ÐÅÏ¢°²È«Öܱ¨-2019ÄêµÚ41ÖÜ

°ä²¼¹¦·ò 2019-10-21

>±¾Öܰ²È«Ì¬ÊÆ×ÛÊö



2019Äê10ÔÂ14ÈÕÖÁ20ÈÕ¹²ÊÕ¼°²È«·ì϶53¸ö £¬ÖµµÃ¹Ø×¢µÄÊÇISC BIND QNAME×îÓ×»¯´úÂë»Ø¾ø·þÎñ·ì϶;Samsung Galaxy S10δÊÚȨ½Ó¼û·ì϶£»Kubernetes API Server JSON/YAML½âÎö»Ø¾ø·þÎñ·ì϶£»Adobe Experience Manager CVE-2019-8088ºÅÁî×¢Èë·ì϶£»Adobe AcrobatºÍReaderÄÚ´æÃýÎóÒýÓÃËÁÒâ´úÂëÖ´Ðзì϶¡£


±¾ÖÜÖµµÃ¹Ø×¢µÄÍøÂ簲ȫÊÂÎñÊǺ½Ô˾ÞÍ·Pitney BowesÔâÀÕË÷Èí¼þ¹¥»÷ £¬¶à¸öϵͳ崻ú£»ÈüÃÅÌú¿ËÖն˰²È«²úÆ·µÄ¸üе¼ÖÂÓû§É豸À¶ÆÁ£»Android 0day(CVE-2019-2215)µÄPoC´úÂëÒѰ䲼£»Êý°ÙÍòÑÇÂíÑ·EchoºÍKindleÉ豸Ò×ÊÜWiFi KRACK¹¥»÷£»Linux sudoȨÏÞÈÆ¹ý·ì϶ £¬Äܹ»rootȨÏÞÖ´ÐкÅÁî¡£


ƾ¾ÝÒÔÉÏ×ÛÊö £¬±¾Öܰ²È«ÍþвΪÖС£


>³ÁÒª°²È«·ì϶Áбí



1. ISC BIND QNAME×îÓ×»¯´úÂë»Ø¾ø·þÎñ·ì϶
ISC BIND QNAME×îÓ×»¯´úÂë´¦ÖôæÔÚ°²È«·ì϶ £¬ÔÊÐíÔ¶³Ì¹¥»÷ÕßÀûÓ÷ì϶Ìá½»ÌØÊâµÄÒªÇó £¬¿ÉʹnamedÍ˳ö £¬Ôì³É»Ø¾ø·þÎñ¹¥»÷¡£
https://kb.isc.org/docs/cve-2019-6476

2. Samsung Galaxy S10δÊÚȨ½Ó¼û·ì϶
Samsung Galaxy S10Ö¸ÎÆÑéÖ¤´æÔÚ°²È«·ì϶ £¬ÔÊÐí¹¥»÷ÕßÄܹ»ÀûÓ÷ì϶Ìύδ¼ÈëÖ¸ÎÆ £¬¿É½Ó¼ûÊÖ»ú¡£
https://www.forbes.com/sites/gordonkelly/2019/10/15/samsung-galaxy-s10-note10-plus-fingerprint-reader-warning-upgrade-galaxy-s11

3. Kubernetes API Server JSON/YAML½âÎö»Ø¾ø·þÎñ·ì϶
Kubernetes API Server JSON/YAML½âÎö´æÔÚ°²È«·ì϶ £¬ÔÊÐíͨ¹ýÊÚȨµÄÔ¶³Ì¹¥»÷ÕßÀûÓ÷ì϶Ìá½»ÌØÊâµÄ¶ñÒâÒªÇó £¬¿É½øÐлؾø·þÎñ¹¥»÷¡£
https://github.com/kubernetes/kubernetes/issues/83253

4. Adobe Experience Manager CVE-2019-8088ºÅÁî×¢Èë·ì϶
Adobe Experience ManagerºÅÁî×¢Èë·ì϶ £¬ÔÊÐíÔ¶³Ì¹¥»÷ÕßÀûÓ÷ì϶Ìá½»ÌØÊâµÄÒªÇó £¬Äܹ»ÀûÓ÷¨Ê½¸ßµÍÎÄÖ´ÐÐËÁÒâºÅÁî¡£
https://helpx.adobe.com/security/products/experience-manager/apsb19-48.html

5. Adobe AcrobatºÍReaderÄÚ´æÃýÎóÒýÓÃËÁÒâ´úÂëÖ´Ðзì϶
Adobe AcrobatºÍReader´æÔÚ¿ªÊͺóʹÓ÷ì϶ £¬ÔÊÐíÔ¶³Ì¹¥»÷ÕßÀûÓ÷ì϶Ìá½»ÌØÊâµÄPDFÎļþ £¬ÓÕʹÓû§½âÎö £¬¿ÉʹÀûÓ÷¨Ê½±ÀÀ£»òÖ´ÐÐËÁÒâ´úÂë¡£
https://helpx.adobe.com/security/products/acrobat/apsb19-49.html


 >³ÁÒª°²È«ÊÂÎñ×ÛÊö



1¡¢º½Ô˾ÞÍ·Pitney BowesÔâÀÕË÷Èí¼þ¹¥»÷ £¬¶à¸öϵͳ崻ú


mansion88Ã÷Éý|Ö÷Ò³


È«Çòº½Ô˾ÞÍ·Pitney Bowes°ä·¢Ôâ·êÀÕË÷Èí¼þ¹¥»÷ £¬µ¼Ö²¿ÃÅϵͳÖжÏ £¬´Ó¶øÓ°ÏìÁ˿ͻ§¶ÔÆäijЩ·þÎñµÄ½Ó¼û¡£Pitney BowesΪȫÇò³¬¹ý150Íò¿Í»§Ìṩ·þÎñ £¬Ô̺¬90%µÄ²Æ¸»500Ç¿¹«Ë¾¡£Ä¿Ç°Óжà¸öPitney Bowes·þÎñÊܵ½Ó°Ïì £¬Ô̺¬Pitney BowesµÄÓʼþϵͳ²úÆ·¡£¿Í»§ÎÞ·¨ÔÚÆäÓʼþϵͳÉϲ¹³äÓÊ×Ê»òÉÏ´«ÂòÂô £¬Ò²ÎÞ·¨½Ó¼ûÓ¢¹úºÍ¼ÓÄôóµÄSendPro Online²úÆ·¼°Your AccountºÍPitney Bowes SuppliesÍøÉÏÉ̵ê £¬Õâ·´¹ýÀ´ÓÖÓ°ÏìÁ˶©ÔÄAutoInkºÍSupplies AppµÄ¿Í»§¡£¸Ã¹«Ë¾ÔÚÉêÃ÷ÖаµÊ¾ £¬Ä¿Ç°Ã»ÓÐÖ¤¾ÝÅú×¢¿Í»§»òÔ±¹¤µÄÊý¾Ý±»²»µ±½Ó¼û £¬¸Ã¹«Ë¾ÔÚÓëµÚÈý·½ºÏ×÷½øÐе÷²éÓë½â¾öÎÊÌâ¡£

Ô­ÎÄÁ´½Ó£º
https://www.bleepingcomputer.com/news/security/global-shipping-firm-pitney-bowes-affected-by-ransomware-attack/

2¡¢ÈüÃÅÌú¿ËÖն˰²È«²úÆ·µÄ¸üе¼ÖÂÓû§É豸À¶ÆÁ


mansion88Ã÷Éý|Ö÷Ò³


ÈüÃÅÌú¿ËΪÆäEndpoint Protection²úÆ·ÍÆ³öµÄÈëÇÖ¼ì²âÊðÃû¸üе¼ÖÂÓû§É豸³öÏÖ±ÀÀ£²¢ÏÔʾÀ¶ÆÁ£¨BSOD£©¡£¸ÃÎÊÌâÓ°ÏìÁËWin 7¡¢Win8¼°Win 10 £¬Æ¾¾ÝÈüÃÅÌú¿ËµÄ±íÊö £¬ÔÚÔËÐÐLiveUpdateʱEndpoint Protection Client»áÏÔʾéæÃüÀ¶ÆÁ £¬²¢ÏÔʾIDSvix86.sys/IDSvia64.sys³öÏÖÎÊÌâ £¬µ¼ÖÂBAD_POOL_CALLER (c2)»òKERNEL_MODE_HEAP_CORRUPTION (13A)Òì³£¡£¸Ã¹«Ë¾»¹²¹³ä³ÆÊÜÓ°ÏìµÄÈëÇÖ¼ì²âµÄÊðÃû°æ±¾Îª2019/10/14 r61 £¬¸ÃÎÊÌâÒÑÔÚа汾2019/10/14 r62Öнâ¾ö¡£

Ô­ÎÄÁ´½Ó£º
https://www.bleepingcomputer.com/news/security/symantec-fixes-bad-ips-definitions-that-cause-a-windows-bsod/

3¡¢Android 0day(CVE-2019-2215)µÄPoC´úÂëÒѰ䲼

mansion88Ã÷Éý|Ö÷Ò³


±¾Ô³õ¹È¸è°²È«×êÑÐÔ±Maddie StoneÅû¶ÁËÒ»¸öAndroidÁãÈÕ·ì϶£¨CVE-2019-2215£© £¬Æäʱ¹È¸è°µÊ¾¸ÃÁãÈÕ·ì϶ÔÚÒ°±í±»»ý¼«ÀûÓ᣽üÈÕ·ðÂÞÀï´ï´óѧGrant HernandezÔÚ²©¿ÍÖа䲼ÁËÒ»¸öеÄPoC¹¤¾ßQu1ckR00t £¬¹¥»÷Õß¿ÉÀûÓøù¤¾ß»ñµÃrootȨÏÞ²¢ÆëÈ«½ÚÔìÉ豸¡£¸Ã¹¤¾ßûÓÐ×÷Ϊ´ò°üµÄAPKÎļþ°ä²¼ £¬¶øÊÇÒÔÔ´´úÂëµÄ´ó¾ÖÔÚGitHubÉϰ䲼¡£Hernandez°µÊ¾ËûÖ»ÔÚPixel 2ÊÖ»úÉϲâÊÔ¹ýQu1ckR00t £¬²¢ÖÒ¸æÃ»Óо­ÑéµÄÓû§²»Òª²âÊԸôúÂë £¬²»È»»áÓÐϵͳ±äשºÍÊý¾ÝÃÔʧµÄ·çÏÕ¡£GoogleÒÑÔÚ2019Äê10ÔµÄAndroid°²È«²¼¸æ£¨°²È«²¹¶¡·¨Ê½¼¶±ð2019-10-06£©Öн¨²¹ÁËCVE-2019-2215 ¡£ÎªÁËÔ¤·À³öÏÖÎÊÌâ £¬½¨ÒéÓû§×°ÖñØÒªµÄ²¹¶¡·¨Ê½¡£


Ô­ÎÄÁ´½Ó£º

https://www.zdnet.com/article/security-researcher-publishes-proof-of-concept-code-for-recent-android-zero-day/

4¡¢Êý°ÙÍòÑÇÂíÑ·EchoºÍKindleÉ豸Ò×ÊÜWiFi KRACK¹¥»÷


mansion88Ã÷Éý|Ö÷Ò³


ƾ¾ÝESETµÄÒ»·Ý»ã±¨ £¬×êÑÐÈËÔ±·¢ÏÖAmazon Echo 1stºÍAmazon Kindle 8thÉ豸ÒÀÈ»Êܵ½WiFi KRACK·ì϶µÄÓ°Ïì £¬Õâ¿ÉÄÜÓ°ÏìÊý°ÙÍòÉ豸¡£KRACK·ì϶ÊÇWPA2ºÍ̸4´ÎÎÕÊÖÖеķì϶£¨CVE-2017-13077ºÍCVE-2017-13078£© £¬¸Ã·ì϶ÓÚ2017Äê10Ô±»¹«¿ª¡£Æ¾¾ÝESETµÄ±íÊö £¬ÕâЩ·ì϶¿ÉÄÜÔÊÐí¹¥»÷ÕßÖ´ÐÐDoS¹¥»÷¡¢·ÛËéÍøÂçͨѶ»ò³Á²¥¹¥»÷ £¬À¹½ØºÍ½âÃÜÓû§´«ÊäµÄÃÜÂë»ò»á»°µÈÃô¸ÐÐÅÏ¢ £¬Î±ÔìÊý¾Ý°üÉõÖÁ×¢ÈëÐÂÊý¾Ý°üµÈ¡£ESETÓÚ2018Äê10ÔÂ23ÈÕ֪ͨÁËÑÇÂíÑ· £¬ÑÇÂíÑ·ÔÚ2019Äê1ÔÂÒÑÏòÊÜÓ°ÏìµÄÉè±¸ÍÆËÍÁËÓйؽ¨¸´²¹¶¡¡£


Ô­ÎÄÁ´½Ó£º

https://www.bleepingcomputer.com/news/security/millions-of-amazon-echo-and-kindle-devices-affected-by-wifi-bug/

5¡¢Linux sudoȨÏÞÈÆ¹ý·ì϶ £¬Äܹ»rootȨÏÞÖ´ÐкÅÁî


mansion88Ã÷Éý|Ö÷Ò³


Linux sudoÆØ³öÌáȨ·ì϶ £¬¿ÉÈÆ¹ýRunasÓû§ÏÞ¶ÈÒÔrootȨÏÞÖ´ÐкÅÁî¡£¸Ã·ì϶£¨CVE-2019-14287£©ÓÉÆ»¹ûÐÅÏ¢°²È«ÊýÃŵÄJoe Vennix·¢ÏÖ £¬ÈôÊǽ«sudoÅäÖÃΪÔÊÐíÓû§ÒÔËÁÒâÓû§Éí·ÝÔËÐкÅÁî £¬ÔòÄܹ»Í¨¹ýÖ¸¶¨Óû§IDΪ-1»ò4294967295µÄ·½Ê½ÒÔrootÉí·ÝÔËÐкÅÁî¡£ÕâÊÇÓÉÓÚ½«Óû§IDת»»ÎªÓû§ÃûµÄº¯Êý £¬»á½«-1£¨»òµÈЧµÄ4294967295£©ÎóÒÔΪ0 £¬¶øÕâÕýºÃÊÇrootÓû§µÄUser ID¡£´Ë±í £¬ÓÉÓÚͨ¹ý-uÑ¡ÏîÖ¸¶¨µÄUser IDÔÚÃÜÂëÊý¾Ý¿âÖв»´æÔÚ £¬Òò¶ø²»»áÔËÐÐÈκÎPAM»á»°Ä£¿é¡£¸Ã·ì϶ӰÏì°æ±¾1.8.28֮ǰµÄËùÓÐSudo°æ±¾¡£

Ô­ÎÄÁ´½Ó£º
https://www.sudo.ws/alerts/minus_1_uid.html