Security News
Bugtraq: On Second Thought...
On Second Thought...
Bugtraq: Re: BugTraq Shutdown
Re: BugTraq Shutdown
Bugtraq: Re: [SECURITY] [DSA 4628-1] php7.0 security update
Re: [SECURITY] [DSA 4628-1] php7.0 security update
Bugtraq: BugTraq Shutdown
BugTraq Shutdown
More rss feeds from SecurityFocus
News, Infocus, Columns, Vulnerabilities, Bugtraq ...
CVE-2021-28321-CVE-2021-28323: elevation of privileges in Microsoft Diaghub
Posted by Imre Rad on Apr 19
The Microsoft (R) Diagnostics Hub Standard Collector Service is adefault component of Microsoft Windows operating system. This report
is about a flaw in the Diagnostics Hub Standard Collector Service DCOM
class that is available to all users of the OS (includes NT
AUTHORITY\Authenticated Users).
The service was vulnerable to directory traversal which could lead
data tampering and dropping files to arbitrary directories with
overall impact of...
[CVE-2021-1472/CVE-2021-1473] Cisco RV Series Authentication Bypass and Remote Command Execution
Posted by Takeshi Shiomitsu on Apr 19
IoT Inspector Research Lab Security Advisory IOT-20210414-0~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
title: Cisco RV series Authentication Bypass and Remote Command
Execution
vendor/product: Cisco (https://www.cisco.com/)
vulnerable version: RV16X/RV26X: 1.0.01.02 & below.
RV34X: 1.0.03.20 & below.
fixed version: RV16X/RV26X:...
Trojan.Win32.Agent.hsm / Insecure Permissions
Posted by malvuln on Apr 19
Discovery / credits: Malvuln - malvuln.com (c) 2021Original source:
https://malvuln.com/advisory/c58d5aecd223ac95ae5fab6dcd69e953.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Trojan.Win32.Agent.hsm
Vulnerability: Insecure Permissions
Description: Agent.hsm creates an insecure dir named "LOL" under c:\ drive
and grants change (C) permissions to the authenticated user group. Standard
users can rename the...
Constructor.Win32.Bifrose.ag / Local Stack Buffer Overflow
Posted by malvuln on Apr 19
Discovery / credits: Malvuln - malvuln.com (c) 2021Original source:
https://malvuln.com/advisory/db45a906a0a3747398b2b8a5faff5e44.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Constructor.Win32.Bifrose.ag
Vulnerability: Local Stack Buffer Overflow
Description: Bifrost crypted by Dr.G3NIUS, doesn't properly validate the IP
address when importing Bifrost settings (.set) files. The IP address offset
is located after a...
HEUR.Backdoor.Win32.Generic / Unauthenticated Open Proxy
Posted by malvuln on Apr 19
Discovery / credits: Malvuln - malvuln.com (c) 2021Original source:
https://malvuln.com/advisory/d7648b676dd139d1b7ba781816726510.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: HEUR.Backdoor.Win32.Generic
Vulnerability: Unauthenticated Open Proxy
Description: The backdoor creates a Windows service backed by an executable
named "1314.exe", it lives under C:\WINDOWS and listens on TCP ports 1080
and 8080....
Trojan.Win32.Bayrob.dtrg / Insecure Permissions
Posted by malvuln on Apr 19
Discovery / credits: Malvuln - malvuln.com (c) 2021Original source:
https://malvuln.com/advisory/2f3f0e9be7edb73e545fc49b5a78b4f0.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Trojan.Win32.Bayrob.dtrg
Vulnerability: Insecure Permissions
Description: Bayrob.dtrg creates an insecure dir named "mnfqzckna0dkc"
under c:\ drive and grants change (C) permissions to the authenticated user
group. Standard users can...
Trojan-Dropper.Win32.Agent.bjtzcp / Insecure Permissions
Posted by malvuln on Apr 19
Discovery / credits: Malvuln - malvuln.com (c) 2021Original source:
https://malvuln.com/advisory/2992b86d03c3922ed45fa09ef105f018.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Trojan-Dropper.Win32.Agent.bjtzcp
Vulnerability: Insecure Permissions
Description: Agent.bjtzcp creates an insecure dir named "Isrimss2018" under
c:\ drive and grants change (C) permissions to the authenticated user
group. Standard users...
Trojan.Win32.NanoBot.onh / Insecure Permissions
Posted by malvuln on Apr 19
Discovery / credits: Malvuln - malvuln.com (c) 2021Original source:
https://malvuln.com/advisory/9fff4c02274c0162880844f27ff91407.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Trojan.Win32.NanoBot.onh
Vulnerability: Insecure Permissions
Description: NanoBot.onh creates an insecure dir named "AppData" under c:\
drive and grants change (C) permissions to the authenticated user group.
Standard users can rename...
Trojan.Win32.Agentb.iofv / Insecure Permissions
Posted by malvuln on Apr 19
Discovery / credits: Malvuln - malvuln.com (c) 2021Original source:
https://malvuln.com/advisory/d4ac133a9df0c627f899bb6039d04215.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Trojan.Win32.Agentb.iofv
Vulnerability: Insecure Permissions
Description: Agentb.iofv creates an insecure dir named "drivr" under c:\
drive and grants change (C) permissions to the authenticated user group.
Standard users can rename the...
Backdoor.Win32.Zombam.h / Remote Stack Buffer Overflow
Posted by malvuln on Apr 19
Discovery / credits: Malvuln - malvuln.com (c) 2021Original source:
https://malvuln.com/advisory/55feab480a43727c8a08feb7344afb4a.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.Zombam.h
Vulnerability: Remote Stack Buffer Overflow
Description: Zombam.h HTTP RAT v01.b by z0mbie, creates a backdoor file
named "httpserver.exe" that listens on TCP port 80. Attackers who can reach
the backdoor can send...
HEUR.Hoax.Win32.FrauDrop.gen / Insecure Permissions
Posted by malvuln on Apr 19
Discovery / credits: Malvuln - malvuln.com (c) 2021Original source:
https://malvuln.com/advisory/1d40e72fb8cf300298df4b828b48ec29.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: HEUR.Hoax.Win32.FrauDrop.gen
Vulnerability: Insecure Permissions
Description: FrauDrop.gen creates an insecure dir named "newdnswatch" under
c:\ drive and grants change (C) permissions to the authenticated user
group. Standard users can...
Trojan.Win32.Agent.zfgh / Insecure Permissions
Posted by malvuln on Apr 19
Discovery / credits: Malvuln - malvuln.com (c) 2021Original source:
https://malvuln.com/advisory/a2017b547da2f06c6d7c02398cc481f6.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Trojan.Win32.Agent.zfgh
Vulnerability: Insecure Permissions
Description: Agent.zfgh creates an hidden insecure dir named "drv" under
c:\ drive and grants change (C) permissions to the authenticated user
group. Standard users can rename...
Trojan.Win32.Jorik.qje / Insecure Permissions
Posted by malvuln on Apr 19
Discovery / credits: Malvuln - malvuln.com (c) 2021Original source:
https://malvuln.com/advisory/982479ad10ff048d566516254051e17e.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Trojan.Win32.Jorik.qje
Vulnerability: Insecure Permissions
Description: Jorik.qje creates an insecure dir named "oDetnlQD" under c:\
drive and grants change (C) permissions to the authenticated user group.
Standard users can rename the...
[CVE-2021-20989, CVE-2021-20990, CVE-2021-20991, CVE-2021-20992] Multiple vulnerabilities in Fibaro Home Center
Posted by research on Apr 19
IoT Inspector Research Lab Advisory IOT-20210408-0~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~
title: Multiple vulnerabilities
vendor/product: Fibaro Home Center Light / Fibaro Home Center 2
https://www.fibaro.com/
vulnerable version: 4.600 and older
fixed version: 4.610
CVE number: CVE-2021-20989, CVE-2021-20990, CVE-2021-20991,...
Plantronics HUB <= 3.21 EoP and DoS
Posted by Red Timmy Security on Apr 19
CVSS 3.0 score:7.8 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
Description of the Vulnerable Product
Poly is a company with an annual revenue of 1,2 USD billion per year.
They are behind the Plantronics brand producing audio devices for the
segments business and consumer. Their software, Plantronics HUB, allows
end users to customize the settings and view the status of the audio
device plugged in the PC.
Product Homepage:...
