá½»ÌØÊâµÄÎļþÇëÇ󣬣¬£¬£¬£¬£¬£¬¿ÉʹӦÓóÌÐò±ÀÀ£»£» £»£»òÖ´ÐÐí§Òâ´úÂë¡£¡£¡£¡£¡£

https://www.zerodayinitiative.com/advisories/ZDI-19-1031/


>Ö÷ÒªÇå¾²ÊÂÎñ×ÛÊö


1¡¢ÓÎÏ·¿ª·¢ÉÌZyngaй¶½ü1.73ÒÚÓû§ÕË»§ÐÅÏ¢


¼øºÚµ£±£Íø(jhdbw)¡¤×î¾ßȨÍþΨһάȨµ£±£Æ½Ì¨


ÓÎÏ·¿ª·¢ÉÌZyngaÔÚ9Ô·ÝÔâµ½ºÚ¿ÍÈëÇÖ£¬£¬£¬£¬£¬£¬£¬½ü1.73ÒÚ¸öÓû§ÃûºÍÃÜÂëй¶¡£¡£¡£¡£¡£ËäÈ»ZyngaÓÚ9ÔÂβÈÏ¿ÉÁËÕâÒ»ÊÂÎñ£¬£¬£¬£¬£¬£¬£¬µ«Êý¾ÝÐ¹Â¶Í¨ÖªÍøÕ¾HaveIBeenPwnedÏÖÔÚÍøÂçµ½ÁËÓйØÊÜÓ°ÏìÕË»§ÊýÄ¿µÄ¹Ù·½Êý×Ö¡£¡£¡£¡£¡£Æ¾Ö¤¸ÃÍøÕ¾µÄ¸üУ¬£¬£¬£¬£¬£¬£¬¹²ÓÐ1.729ÒÚ¸ö²î±ðµÄµç×ÓÓʼþµØµãÒÔ¼°Óû§ÃûºÍÃÜÂëÔڴ˴ι¥»÷ÖÐй¶£¬£¬£¬£¬£¬£¬£¬ºÃÐÂÎÅÊÇÕâЩÃÜÂëÒÔ¼ÓÑεÄSHA-1É¢ÁÐÐÎʽ´æ´¢£¬£¬£¬£¬£¬£¬£¬Ê¹ÆäÄÑÒÔ±»ÆÆ½â¡£¡£¡£¡£¡£


Ô­ÎÄÁ´½Ó£º

https://www.infosecurity-magazine.com/news/zynga-breach-hit-173-million/


2¡¢CitrixËùÓвúÆ·±£´æ´úÂëÖ´ÐÐÎó²î£¨CVE-2019-19781£©


¼øºÚµ£±£Íø(jhdbw)¡¤×î¾ßȨÍþΨһάȨµ£±£Æ½Ì¨


Ç徲ר¼ÒMikhail KlyuchnikovÔÚCitrix Application Delivery ControllerºÍCitrix Gateway²úÆ·Öз¢Ã÷Ò»¸öÑÏÖØµÄ´úÂëÖ´ÐÐÎó²î£¬£¬£¬£¬£¬£¬£¬¸ÃÎó²î£¨CVE-2019-19781£©Ê¹158¸ö¹ú¼ÒµÄÁè¼Ý8Íò¼Ò¹«Ë¾ÃæÁÙΣº¦¡£¡£¡£¡£¡£ÓÉÓÚʹÓøÃÎó²îµÄ¹¥»÷ÕßÎÞÐèÉí·ÝÑéÖ¤¼´¿É»á¼û¹«Ë¾µÄÄÚ²¿ÍøÂ磬£¬£¬£¬£¬£¬£¬Òò´Ë¸ÃÎó²îÓÈÆäΣÏÕ¡£¡£¡£¡£¡£ÀÖ³ÉʹÓøÃÎó²î¿Éµ¼ÖÂí§Òâ´úÂëÖ´ÐС£¡£¡£¡£¡£Æ¾Ö¤Citrix£¬£¬£¬£¬£¬£¬£¬¸ÃÎó²îÓ°ÏìÁËËùÓÐÊÜÖ§³ÖµÄ²úÆ·°æ±¾Ç徲̨£¬£¬£¬£¬£¬£¬£¬Ö»¹ÜCitrixÉÐδÐû²¼Ð¹̼þÀ´½â¾ö¸ÃÎÊÌ⣬£¬£¬£¬£¬£¬£¬µ«¸Ã¹«Ë¾ÒÑÐû²¼ÁËÒ»Ì×Õë¶Ô×ÔÁ¦ÏµÍ³ºÍ¼¯ÈºµÄ»º½â²½·¥£¬£¬£¬£¬£¬£¬£¬²¢Ç¿ÁÒ½¨ÒéÊÜÓ°ÏìµÄ¿Í»§½ÓÄÉËüÃÇ¡£¡£¡£¡£¡£


Ô­ÎÄÁ´½Ó£º

https://www.bleepingcomputer.com/news/security/critical-citrix-flaw-may-expose-thousands-of-firms-to-attacks/


3¡¢¶íÂÞ˹Õþ¸®Ðû²¼ÀֳɾÙÐл¥ÁªÍø¶Ï¿ª²âÊÔ


¼øºÚµ£±£Íø(jhdbw)¡¤×î¾ßȨÍþΨһάȨµ£±£Æ½Ì¨


¶íÂÞ˹Õþ¸®ÖÜÒ»Ðû²¼ÀֳɾÙÐл¥ÁªÍø¶Ï¿ª²âÊÔ¡£¡£¡£¡£¡£¸ÃÏî²âÊÔ´ÓÉÏÖÜ×îÏȾÙÐУ¬£¬£¬£¬£¬£¬£¬Ò»Á¬Á˶àÌ죬£¬£¬£¬£¬£¬£¬Éæ¼°¶íÂÞ˹Õþ¸®»ú¹¹¡¢ÍâµØ»¥ÁªÍøÐ§ÀÍÌṩÉ̺ͶíÂÞ˹ÍâµØ»¥ÁªÍø¹«Ë¾¡£¡£¡£¡£¡£ÊµÑéµÄÄ¿µÄÊDzâÊԸùú¼ÒµÄ»¥ÁªÍø»ù´¡ÉèÊ©£¨ÔÚ¶íÂÞ˹ÄÚ²¿³ÆÎªRuNet£©ÊÇ·ñ¿ÉÒÔÔÚ²»»á¼ûÈ«ÇòDNSϵͳºÍÍⲿ»¥ÁªÍøµÄÇéÐÎÏÂÔËÐС£¡£¡£¡£¡£»£» £»£»¥ÁªÍøÁ÷Á¿ÔÚ¶íÂÞ˹ÄÚ²¿¾ÙÐÐÁËÖØÐ·ÓÉ£¬£¬£¬£¬£¬£¬£¬ÓÐÓõØÊ¹¶íÂÞ˹µÄRuNet³ÉΪÌìÏÂÉÏ×î´óµÄÄÚÁªÍø¡£¡£¡£¡£¡£Õþ¸®Ã»ÓÐ͸¶ÓйزâÊÔ¼°Æä×é¼þµÄÈκÎÊÖÒÕϸ½Ú£¬£¬£¬£¬£¬£¬£¬Ö»ÊÇÅú×¢Õþ¸®²âÊÔÁ˼¸ÖÖ¶Ï¿ªÅþÁ¬µÄ³¡¾°£¬£¬£¬£¬£¬£¬£¬°üÀ¨Ä£ÄâÍâÑóÍøÂç¹¥»÷µÄ³¡¾°¡£¡£¡£¡£¡£Õþ¸®ÔÚÐû²¼»áÉÏÌåÏÖ¸ÃʵÑé»ñµÃÁËÀֳɡ£¡£¡£¡£¡£


Ô­ÎÄÁ´½Ó£º

https://www.zdnet.com/article/russia-successfully-disconnected-from-the-internet/


4¡¢P2P½©Ê¬ÍøÂçMoziÖ÷ÒªÕë¶ÔÍø¼þ¡¢D-LinkºÍ»ªÎªÂ·ÓÉÆ÷


¼øºÚµ£±£Íø(jhdbw)¡¤×î¾ßȨÍþΨһάȨµ£±£Æ½Ì¨


Ñо¿Ö°Ô±·¢Ã÷ÐÂP2P½©Ê¬ÍøÂçMoziÕýÔÚÆð¾¢Õë¶ÔÍø¼þ¡¢D-LinkºÍ»ªÎªµÄ·ÓÉÆ÷¡£¡£¡£¡£¡£¸Ã½©Ê¬ÍøÂçÓë¶ñÒâÈí¼þGafgytÓйØ£¬£¬£¬£¬£¬£¬£¬ÓÉÓÚËüÖØÓÃÁ˺óÕߵIJ¿·Ö´úÂë¡£¡£¡£¡£¡£MoziµÄÖ÷ҪĿµÄÊÇÓÃÓÚDDoS¹¥»÷¡£¡£¡£¡£¡£Ñо¿Ö°Ô±·¢Ã÷¸Ã½©Ê¬ÍøÂçʹÓÃÒ»ÖÖ¶¨ÖƵÄÀ©Õ¹ÂþÑÜʽ¹þÏ£±í£¨DHT£©Ð­ÒéÀ´ÊµÏÖ£¬£¬£¬£¬£¬£¬£¬¸ÃЭÒéͨ³£±»torrent¿Í»§¶ËºÍÆäËûP2Pƽ̨ÓÃÓÚ´æ´¢½ÚµãÁªÏµÐÅÏ¢¡£¡£¡£¡£¡£Mozi»¹Ê¹ÓÃECDSA384ºÍXORËã·¨À´È·±£½©Ê¬ÍøÂç×é¼þºÍP2PÍøÂçµÄÍêÕûÐÔºÍÇå¾²ÐÔ¡£¡£¡£¡£¡£MoziÖ÷Ҫͨ¹ýtelnetʹÓÃÈõÃÜÂë»á¼ûÒ×Êܹ¥»÷µÄ×°±¸£¬£¬£¬£¬£¬£¬£¬²¢ÔÚ¼ÓÔØ¶ñÒâÈí¼þºóËÑË÷ºÍѬȾÆäËüÒ×Êܹ¥»÷µÄ×°±¸¡£¡£¡£¡£¡£


Ô­ÎÄÁ´½Ó£º

https://www.bleepingcomputer.com/news/security/new-mozi-p2p-botnet-takes-over-netgear-d-link-huawei-routers/


5¡¢°¢ÁªÇõ±»Ö¸¿Ø¼àÊÓToTokÊý°ÙÍòÓû§£¬£¬£¬£¬£¬£¬£¬¹È¸èÆ»¹û½ôÆÈϼÜ


¼øºÚµ£±£Íø(jhdbw)¡¤×î¾ßȨÍþΨһάȨµ£±£Æ½Ì¨


ƾ֤¡¶Å¦Ô¼Ê±±¨¡·±¨µÀ£¬£¬£¬£¬£¬£¬£¬°¢ÁªÇõÕþ¸®Ê¹ÓÃÊ¢ÐеÄͨѶӦÓÃToTok×÷Ϊ¼àÊÓ¹¤¾ß£¬£¬£¬£¬£¬£¬£¬¸ú×ÙÓû§µÄ¶Ô»°ºÍ»î¶¯¡£¡£¡£¡£¡£¸ÃAPPÏÖÔÚÒѱ»AppleºÍGoogleÔÚÏßÊÐËÁϼÜ¡£¡£¡£¡£¡£ToTokµÄÓû§°üÀ¨°¢ÁªÇõºÍÖж«ÆäËû¹ú¼ÒµÄÊý°ÙÍòÃñÖÚ¡£¡£¡£¡£¡£¸Ã±¨¸æ³Æ£¬£¬£¬£¬£¬£¬£¬ÃÀ¹úÇ鱨¹ÙÔ±ºÍÇå¾²Ñо¿Ö°Ô±È·¶¨°¢ÁªÇõÕþ¸®ÕýÔÚʹÓøÃAPP¾ÙÐмàÊӻ¡£¡£¡£¡£¡£ToTok·ñ¶¨ÁËÓëÕþ¸®¼à¿ØÍýÏëÓйØ£¬£¬£¬£¬£¬£¬£¬²¢ÌåÏÖ¸ÃÓ¦Óñ»Ï¼ÜÊÇÓÉÓÚ¡°ÊÖÒÕÎÊÌ⡱¡£¡£¡£¡£¡£


Ô­ÎÄÁ´½Ó£º

https://securityaffairs.co/wordpress/95586/intelligence/totok-app-surveillance.html