Full Disclosure
A public, vendor-neutral forum for detailed discussion of vulnerabilities and exploitation techniques, as well as tools, papers, news, and events of interest to the community. The relaxed atmosphere of this quirky list provides some comic relief and certain industry gossip. More importantly, fresh vulnerabilities sometimes hit this list many hours or days before they pass through the Bugtraq moderation queue.
Updated: 19 hours 3 min ago
BACKDOOR.WIN32.AGENT.AMT / Authentication Bypass
Posted by malvuln on Mar 02
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024Original source:
https://malvuln.com/advisory/2a442d3da88f721a786ff33179c664b7.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.Agent.amt
Vulnerability: Authentication Bypass
Description: The malware can run an FTP server which listens on TCP port
2121. Third-party attackers who can reach infected systems can logon using
any username/password...
Backdoor.Win32.Jeemp.c / Cleartext Hardcoded Credentials
Posted by malvuln on Mar 02
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024Original source:
https://malvuln.com/advisory/d6b192a4027c7d635499133ca6ce067f.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.Jeemp.c
Vulnerability: Cleartext Hardcoded Credentials
Description: The malware listens on three TCP ports which are randomized
e.g. 9719,7562,8687,8948,7376,8396 so forth. There is an ESMTP server
component...
BACKDOOR.WIN32.AUTOSPY.10 / Unauthenticated Remote Command Execution
Posted by malvuln on Mar 02
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024Original source:
https://malvuln.com/advisory/b012704cad2bae6edbd23135394b9127.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.AutoSpy.10
Vulnerability: Unauthenticated Remote Command Execution
Description: The malware listens on TCP port 1008. Third party adversaries
who can reach an infected host can issue various commands made available by...
BACKDOOR.WIN32.ARMAGEDDON.R / Hardcoded Cleartext Credentials
Posted by malvuln on Mar 02
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024Original source:
https://malvuln.com/advisory/68d135936512e88cc0704b90bb3839e0.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.Armageddon.r
Vulnerability: Hardcoded Cleartext Credentials
Description: The malware listens on TCP port 5859 and requires
authentication. The password "KOrUPtIzEre" is stored in cleartext within
the PE file at...
Multilaser Router - Access Control Bypass through Cookie Manipulation - CVE-2023-38946
Posted by Vinícius Moraes on Mar 02
=====[Tempest Security Intelligence - Security Advisory -CVE-2023-38946]=======
Access Control Bypass in Multilaser router's Web Management Interface
Author: Vinicius Moraes < vinicius.moraes.w () gmail com >
=====[Table of
Contents]========================================================
1. Overview
2. Detailed description
3. Other contexts & solutions
4. Acknowledgements
5. Timeline
6. References
=====[1....
Multilaser Router - Access Control Bypass through URL Manipulation - CVE-2023-38945
Posted by Vinícius Moraes on Mar 02
=====[Tempest Security Intelligence - Security Advisory -CVE-2023-38945]=======
Access Control Bypass in Multilaser routers' Web Management Interface
Author: Vinicius Moraes < vinicius.moraes.w () gmail com >
=====[Table of
Contents]========================================================
1. Overview
2. Detailed description
3. Other contexts & solutions
4. Acknowledgements
5. Timeline
6. References
=====[1....
Multilaser Router - Access Control Bypass through Header Manipulation - CVE-2023-38944
Posted by Vinícius Moraes on Mar 02
=====[Tempest Security Intelligence - Security Advisory -CVE-2023-38944]=======
Access Control Bypass in Multilaser routers' Web Management Interface
Author: Vinicius Moraes < vinicius.moraes.w () gmail com >
=====[Table of
Contents]========================================================
1. Overview
2. Detailed description
3. Other contexts & solutions
4. Acknowledgements
5. Timeline
6. References
=====[1....
SEC Consult SA-20240220-0 :: Multiple Stored Cross-Site Scripting Vulnerabilities in OpenOLAT (Frentix GmbH)
Posted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on Feb 20
SEC Consult Vulnerability Lab Security Advisory < 20240220-0 >=======================================================================
title: Multiple Stored Cross-Site Scripting Vulnerabilities
product: OpenOLAT (Frentix GmbH)
vulnerable version: <= 18.1.4 and <= 18.1.5
fixed version: 18.1.6 / 18.2
CVE number: CVE-2024-25973, CVE-2024-25974
impact: High...
Re: Buffer Overflow in graphviz via via a crafted config6a file
Posted by Matthew Fernandez on Feb 20
The fix for this ended up landing in Graphviz 10.0.1, available athttps://graphviz.org/download/.
Details of this CVE (CVE-2023-46045) are now published, but the CPEs are
incomplete. For those who track such things, the affected range is
[2.36.0, 10.0.1).
CVE-2024-24681: Insecure AES key in Yealink Configuration Encrypt Tool
Posted by Jeroen J.A.W. Hermans via Fulldisclosure on Feb 20
CloudAware Security AdvisoryCVE-2024-24681: Insecure AES key in Yealink Configuration Encrypt Tool
========================================================================
Summary
========================================================================
A single, vendorwide, hardcoded AES key in the configuration tool used to
encrypt provisioning documents was leaked leading to a compromise of
confidentiality of provisioning documents....
Microsoft Windows Defender / Backdoor:JS/Relvelshe.A / Detection Mitigation Bypass
Posted by hyp3rlinx on Feb 20
[+] Credits: John Page (aka hyp3rlinx)[+] Website: hyp3rlinx.altervista.org
[+] Source:
https://hyp3rlinx.altervista.org/advisories/Windows_Defender_Backdoor_JS.Relvelshe.A_Detection_Mitigation_Bypass.txt
[+] twitter.com/hyp3rlinx
[+] ISR: ApparitionSec
[Vendor]
www.microsoft.com
[Product]
Windows Defender
[Vulnerability Type]
Detection Mitigation Bypass
Backdoor:JS/Relvelshe.A
[CVE Reference]
N/A
[Security Issue]
Back in 2022 I released a...
Microsoft Windows Defender / VBScript Detection Bypass
Posted by hyp3rlinx on Feb 20
[+] Credits: John Page (aka hyp3rlinx)[+] Website: hyp3rlinx.altervista.org
[+] Source:
https://hyp3rlinx.altervista.org/advisories/MICROSOFT_WINDOWS_DEFENDER_VBSCRIPT_TROJAN_MITIGATION_BYPASS.txt
[+] twitter.com/hyp3rlinx
[+] ISR: ApparitionSec
[Vendor]
www.microsoft.com
[Product]
Windows Defender
[Vulnerability Type]
Windows Defender VBScript Detection Mitigation Bypass
TrojanWin32Powessere.G
[CVE Reference]
N/A
[Security Issue]...
Microsoft Windows Defender / Trojan.Win32/Powessere.G / Detection Mitigation Bypass Part 3
Posted by hyp3rlinx on Feb 20
[+] Credits: John Page (aka hyp3rlinx)[+] Website: hyp3rlinx.altervista.org
[+] Source:
https://hyp3rlinx.altervista.org/advisories/MICROSOFT_WINDOWS_DEFENDER_TROJAN.WIN32.POWESSERE.G_MITIGATION_BYPASS_PART_3.txt
[+] twitter.com/hyp3rlinx
[+] ISR: ApparitionSec
[Vendor]
www.microsoft.com
[Product]
Windows Defender
[Vulnerability Type]
Windows Defender Detection Mitigation Bypass
TrojanWin32Powessere.G
[CVE Reference]
N/A
[Security Issue]...
- « first
- ‹ previous
- 1
- 2
- 3
- 4