SOLDIERX.COM Nobody Can Stop Information Insemination

Posted by Yavuz on Feb 26

Hi all,

Vulmon Research is a platform dedicated to vulnerability discussions.
This project aims to provide an easy-to-use and stable environment for
vulnerability researchers to share their works with the community.

[ What you can do on Vulmon Research ]

* Share vulnerabilities
* Share exploits
* Share vulnerability analysis
* Share any information/opinion related to vulnerabilities

[ Link ]

* https://research.vulmon.com

[ Contact ]

Your...

Posted by Ryan Wincey on Feb 26

Document Title:

===============

VisualWare MyConnection Server 11.x Remote Code Execution Vulnerability

References (Source):

====================

https://www.securifera.com/advisories/cve-2021-27198/

https://myconnectionserver.visualware.com/download.html

Release Date:

=============

2020-02-25

Product & Service Introduction:

===============================

MCS tests, measures & reports the performance and health of any network...

Posted by Andrés Roldán via Fulldisclosure on Feb 26

A Double-Free bug was found in Squid versions 4.14 and 5.0.5 when
processing the "acl" directive on configuration files, more
specifically the first and second addresses.

This may allow arbitrary code execution on a Squid deployment on where the
configuration files may be processed from untrusted sources.

The following sample configuration file causes the overflow:

# cat heap.conf
acl localnet src...

Posted by malvuln on Feb 23

Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/a229acff4e0605ad24eaf3d9c44fdb1b.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.DarkKomet.irv
Vulnerability: Insecure Permissions
Description: DarkKomet.irv creates an insecure dir named "Windupdt" under
c:\ drive, granting change (C) permissions to authenticated user group.
Standard users can rename...

Posted by malvuln on Feb 23

Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/ee22eea131c0e00162e4ba370f396a00.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Trojan.Win32.Pluder.o
Vulnerability: Insecure Permissions
Description: Creates an insecure dir named "z_Drivers" under c:\ drive,
granting change (C) permissions to authenticated user group. Pluder.o also
creates several registry key...

Posted by malvuln on Feb 23

Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/9d296ebd6b4f79457fcc61e38dcce61e.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Trojan.Win32.Pincav.cmfl
Vulnerability: Insecure Permissions
Description: The trojan creates an insecure dir named "Windupdt" under c:\
drive, granting change (C) permissions to authenticated users group.
Standard users can rename the...

Posted by malvuln on Feb 23

Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/61bec9f22a5955e076e0d5ddf6232f3f.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Trojan-Proxy.Win32.Daemonize.i
Vulnerability: Remote Denial of Service
Description: Daemonize.i listens on TCP port 5823, sending some junk
packets to the trojan results in invalid pointer read leading to an access
violation and crash.
Type: PE32...

Posted by malvuln on Feb 23

Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/63c55ad21e0771c7f9ca71ec3bfcea0f.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Ketch.h
Vulnerability: Remote Stack Buffer Overflow (SEH)
Description: Ketch makes HTTP request to port 80 for a file named
script.dat, after process the server response of 1,612 bytes or more it
triggers an SEH buffer overflow.
Our...

Posted by malvuln on Feb 23

Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/833868d3092bea833839a6b8ec196046.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Inject.tyq
Vulnerability: Insecure Permissions
Description: The backdoor creates an dir named "hotfix" under c:\ drive
granting change (C) permissions to the authenticated user group.
Type: PE32
MD5:...

Posted by houjingyi on Feb 23

A few months ago I disclosed Cisco Webex Teams Client for Windows DLL
Hijacking Vulnerability I found :

https://seclists.org/fulldisclosure/2020/Oct/16

In that post I mentioned "I will add more details 90 days after my report
or a security bulletin available". Here it comes.

NOTICE : This vulnerability seems did not get full patched!

After install IBM Db2 decompile C:\Program
Files\IBM\SQLLIB\BIN\db2swtchg.exe and we can find...

Posted by David Coomber on Feb 23

CIRA Canadian Shield iOS Application - MITM SSL Certificate
Vulnerability (CVE-2021-27189)

Posted by research on Feb 19

--------------------------------------------------------------
docsify <= 4.11.6 DOM-based Cross-Site Scripting Vulnerability
--------------------------------------------------------------

[-] Software Link:

https://docsify.js.org/

[-] Affected Versions:

Version 4.11.6 and prior versions.

[-] Vulnerability Description:

The vulnerability exists due to an incomplete fix for CVE-2020-7680.
When parsing HTML from remote URLs, the HTML code...

Posted by malvuln on Feb 19

Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/be559307f5cd055f123a637b1135c8d3.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Bionet.10
Vulnerability: Anonymous Logon
Description: The backdoor listens on TCP port 12348 and allows anonymous
logon credentials to be used to access an infected host.
Type: PE32
MD5: be559307f5cd055f123a637b1135c8d3
Vuln ID:...

Posted by malvuln on Feb 19

Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/8c82de32ab2b407451b9fc054c09f717.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.DarkKomet.apcc
Vulnerability: Insecure Permissions
Description: DarkKomet.apcc creates an insecure directory under c:\ drive
granting change (C) permissions to the authenticated user group and drops
an EXE named...

Posted by malvuln on Feb 19

Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/2e507b75c0df0fcb2f9a85f4a0c1bc04.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.DarkKomet.bhfh
Vulnerability: Insecure Permissions
Description: DarkKomet.bhfh creates a hidden insecure directory under c:\
drive granting change (C) permissions to the authenticated user group. The
backdoor also drops an EXE named...

Posted by polict of Shielder on Feb 19

I have recently found and reported 13 memory corruptions to Telegram
(https://telegram.org), you can find the just-published technical blog
post at
https://www.shielder.it/blog/2021/02/hunting-for-bugs-in-telegrams-animated-stickers-remote-attack-surface/
and advisories at https://www.shielder.it/advisories/

The vulnerable official clients for android, ios and macos have already
been patched on september 30 and october 2, have a look at the blog...

Posted by Certitude - Advisories on Feb 19

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~ Ceritude Securiy Advisory - CSA-2021-001 ~
~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~
PRODUCT : Apache MyFaces
VENDOR : The Apache Software Foundation
SEVERITY : High
AFFECTED VERSION : <=2.2.13, <=2.3.7, <=2.3-next-M4, <=2.1 branches
IDENTIFIERS :...

Posted by malvuln on Feb 18

Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/64f2fd4dbd9039e5bc054f475eaa582a_C.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Agent.aak
Vulnerability: Remote Buffer Overflow
Description: The HTTP backdoor server HBKDR v0.3 listens on TCP port 8080
and accepts HTTP POST requests, by sending a specially crafted HTTP HEAD
request payload we can trigger...

Posted by malvuln on Feb 18

Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/64f2fd4dbd9039e5bc054f475eaa582a_B.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Agent.aak
Vulnerability: Cross Site Request Forgery (CSRF) - Code Execution
Description: Backdoor HTTP server HBKDR v0.3 executes commands on the
infected host using an HTML form with POST method. The HTML web form
component fails...

Posted by malvuln on Feb 18

Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/64f2fd4dbd9039e5bc054f475eaa582a.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Agent.aak
Vulnerability: Weak Hardcoded Credentials
Description: The HTTP backdoor server HBKDR v0.3 listens on TCP port 8080
and accepts HTTP POST requests in order to execute commands on the infected
system. The malware hardcodes...