SOLDIERX.COM Nobody Can Stop Information Insemination

Posted by malvuln on Aug 31

Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/5d7908e7e95d0eb4a7351d24605e62a6.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Hupigon.abe
Vulnerability: Unauthenticated Open Proxy
Description: The malware listens on TCP port 8080. Third-party attackers
who can connect to the infected system can relay requests from the original
connection to the...

Posted by malvuln on Aug 31

Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/033ccd3a926441c49d3898dab97aefed.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Trojan-Proxy.Win32.Raznew.gen
Vulnerability: Unauthenticated Open Proxy
Description: The malware listens on TCP port 8080. Third-party attackers
who can connect to the infected system can relay requests from the original
connection to the...

Posted by malvuln on Aug 31

Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/5c644104f96ccad7a8cf324c2e523530.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.DarkKomet.aspl
Vulnerability: Insecure Permissions
Description: The malware creates an insecure dir under c:\ drive and grants
change (C) permissions to the authenticated user group. Standard users can
rename the executables dropped...

Posted by Marcin Kozlowski on Aug 31

Hi List,

If you are into Linux Kernel Security, check this out. It is a LLVM based
tool to audit Linux Kernel Modules Security:
https://github.com/marcinguy/dr_checker_4_linux using both pointer and
taint analyses that are flow-sensitive, context-sensitive, and
fieldsensitive on kernel drivers. It is port of Dr. Checker (great work,
kudos to authors at "The Computer Security Group at UC Santa Barbara"), to
newer Clang/LLVM 10 and...

Posted by Zemn mez on Aug 27

Hi seclists! I wanted to try posting some of my research here, and I think
this is the right list.

I recently published some research into Apple ID security that culminated
in an XSS on the Apple ID server -- that is, an attacker can pop out an
Apple login page that autofills your credentials and 2FA :)

In particular, it has several really interesting components in the chain:

- a Content Security Policy injection / bypass to slacken Javascript...

Posted by SEC Consult Vulnerability Lab on Aug 27

SEC Consult Vulnerability Lab Security Advisory < 20210827-0 >
=======================================================================
title: Authenticated RCE
product: BSCW Server
vulnerable version: BSCW Server <=5.0.11, <=5.1.9, <=5.2.3, <=7.3.2, <=7.4.2
fixed version: 5.0.12, 5.1.10, 5.2.4, 7.3.3, 7.4.3
CVE number: CVE-2021-39271
impact: high...

Posted by SEC Consult Vulnerability Lab on Aug 27

SEC Consult Vulnerability Lab Security Advisory < 20210827-1 >
=======================================================================
title: XML Tag injection
product: BSCW Server
vulnerable version: BSCW Server <=5.0.11, <=5.1.9, <=5.2.3, <=7.3.2, <=7.4.2
fixed version: 5.0.12, 5.1.10, 5.2.4, 7.3.3, 7.4.3
CVE number: CVE-2021-36359
impact: high...

Posted by SEC Consult Vulnerability Lab on Aug 20

SEC Consult Vulnerability Lab Security Advisory < 20210820-0 >
=======================================================================
title: Multiple Vulnerabilities in NetModule Router Software
product: NetModule Router Software (NRSW)
vulnerable version: Before 4.3.0.113, 4.4.0.111, 4.5.0.105
fixed version: 4.3.0.113, 4.4.0.111, 4.5.0.105
CVE number: CVE-2021-39289, CVE-2021-39290,...

Posted by SEC Consult Vulnerability Lab on Aug 19

SEC Consult Vulnerability Lab Security Advisory < 20210819-0 >
=======================================================================
title: Multiple Critical Vulnerabilities
product: Multiple Altus Sistemas de Automacao products:
Nexto NX30xx Series
Nexto NX5xxx Series
Nexto Xpress XP3xx Series
Hadron Xtorm HX3040 Series...

Posted by Gionathan Reale via Fulldisclosure on Aug 16

# Title: Cyberoam NetGenie (C0101B1-20141120-NG11VO) - Reflected Cross Site Scripting (XSS)# Date: 14.08.2021 # Credit:
Gionathan "John" Reale # Firmware Version: C0101B1-20141120-NG11VO#
CVE-2021-38702##################################################################################################################################
DESCRIPTION:
Cyberoam NetGenie C0101B1-20141120-NG11VO devices through 2021-08-14 allow...

Posted by Black Arch on Aug 16

Black Arch <blackarchlinux () gmail com>
Tue, Dec 1, 2020, 11:20 PM
to fulldisclosure

Dear list,

We've released new BlackArch Linux ISOs and OVA image (version
2021.09.01). Many improvements and QA went through all packages and
tools Blackarch Linux offers! For details see the ChangeLog below. The
BlackArch repository, Full-ISO and OVA image include more than 2700
tools now. The aarch64 repository is filled with about 2500 tools.

A...

Posted by malvuln on Aug 13

Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/6209db6e8cfd7c7a315ca858129bd226.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: HackTool.Win32.HKit
Vulnerability: Unauthenticated Remote Command Execution
Description: HaX0R'Z KiT -- v1.05 malware listens for telnet connections on
a specified port. Third-party attackers who can reach the system can
execute OS commands...

Posted by malvuln on Aug 13

Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/665a408981294ca49be23096363eec2f.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: HackTool.Win32.Hidd.b
Vulnerability: Remote Stack Buffer Overflow (UDP Datagram)
Description: The malware listens on UDP ports 52810 and 65423. Third-party
attackers who can reach an infected system can send a 479 byte payload to
port 65423 and...

Posted by malvuln on Aug 13

Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/bcfc89ca07bd0ad7b9396a0815c9fc39.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.IRCBot.gen
Vulnerability: Hardcoded Weak Password
Description: The malware listens on TCP port 13013. Authentication is
required for remote user access. However, the password "sexjerx" is weak
and hardcoded in plaintext...

Posted by malvuln on Aug 13

Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/55ce4b6c2ec10838c54dca54d96801d6.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Trojan-Proxy.Win32.Raznew.gen
Vulnerability: Unauthenticated Open Proxy
Description: The malware listens on TCP port 8080. Third-party attackers
who can connect to the infected system can relay requests from the original
connection to the...

Posted by Paragon Initiative Enterprises Security Team on Aug 13

__Background__

Once upon a time, the Auth0 team demonstrated several attacks against JWT
libraries that are still found to this day. You can read about their
research here:
https://auth0.com/blog/critical-vulnerabilities-in-json-web-token-libraries/

Or for a more fun spin on the issue, you can just check
https://www.howmanydayssinceajwtalgnonevuln.com

The two issues that were identified there were alg=none and substituting
HMAC over an...

Posted by Maurizio Ruchay on Aug 13

Advisory ID: SYSS-2021-042
Product: Tiny Java Web Server and Servlet Container
(TJWS)
Manufacturer: D. Rogatkin
Affected Versions: <= 1.115
Tested Versions: 1.107, 1.114
Vulnerability Type: Cross-Site Scripting (CWE-79)
Risk Level: Medium
Solution Status: Fixed
Manufacturer Notification: 2021-07-21
Solution Date: 2021-07-23...

Posted by RedTeam Pentesting GmbH on Aug 10

Advisory: XML External Entity Expansion in MobileTogether Server

RedTeam Pentesting discovered a vulnerability in the MobileTogether
server which allows users with access to at least one app to read
arbitrary, non-binary files from the file system and perform server-side
requests. The vulnerability can also be used to deny availability of the
system. As an example, this advisory shows the compromise of the
server's certificate and private...

Posted by Jeffrey Walton on Aug 10

That's nothing compared to Sharepoint and sharepointonline.com. I get
10 to 20 pieces of offensive emails daily from Microsoft's cesspool.
All using those useless redirects under the guise of "sharing a
document" with me and offering me sex.

Microsoft has more garbage spewing from their web properties than
Amazon, Google, IBM, Salesforce and Rackspace combined (based on my
experience).

sharepointonline.com is the crack...

Posted by Sivanesh Ashok on Aug 10

Author - Sivanesh Ashok | @sivaneshashok | stazot.com

Date : 2021-08-03
Vendor : https://facebook.com/
Version : *
Tested on : Version 329.0.0.29.120, Android 10
Last Modified : 2021-08-10

--[ Bug Description

Facebook for Android is vulnerable to a permission issue which allows
anyone with physical access to the Android device, to accept friend
requests without unlocking the phone. The bug works when the device's...