SOLDIERX.COM Nobody Can Stop Information Insemination

Posted by malvuln on Sep 28

Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/8dc8abc99c1e7908fe9d048a4e360960_B.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Hupigon.afjk
Vulnerability: Directory Traversal
Description: The malware deploys a Web server listening on TCP port 80.
Third-party attackers who can reach an infected host can read any file on
the system using "../"...

Posted by malvuln on Sep 28

Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/8dc8abc99c1e7908fe9d048a4e360960.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Hupigon.afjk
Vulnerability: Authentication Bypass RCE
Description: The malware runs an FTP server on TCP port 2121. Third-party
attackers who can reach infected systems can logon using any
username/password combination. Intruders...

Posted by malvuln on Sep 28

Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/284f36e35db6a0aa9a493f39d834367e.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Hupigon.fjcd
Vulnerability: Unauthenticated Open Proxy
Description: The malware listens on TCP ports 8080, 1080. Third-party
attackers who can connect to the infected system can relay requests from
the original connection to the...

Posted by malvuln on Sep 28

Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/38f9ee3ce51ead0ce6bf2edcaa462611.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.RmtSvc.l
Vulnerability: Remote Denial of Service
Description: The malware listens on TCP port 7778. Third-party attackers
who can reach infected systems can send a specially crafted junk HTTP
CONNECT request to trigger an access...

Posted by malvuln on Sep 28

Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/9576a6a59715a69be499fa41d6383a64_B.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Agent.aer
Vulnerability: Insecure Transit Password Disclosure
Description: The malware listens on TCP port 1080 and passes logon
credentials in plaintext via a URL query string using the HTTP GET request
method.
Third party...

Posted by malvuln on Sep 28

Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/9576a6a59715a69be499fa41d6383a64.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Agent.aer
Vulnerability: Remote Denial of Service
Description: The malware listens on TCP port 1080. Third-party attackers
who can reach infected systems can send a specially crafted junk payload
for the logon credentials to trigger...

Posted by malvuln on Sep 28

Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/8f81373b0f0e6f60206a1a707de2ed77.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Trojan-Downloader.Win32.VB.abb
Vulnerability: Insecure Permissions
Description: The malware creates an executable with an ".axd" extension and
insecure permissions under c:\ drive granting change (C) permissions to the
authenticated user...

Posted by Imre Rad on Sep 28

Extensible Service Proxy (a.k.a. ESP) is an open source software by
Google assisting Cloud Endpoints, a product on Google Cloud Platform.
ESPv1 is an nginx based proxy which enables API management
capabilities for JSON/REST or gRPC API services.

In a typical deployment, ESP is running and fronting the backend
service on the same host (the backend listening in a private network
namespace which is accessible to the public only through ESP). In...

Posted by Apple Product Security via Fulldisclosure on Sep 24

APPLE-SA-2021-09-23-1 iOS 12.5.5

iOS 12.5.5 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT212824.

CoreGraphics
Available for: iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad
mini 2, iPad mini 3, and iPod touch (6th generation)
Impact: Processing a maliciously crafted PDF may lead to arbitrary
code execution. Apple is aware of a report that this issue may have
been...

Posted by Apple Product Security via Fulldisclosure on Sep 24

APPLE-SA-2021-09-23-2 Security Update 2021-006 Catalina

Security Update 2021-006 Catalina addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT212825.

XNU
Available for: macOS Catalina
Impact: A malicious application may be able to execute arbitrary code
with kernel privileges. Apple is aware of reports that an exploit for
this issue exists in the wild.
Description: A type...

Posted by Advisories on Sep 24

#############################################################
#
# COMPASS SECURITY ADVISORY
# https://www.compass-security.com/research/advisories/
#
#############################################################
#
# Product: openvpn-monitor
# Vendor: https://github.com/furlongm/openvpn-monitor
# CSNC ID: CSNC-2021-011
# CVE ID: CVE-2021-31604
# Subject: Cross-Site Request Forgery (CSRF)
# Severity: Medium
# Effect: Denial of Service
#...

Posted by Advisories on Sep 24

#############################################################
#
# COMPASS SECURITY ADVISORY
# https://www.compass-security.com/research/advisories/
#
#############################################################
#
# Product: openvpn-monitor
# Vendor: https://github.com/furlongm/openvpn-monitor
# CSNC ID: CSNC-2021-010
# CVE ID: CVE-2021-31605
# Subject: OpenVPN Management Socket Command Injection
# Severity: High
# Effect: Denial of...

Posted by Advisories on Sep 24

#############################################################
#
# COMPASS SECURITY ADVISORY
# https://www.compass-security.com/research/advisories/
#
#############################################################
#
# Product: openvpn-monitor
# Vendor: https://github.com/furlongm/openvpn-monitor
# CSNC ID: CSNC-2021-009
# CVE ID: CVE-2021-31606
# Subject: Authorization Bypass
# Severity: Medium
# Effect: Denial of Service
# Author:...

Posted by malvuln on Sep 21

Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/3c407448a00b2d53b2418f53b66d5b6b.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Minilash.10.b
Vulnerability: Remote Denial of Service (UDP Datagram)
Description: The Minilash malware listens on TCP 6711 and UDP port 60000.
Third-party attackers who can reach infected systems can send a specially
crafted junk...

Posted by malvuln on Sep 21

Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/a344b767d58b6c83b92bb868727e021c.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Hupigon.asqx
Vulnerability: Unauthenticated Open Proxy
Description: The malware listens on TCP port 8080. Third-party attackers
who can connect to the infected system can relay requests from the original
connection to the...

Posted by malvuln on Sep 21

Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/095651e1704b501123b41ea2e9736820.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Trojan.Win32.Agent.xaamkd
Vulnerability: Insecure Permissions
Description: The malware creates an dir with insecure permissions under c:\
drive and grants change (C) permissions to the authenticated user group.
Standard users can rename the...

Posted by product-security-noreply--- via Fulldisclosure on Sep 21

APPLE-SA-2021-09-20-10 iTunes 12.12 for Windows

iTunes 12.12 for Windows addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT212817.

ImageIO
Available for: Windows 10 and later
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution
Description: This issue was addressed with improved checks.
CVE-2021-30835: Ye Zhang of Baidu Security
CVE-2021-30847:...

Posted by product-security-noreply--- via Fulldisclosure on Sep 21

APPLE-SA-2021-09-20-9 iTunes U 3.8.3

iTunes U 3.8.3 addresses the following issues. Information about
the security content is also available at
https://support.apple.com/HT212809.

iTunes U
Available for: iOS 12.4 and later or iPadOS 12.4 and later
Impact: Processing a maliciously crafted URL may lead to arbitrary
javascript code execution
Description: A validation issue was addressed with improved input
sanitization.
CVE-2021-30862: Giyas...

Posted by product-security-noreply--- via Fulldisclosure on Sep 21

APPLE-SA-2021-09-20-8 Additional information for
APPLE-SA-2021-09-13-4 Security Update 2021-005 Catalina

Security Update 2021-005 Catalina addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT212805.

CoreGraphics
Available for: macOS Catalina
Impact: Processing a maliciously crafted PDF may lead to arbitrary
code execution. Apple is aware of a report that this issue may have...

Posted by product-security-noreply--- via Fulldisclosure on Sep 21

APPLE-SA-2021-09-20-7 Additional information for
APPLE-SA-2021-09-13-3 macOS Big Sur 11.6

macOS Big Sur 11.6 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT212804.

CoreGraphics
Available for: macOS Big Sur
Impact: Processing a maliciously crafted PDF may lead to arbitrary
code execution. Apple is aware of a report that this issue may have
been actively exploited....