Full Disclosure

Syndicate content
A public, vendor-neutral forum for detailed discussion of vulnerabilities and exploitation techniques, as well as tools, papers, news, and events of interest to the community. The relaxed atmosphere of this quirky list provides some comic relief and certain industry gossip. More importantly, fresh vulnerabilities sometimes hit this list many hours or days before they pass through the Bugtraq moderation queue.
Updated: 4 min 55 sec ago

Re: [SECURITY] CVE-2013-4444 Remote Code Execution in Apache Tomcat

6 January, 2021 - 16:43

Posted by Mark Thomas on Jan 06


[KIS-2021-01] IPS Community Suite <= 4.5.4 (Downloads REST API) SQL Injection Vulnerability

6 January, 2021 - 16:35

Posted by Egidio Romano on Jan 06

-----------------------------------------------------------------------------
IPS Community Suite <= 4.5.4 (Downloads REST API) SQL Injection Vulnerability
-----------------------------------------------------------------------------

[-] Software Link:

https://invisioncommunity.com

[-] Affected Versions:

Version 4.5.4 and prior versions.

[-] Vulnerability Description:

The vulnerability is located within the...

Backdoor.Win32.Zombam.k / Remote Stack Buffer Overflow

6 January, 2021 - 16:26

Posted by malvuln on Jan 06

Discovery / credits: malvuln - Malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/79d9908b6769e64f922e74a090f5ceeb.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Zombam.k
Vulnerability: Remote String Dereference Stack Buffer Overflow

Description: HTTP RAT 0.21 Backdoor Webserver By z0mbie, create's on the
fly executable backdoors that can listen on various ports you specify. The
main...

Files.com - Auth Bypass (Fat Client)

6 January, 2021 - 16:24

Posted by Balázs Hambalkó on Jan 06

Hi,

Vendor: Files.com
Product: Fat Client
Tested version: 3.3.6 but newer version high likely also affected
Credit: Balazs Hambalko, IT Security Consultant

This vulnerability was identified and reported promptly to the vendor in
April 2020.
The answer was they do not see any risk here.

Anyway I would like to share my POC video, only for learning purposes.

According to the vendor, there is no risk here, on the other hand, I built
up a...

CVE-2020-24386: IMAP hibernation allows accessing other peoples mail

6 January, 2021 - 16:23

Posted by Aki Tuomi on Jan 06

Open-Xchange Security Advisory 2021-01-04

Product: Dovecot
Vendor: OX Software GmbH
Internal reference: DOP-2009 (Bug ID)
Vulnerability type: CWE-150: Improper Neutralization of Escape, Meta, or
Control Sequences
Vulnerable version: 2.2.26-2.3.11.3
Vulnerable component: imap
Report confidence: Confirmed
Solution status: Fixed by Vendor
Fixed version: 2.3.13
Vendor notification: 2020-08-17
Solution date: 2020-08-27
Public disclosure: 2021-01-04...

CVE-2020-24386: IMAP hibernation allows accessing other peoples mail

6 January, 2021 - 16:23

Posted by Aki Tuomi on Jan 06

Open-Xchange Security Advisory 2021-01-04

Product: Dovecot
Vendor: OX Software GmbH
Internal reference: DOV-4113 (Bug ID)
Vulnerability type: CWE-20: Improper Input Validation
Vulnerable version: 2.3.11-2.3.11.3
Vulnerable component: lda, lmtp, imap
Report confidence: Confirmed
Solution status: Fixed by Vendor
Fixed version: 2.3.13
Vendor notification: 2020-09-10
Solution date: 2020-09-14
Public disclosure: 2021-01-04
CVE reference:...

Threat: Trojan.Win32.Antavka.bz / Insecure Permissions EoP

3 January, 2021 - 17:58

Posted by malvuln on Jan 03

Discovery / credits: malvuln - Malvuln.com (c) 2021
Original source:
http://malvuln.com/advisory/2e4573d8925be404a9a1ff49ee2f5bc3.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Trojan.Win32.Antavka.bz
Vulnerability: Insecure Permissions EoP
Description: Change permissions are granted to authenticated users on
the C:\Temp dir housing the malware.

Type: PE32
MD5: 2e4573d8925be404a9a1ff49ee2f5bc3
Vuln ID: MVID-2021-0001...

WIN32 BACKDOOR - 2019-02-ARTRADOWNLOADER / Remote SEH Buffer Overflow and Insecure Permissions

3 January, 2021 - 17:58

Posted by malvuln on Jan 03

Discovery / credits: malvuln - Malvuln.com (c) 2021
Original source:
http://malvuln.com/advisory/8d42c01180be7588a2a68ad96dd0cf85.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: WIN32 BACKDOOR - 2019-02-ARTRADOWNLOADER
Vulnerabilities: Remote SEH Buffer Overflow and Insecure Permissions
Description: Remote SEH Buffer Overflow on server response port 80.
Change permissions are granted to authenticated users on the c:\intel...

Backdoor.Win32.Infexor.b / Remote Buffer Overflow

3 January, 2021 - 17:58

Posted by malvuln on Jan 03

Discovery / credits: malvuln - Malvuln.com (c) 2021
Original source:
http://malvuln.com/advisory/34c09f7fd6668c89a59ebdc8f12d1e7b.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Infexor.b
Vulnerability: Buffer Overflow
Description: Remote SEH Stack Buffer Overflow on HTTP server response
when connecting to TCP Port 13.

Type: PE32
MD5: 34c09f7fd6668c89a59ebdc8f12d1e7b
Vuln ID: MVID-2021-0010
Dropped files:...

Trojan.Win32.Barjac / Remote Stack Buffer Overflow.

3 January, 2021 - 17:58

Posted by malvuln on Jan 03

Discovery / credits: malvuln - Malvuln.com (c) 2021
Original source:
http://malvuln.com/advisory/62ad686f97faaa68f580d32d25333f51.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Trojan.Win32.Barjac
Vulnerability: Remote Stack Buffer Overflow.
Description: Trojan.Win32.Barjac makes SMTP connection to Port 25,
upon processing the server response we control, we overwrite
instruction pointer (EIP), undermining the integrity of...

Trojan.Win32.Bayrob.cgau / Insecure Permissions EoP (SYSTEM)

3 January, 2021 - 17:58

Posted by malvuln on Jan 03

Discovery / credits: malvuln - Malvuln.com (c) 2021
Original source:
http://malvuln.com/advisory/099a169f81089dc493ea300ef0309f70.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Trojan.Win32.Bayrob.cgau
Vulnerability: Insecure Permissions EoP (SYSTEM)
Description: Change permissions are granted to authenticated users on
the C:\chvlcpvyoh dir housing the malware running with SYSTEM
integrity. The trojan creates Windows...

Email-Worm.Win32.Zhelatin.ago / Remote Stack Buffer Overflow

3 January, 2021 - 17:57

Posted by malvuln on Jan 03

Discovery / credits: malvuln - Malvuln.com (c) 2021
Original source:
http://malvuln.com/advisory/0418e7f95a8b94c035e10749234f8378.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Email-Worm.Win32.Zhelatin.ago
Vulnerability: Remote Stack Buffer Overflow
Description: Buffer overflow on server response TCP Port 80, upon
receiving 532 bytes or more we can overwrite insruction pointer (EIP)
to control program execution flow....

Trojan:Win32/Alyak.B / Remote Stack Corruption

3 January, 2021 - 17:57

Posted by malvuln on Jan 03

Discovery / credits: malvuln - Malvuln.com (c) 2021
Original source:
http://malvuln.com/advisory/6547f34243104ba6e21154ad96b799a5.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Trojan:Win32/Alyak.B
Vulnerability: Remote Stack Corruption
Description: Read access violation results in stack corruption and
crash. Specimen makes HTTP request for a plain text-file "1.txt" in
the "images" directory Port 80....

[KIS-2020-11] qdPM <= 9.1 (executeExport) PHP Object Injection Vulnerability

3 January, 2021 - 17:57

Posted by Egidio Romano on Jan 03

--------------------------------------------------------------
qdPM <= 9.1 (executeExport) PHP Object Injection Vulnerability
--------------------------------------------------------------

[-] Software Link:

http://qdpm.net

[-] Affected Versions:

Version 9.1 and prior versions.

[-] Vulnerability Description:

The vulnerability is located in the
/core/apps/qdPM/modules/timeReport/actions/actions.class.php
script, specifically within the...

BACKDOOR.WIN32.ADVERBOT / Remote Stack Corruption

3 January, 2021 - 17:57

Posted by malvuln on Jan 03

Discovery / credits: malvuln - Malvuln.com (c) 2021
Original source:
http://malvuln.com/advisory/9919c1e86a750dd6d4f0d2a851af29ea.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: BACKDOOR.WIN32.ADVERBOT
Vulnerability: Remote Stack Corruption
Description: Null instruction pointer read stack corruption when
connecting to an IRC server Port 6667.
The NetControl.File component allows connecting to server to IRC
servers to file...

BACKDOOR.WIN32.REMOTEMANIPULATOR / Insecure Permissions

3 January, 2021 - 17:57

Posted by malvuln on Jan 03

Discovery / credits: malvuln - Malvuln.com (c) 2021
Original source:
http://malvuln.com/advisory/82183b3d85311a39fb80ae07357594e5.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: BACKDOOR.WIN32.REMOTEMANIPULATOR
Vulnerability: Insecure Permissions
Description: Creates a dir Folder139 with insecure permissions as it
hands authenticated users change permissions (C). The backdoor drops
an EXE named audiohd.exe which is not...

Backdoor.Win32.Zombam.j / Remote Stack Buffer Overflow

3 January, 2021 - 17:57

Posted by malvuln on Jan 03

Discovery / credits: malvuln - Malvuln.com (c) 2021
Original source:
http://malvuln.com/advisory/a4212f23e1cc3bb34b0dfe15b2ad323e.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Zombam.j
Vulnerability: Remote Stack Buffer Overflow
Description: Listens on TCP port 80, sending consecutive HTTP requests
with incrementing payload results in stack buffer overflow of the
backdoor malware.

Type: PE32
MD5:...

HEUR.RISKTOOL.WIN32.BITMINER.GEN / Remote Memory Corruption

3 January, 2021 - 17:57

Posted by malvuln on Jan 03

Discovery / credits: malvuln - Malvuln.com (c) 2021
Original source:
http://malvuln.com/advisory/b85ae73dbbfff1d3b90cb7c78356f2a3.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: HEUR.RISKTOOL.WIN32.BITMINER.GEN
Vulnerability: Remote Memory Corruption
Description: Null pointer write access violation on server response to
an HTTP request to TCP port 8046. The program also connects to port 80
and respawns upon crashing....

TROJAN.WIN32.JORIK.DMSPAMMER.SZ / Remote Memory Corruption

3 January, 2021 - 17:57

Posted by malvuln on Jan 03

Discovery / credits: malvuln - Malvuln.com (c) 2021
Original source:
http://malvuln.com/advisory/bdcaed5042eba30f91b093f0bcb3caf3.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: TROJAN.WIN32.JORIK.DMSPAMMER.SZ
Vulnerability: Remote Memory Corruption
Description: Memory corruption on server response when making HTTP
POST request for PHP file named "stat1.php" on TCP Port 80.

Type: PE32
MD5:...

Phorpiex / Insecure permissions EoP

3 January, 2021 - 17:57

Posted by malvuln on Jan 03

Discovery / credits: malvuln - Malvuln.com (c) 2021
Original source:
http://malvuln.com/advisory/f4d7d721f68bc9a80aaf53bc184a3c58.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Phorpiex
Vulnerability: Insecure permissions EoP
Description: Change permissions are granted to authenticated users on
the dir housing the malware.

Type: PE32
MD5: f4d7d721f68bc9a80aaf53bc184a3c58
Vuln ID: MVID-2021-0007
Dropped files: svchost.exe...