Full Disclosure

Syndicate content
A public, vendor-neutral forum for detailed discussion of vulnerabilities and exploitation techniques, as well as tools, papers, news, and events of interest to the community. The relaxed atmosphere of this quirky list provides some comic relief and certain industry gossip. More importantly, fresh vulnerabilities sometimes hit this list many hours or days before they pass through the Bugtraq moderation queue.
Updated: 1 year 24 weeks ago

Backdoor.Win32.Hupigon.afjk / Directory Traversal

28 September, 2021 - 11:12

Posted by malvuln on Sep 28

Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/8dc8abc99c1e7908fe9d048a4e360960_B.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Hupigon.afjk
Vulnerability: Directory Traversal
Description: The malware deploys a Web server listening on TCP port 80.
Third-party attackers who can reach an infected host can read any file on
the system using "../"...

Backdoor.Win32.Hupigon.afjk / Authentication Bypass RCE

28 September, 2021 - 11:12

Posted by malvuln on Sep 28

Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/8dc8abc99c1e7908fe9d048a4e360960.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Hupigon.afjk
Vulnerability: Authentication Bypass RCE
Description: The malware runs an FTP server on TCP port 2121. Third-party
attackers who can reach infected systems can logon using any
username/password combination. Intruders...

Backdoor.Win32.Hupigon.fjcd / Unauthenticated Open Proxy

28 September, 2021 - 11:12

Posted by malvuln on Sep 28

Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/284f36e35db6a0aa9a493f39d834367e.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Hupigon.fjcd
Vulnerability: Unauthenticated Open Proxy
Description: The malware listens on TCP ports 8080, 1080. Third-party
attackers who can connect to the infected system can relay requests from
the original connection to the...

Backdoor.Win32.RmtSvc.l / Remote Denial of Service

28 September, 2021 - 11:12

Posted by malvuln on Sep 28

Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/38f9ee3ce51ead0ce6bf2edcaa462611.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.RmtSvc.l
Vulnerability: Remote Denial of Service
Description: The malware listens on TCP port 7778. Third-party attackers
who can reach infected systems can send a specially crafted junk HTTP
CONNECT request to trigger an access...

Backdoor.Win32.Agent.aer / Insecure Transit Password Disclosure

28 September, 2021 - 11:12

Posted by malvuln on Sep 28

Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/9576a6a59715a69be499fa41d6383a64_B.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Agent.aer
Vulnerability: Insecure Transit Password Disclosure
Description: The malware listens on TCP port 1080 and passes logon
credentials in plaintext via a URL query string using the HTTP GET request
method.
Third party...

Backdoor.Win32.Agent.aer / Remote Denial of Service

28 September, 2021 - 11:12

Posted by malvuln on Sep 28

Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/9576a6a59715a69be499fa41d6383a64.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Agent.aer
Vulnerability: Remote Denial of Service
Description: The malware listens on TCP port 1080. Third-party attackers
who can reach infected systems can send a specially crafted junk payload
for the logon credentials to trigger...

Trojan-Downloader.Win32.VB.abb / Insecure Permissions

28 September, 2021 - 11:12

Posted by malvuln on Sep 28

Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/8f81373b0f0e6f60206a1a707de2ed77.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Trojan-Downloader.Win32.VB.abb
Vulnerability: Insecure Permissions
Description: The malware creates an executable with an ".axd" extension and
insecure permissions under c:\ drive granting change (C) permissions to the
authenticated user...

Google Extensible Service Proxy v1 - CWE-287 Improper Authentication

28 September, 2021 - 11:12

Posted by Imre Rad on Sep 28

Extensible Service Proxy (a.k.a. ESP) is an open source software by
Google assisting Cloud Endpoints, a product on Google Cloud Platform.
ESPv1 is an nginx based proxy which enables API management
capabilities for JSON/REST or gRPC API services.

In a typical deployment, ESP is running and fronting the backend
service on the same host (the backend listening in a private network
namespace which is accessible to the public only through ESP). In...

APPLE-SA-2021-09-23-1 iOS 12.5.5

24 September, 2021 - 09:15

Posted by Apple Product Security via Fulldisclosure on Sep 24

APPLE-SA-2021-09-23-1 iOS 12.5.5

iOS 12.5.5 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT212824.

CoreGraphics
Available for: iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad
mini 2, iPad mini 3, and iPod touch (6th generation)
Impact: Processing a maliciously crafted PDF may lead to arbitrary
code execution. Apple is aware of a report that this issue may have
been...

APPLE-SA-2021-09-23-2 Security Update 2021-006 Catalina

24 September, 2021 - 09:15

Posted by Apple Product Security via Fulldisclosure on Sep 24

APPLE-SA-2021-09-23-2 Security Update 2021-006 Catalina

Security Update 2021-006 Catalina addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT212825.

XNU
Available for: macOS Catalina
Impact: A malicious application may be able to execute arbitrary code
with kernel privileges. Apple is aware of reports that an exploit for
this issue exists in the wild.
Description: A type...

openvpn-monitor Cross-Site Request Forgery (CSRF)

24 September, 2021 - 09:11

Posted by Advisories on Sep 24

#############################################################
#
# COMPASS SECURITY ADVISORY
# https://www.compass-security.com/research/advisories/
#
#############################################################
#
# Product: openvpn-monitor
# Vendor: https://github.com/furlongm/openvpn-monitor
# CSNC ID: CSNC-2021-011
# CVE ID: CVE-2021-31604
# Subject: Cross-Site Request Forgery (CSRF)
# Severity: Medium
# Effect: Denial of Service
#...

openvpn-monitor OpenVPN Management Socket Command Injection

24 September, 2021 - 09:11

Posted by Advisories on Sep 24

#############################################################
#
# COMPASS SECURITY ADVISORY
# https://www.compass-security.com/research/advisories/
#
#############################################################
#
# Product: openvpn-monitor
# Vendor: https://github.com/furlongm/openvpn-monitor
# CSNC ID: CSNC-2021-010
# CVE ID: CVE-2021-31605
# Subject: OpenVPN Management Socket Command Injection
# Severity: High
# Effect: Denial of...

openvpn-monitor Authorization Bypass

24 September, 2021 - 09:11

Posted by Advisories on Sep 24

#############################################################
#
# COMPASS SECURITY ADVISORY
# https://www.compass-security.com/research/advisories/
#
#############################################################
#
# Product: openvpn-monitor
# Vendor: https://github.com/furlongm/openvpn-monitor
# CSNC ID: CSNC-2021-009
# CVE ID: CVE-2021-31606
# Subject: Authorization Bypass
# Severity: Medium
# Effect: Denial of Service
# Author:...

Backdoor.Win32.Minilash.10.b / Remote Denial of Service (UDP Datagram)

21 September, 2021 - 11:04

Posted by malvuln on Sep 21

Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/3c407448a00b2d53b2418f53b66d5b6b.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Minilash.10.b
Vulnerability: Remote Denial of Service (UDP Datagram)
Description: The Minilash malware listens on TCP 6711 and UDP port 60000.
Third-party attackers who can reach infected systems can send a specially
crafted junk...

Backdoor.Win32.Hupigon.asqx / Unauthenticated Open Proxy

21 September, 2021 - 11:04

Posted by malvuln on Sep 21

Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/a344b767d58b6c83b92bb868727e021c.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Hupigon.asqx
Vulnerability: Unauthenticated Open Proxy
Description: The malware listens on TCP port 8080. Third-party attackers
who can connect to the infected system can relay requests from the original
connection to the...

Trojan.Win32.Agent.xaamkd / Insecure Permissions

21 September, 2021 - 11:04

Posted by malvuln on Sep 21

Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/095651e1704b501123b41ea2e9736820.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Trojan.Win32.Agent.xaamkd
Vulnerability: Insecure Permissions
Description: The malware creates an dir with insecure permissions under c:\
drive and grants change (C) permissions to the authenticated user group.
Standard users can rename the...

APPLE-SA-2021-09-20-10 iTunes 12.12 for Windows

21 September, 2021 - 11:04

Posted by product-security-noreply--- via Fulldisclosure on Sep 21

APPLE-SA-2021-09-20-10 iTunes 12.12 for Windows

iTunes 12.12 for Windows addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT212817.

ImageIO
Available for: Windows 10 and later
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution
Description: This issue was addressed with improved checks.
CVE-2021-30835: Ye Zhang of Baidu Security
CVE-2021-30847:...

APPLE-SA-2021-09-20-9 iTunes U 3.8.3

21 September, 2021 - 11:04

Posted by product-security-noreply--- via Fulldisclosure on Sep 21

APPLE-SA-2021-09-20-9 iTunes U 3.8.3

iTunes U 3.8.3 addresses the following issues. Information about
the security content is also available at
https://support.apple.com/HT212809.

iTunes U
Available for: iOS 12.4 and later or iPadOS 12.4 and later
Impact: Processing a maliciously crafted URL may lead to arbitrary
javascript code execution
Description: A validation issue was addressed with improved input
sanitization.
CVE-2021-30862: Giyas...

APPLE-SA-2021-09-20-8 Additional information for APPLE-SA-2021-09-13-4 Security Update 2021-005 Catalina

21 September, 2021 - 11:04

Posted by product-security-noreply--- via Fulldisclosure on Sep 21

APPLE-SA-2021-09-20-8 Additional information for
APPLE-SA-2021-09-13-4 Security Update 2021-005 Catalina

Security Update 2021-005 Catalina addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT212805.

CoreGraphics
Available for: macOS Catalina
Impact: Processing a maliciously crafted PDF may lead to arbitrary
code execution. Apple is aware of a report that this issue may have...

APPLE-SA-2021-09-20-7 Additional information for APPLE-SA-2021-09-13-3 macOS Big Sur 11.6

21 September, 2021 - 11:04

Posted by product-security-noreply--- via Fulldisclosure on Sep 21

APPLE-SA-2021-09-20-7 Additional information for
APPLE-SA-2021-09-13-3 macOS Big Sur 11.6

macOS Big Sur 11.6 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT212804.

CoreGraphics
Available for: macOS Big Sur
Impact: Processing a maliciously crafted PDF may lead to arbitrary
code execution. Apple is aware of a report that this issue may have
been actively exploited....