Security News

Bugtraq: On Second Thought...

Security Focus Vulnerabilities - 18 min 48 sec ago
On Second Thought...

Bugtraq: Re: BugTraq Shutdown

Security Focus Vulnerabilities - 18 min 48 sec ago
Re: BugTraq Shutdown

Bugtraq: Re: [SECURITY] [DSA 4628-1] php7.0 security update

Security Focus Vulnerabilities - 18 min 48 sec ago
Re: [SECURITY] [DSA 4628-1] php7.0 security update

Bugtraq: BugTraq Shutdown

Security Focus Vulnerabilities - 18 min 48 sec ago
BugTraq Shutdown

More rss feeds from SecurityFocus

Security Focus Vulnerabilities - 18 min 48 sec ago
News, Infocus, Columns, Vulnerabilities, Bugtraq ...

CVE-2021-28321-CVE-2021-28323: elevation of privileges in Microsoft Diaghub

Full Disclosure - 19 April, 2021 - 21:19

Posted by Imre Rad on Apr 19

The Microsoft (R) Diagnostics Hub Standard Collector Service is a
default component of Microsoft Windows operating system. This report
is about a flaw in the Diagnostics Hub Standard Collector Service DCOM
class that is available to all users of the OS (includes NT
AUTHORITY\Authenticated Users).
The service was vulnerable to directory traversal which could lead
data tampering and dropping files to arbitrary directories with
overall impact of...

[CVE-2021-1472/CVE-2021-1473] Cisco RV Series Authentication Bypass and Remote Command Execution

Full Disclosure - 19 April, 2021 - 21:19

Posted by Takeshi Shiomitsu on Apr 19

IoT Inspector Research Lab Security Advisory IOT-20210414-0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
title: Cisco RV series Authentication Bypass and Remote Command
Execution
vendor/product: Cisco (https://www.cisco.com/)
vulnerable version: RV16X/RV26X: 1.0.01.02 & below.
RV34X: 1.0.03.20 & below.
fixed version: RV16X/RV26X:...

Trojan.Win32.Agent.hsm / Insecure Permissions

Full Disclosure - 19 April, 2021 - 21:19

Posted by malvuln on Apr 19

Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/c58d5aecd223ac95ae5fab6dcd69e953.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Trojan.Win32.Agent.hsm
Vulnerability: Insecure Permissions
Description: Agent.hsm creates an insecure dir named "LOL" under c:\ drive
and grants change (C) permissions to the authenticated user group. Standard
users can rename the...

Constructor.Win32.Bifrose.ag / Local Stack Buffer Overflow

Full Disclosure - 19 April, 2021 - 21:19

Posted by malvuln on Apr 19

Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/db45a906a0a3747398b2b8a5faff5e44.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Constructor.Win32.Bifrose.ag
Vulnerability: Local Stack Buffer Overflow
Description: Bifrost crypted by Dr.G3NIUS, doesn't properly validate the IP
address when importing Bifrost settings (.set) files. The IP address offset
is located after a...

HEUR.Backdoor.Win32.Generic / Unauthenticated Open Proxy

Full Disclosure - 19 April, 2021 - 21:19

Posted by malvuln on Apr 19

Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/d7648b676dd139d1b7ba781816726510.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: HEUR.Backdoor.Win32.Generic
Vulnerability: Unauthenticated Open Proxy
Description: The backdoor creates a Windows service backed by an executable
named "1314.exe", it lives under C:\WINDOWS and listens on TCP ports 1080
and 8080....

Trojan.Win32.Bayrob.dtrg / Insecure Permissions

Full Disclosure - 19 April, 2021 - 21:19

Posted by malvuln on Apr 19

Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/2f3f0e9be7edb73e545fc49b5a78b4f0.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Trojan.Win32.Bayrob.dtrg
Vulnerability: Insecure Permissions
Description: Bayrob.dtrg creates an insecure dir named "mnfqzckna0dkc"
under c:\ drive and grants change (C) permissions to the authenticated user
group. Standard users can...

Trojan-Dropper.Win32.Agent.bjtzcp / Insecure Permissions

Full Disclosure - 19 April, 2021 - 21:19

Posted by malvuln on Apr 19

Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/2992b86d03c3922ed45fa09ef105f018.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Trojan-Dropper.Win32.Agent.bjtzcp
Vulnerability: Insecure Permissions
Description: Agent.bjtzcp creates an insecure dir named "Isrimss2018" under
c:\ drive and grants change (C) permissions to the authenticated user
group. Standard users...

Trojan.Win32.NanoBot.onh / Insecure Permissions

Full Disclosure - 19 April, 2021 - 21:19

Posted by malvuln on Apr 19

Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/9fff4c02274c0162880844f27ff91407.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Trojan.Win32.NanoBot.onh
Vulnerability: Insecure Permissions
Description: NanoBot.onh creates an insecure dir named "AppData" under c:\
drive and grants change (C) permissions to the authenticated user group.
Standard users can rename...

Trojan.Win32.Agentb.iofv / Insecure Permissions

Full Disclosure - 19 April, 2021 - 21:19

Posted by malvuln on Apr 19

Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/d4ac133a9df0c627f899bb6039d04215.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Trojan.Win32.Agentb.iofv
Vulnerability: Insecure Permissions
Description: Agentb.iofv creates an insecure dir named "drivr" under c:\
drive and grants change (C) permissions to the authenticated user group.
Standard users can rename the...

Backdoor.Win32.Zombam.h / Remote Stack Buffer Overflow

Full Disclosure - 19 April, 2021 - 21:19

Posted by malvuln on Apr 19

Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/55feab480a43727c8a08feb7344afb4a.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Zombam.h
Vulnerability: Remote Stack Buffer Overflow
Description: Zombam.h HTTP RAT v01.b by z0mbie, creates a backdoor file
named "httpserver.exe" that listens on TCP port 80. Attackers who can reach
the backdoor can send...

HEUR.Hoax.Win32.FrauDrop.gen / Insecure Permissions

Full Disclosure - 19 April, 2021 - 21:19

Posted by malvuln on Apr 19

Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/1d40e72fb8cf300298df4b828b48ec29.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: HEUR.Hoax.Win32.FrauDrop.gen
Vulnerability: Insecure Permissions
Description: FrauDrop.gen creates an insecure dir named "newdnswatch" under
c:\ drive and grants change (C) permissions to the authenticated user
group. Standard users can...

Trojan.Win32.Agent.zfgh / Insecure Permissions

Full Disclosure - 19 April, 2021 - 21:19

Posted by malvuln on Apr 19

Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/a2017b547da2f06c6d7c02398cc481f6.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Trojan.Win32.Agent.zfgh
Vulnerability: Insecure Permissions
Description: Agent.zfgh creates an hidden insecure dir named "drv" under
c:\ drive and grants change (C) permissions to the authenticated user
group. Standard users can rename...

Trojan.Win32.Jorik.qje / Insecure Permissions

Full Disclosure - 19 April, 2021 - 21:19

Posted by malvuln on Apr 19

Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/982479ad10ff048d566516254051e17e.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Trojan.Win32.Jorik.qje
Vulnerability: Insecure Permissions
Description: Jorik.qje creates an insecure dir named "oDetnlQD" under c:\
drive and grants change (C) permissions to the authenticated user group.
Standard users can rename the...

[CVE-2021-20989, CVE-2021-20990, CVE-2021-20991, CVE-2021-20992] Multiple vulnerabilities in Fibaro Home Center

Full Disclosure - 19 April, 2021 - 21:19

Posted by research on Apr 19

IoT Inspector Research Lab Advisory IOT-20210408-0

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~

title: Multiple vulnerabilities

vendor/product: Fibaro Home Center Light / Fibaro Home Center 2

https://www.fibaro.com/

vulnerable version: 4.600 and older

fixed version: 4.610

CVE number: CVE-2021-20989, CVE-2021-20990, CVE-2021-20991,...

Plantronics HUB <= 3.21 EoP and DoS

Full Disclosure - 19 April, 2021 - 21:19

Posted by Red Timmy Security on Apr 19

CVSS 3.0 score:
7.8 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)

Description of the Vulnerable Product
Poly is a company with an annual revenue of 1,2 USD billion per year.
They are behind the Plantronics brand producing audio devices for the
segments business and consumer. Their software, Plantronics HUB, allows
end users to customize the settings and view the status of the audio
device plugged in the PC.

Product Homepage:...
Syndicate content