Security News

Online Tool for Discussion of Vulnerabilities

Full Disclosure - 26 February, 2021 - 03:43

Posted by Yavuz on Feb 26

Hi all,

Vulmon Research is a platform dedicated to vulnerability discussions.
This project aims to provide an easy-to-use and stable environment for
vulnerability researchers to share their works with the community.

[ What you can do on Vulmon Research ]

* Share vulnerabilities
* Share exploits
* Share vulnerability analysis
* Share any information/opinion related to vulnerabilities

[ Link ]

* https://research.vulmon.com

[ Contact ]

Your...

VisualWare MyConnection Server 11.x Remote Code Execution Vulnerability

Full Disclosure - 26 February, 2021 - 03:40

Posted by Ryan Wincey on Feb 26

Document Title:

===============

VisualWare MyConnection Server 11.x Remote Code Execution Vulnerability

References (Source):

====================

https://www.securifera.com/advisories/cve-2021-27198/

https://myconnectionserver.visualware.com/download.html

Release Date:

=============

2020-02-25

Product & Service Introduction:

===============================

MCS tests, measures & reports the performance and health of any network...

Double-Free found on Squid 4.14 and 5.0.5

Full Disclosure - 26 February, 2021 - 03:40

Posted by Andrés Roldán via Fulldisclosure on Feb 26

A Double-Free bug was found in Squid versions 4.14 and 5.0.5 when
processing the "acl" directive on configuration files, more
specifically the first and second addresses.

This may allow arbitrary code execution on a Squid deployment on where the
configuration files may be processed from untrusted sources.

The following sample configuration file causes the overflow:

# cat heap.conf
acl localnet src...

Backdoor.Win32.DarkKomet.irv / Insecure Permissions

Full Disclosure - 23 February, 2021 - 03:52

Posted by malvuln on Feb 23

Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/a229acff4e0605ad24eaf3d9c44fdb1b.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.DarkKomet.irv
Vulnerability: Insecure Permissions
Description: DarkKomet.irv creates an insecure dir named "Windupdt" under
c:\ drive, granting change (C) permissions to authenticated user group.
Standard users can rename...

Trojan.Win32.Pluder.o / Insecure Permissions

Full Disclosure - 23 February, 2021 - 03:52

Posted by malvuln on Feb 23

Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/ee22eea131c0e00162e4ba370f396a00.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Trojan.Win32.Pluder.o
Vulnerability: Insecure Permissions
Description: Creates an insecure dir named "z_Drivers" under c:\ drive,
granting change (C) permissions to authenticated user group. Pluder.o also
creates several registry key...

Trojan.Win32.Pincav.cmfl / Insecure Permissions

Full Disclosure - 23 February, 2021 - 03:52

Posted by malvuln on Feb 23

Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/9d296ebd6b4f79457fcc61e38dcce61e.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Trojan.Win32.Pincav.cmfl
Vulnerability: Insecure Permissions
Description: The trojan creates an insecure dir named "Windupdt" under c:\
drive, granting change (C) permissions to authenticated users group.
Standard users can rename the...

Trojan-Proxy.Win32.Daemonize.i / Remote Denial of Service

Full Disclosure - 23 February, 2021 - 03:52

Posted by malvuln on Feb 23

Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/61bec9f22a5955e076e0d5ddf6232f3f.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Trojan-Proxy.Win32.Daemonize.i
Vulnerability: Remote Denial of Service
Description: Daemonize.i listens on TCP port 5823, sending some junk
packets to the trojan results in invalid pointer read leading to an access
violation and crash.
Type: PE32...

Backdoor.Win32.Ketch.h / Remote Stack Buffer Overflow (SEH)

Full Disclosure - 23 February, 2021 - 03:52

Posted by malvuln on Feb 23

Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/63c55ad21e0771c7f9ca71ec3bfcea0f.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Ketch.h
Vulnerability: Remote Stack Buffer Overflow (SEH)
Description: Ketch makes HTTP request to port 80 for a file named
script.dat, after process the server response of 1,612 bytes or more it
triggers an SEH buffer overflow.
Our...

Backdoor.Win32.Inject.tyq / Insecure Permissions

Full Disclosure - 23 February, 2021 - 03:52

Posted by malvuln on Feb 23

Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/833868d3092bea833839a6b8ec196046.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Inject.tyq
Vulnerability: Insecure Permissions
Description: The backdoor creates an dir named "hotfix" under c:\ drive
granting change (C) permissions to the authenticated user group.
Type: PE32
MD5:...

IBM(R) Db2(R) Windows client DLL Hijacking Vulnerability(0day)

Full Disclosure - 23 February, 2021 - 03:51

Posted by houjingyi on Feb 23

A few months ago I disclosed Cisco Webex Teams Client for Windows DLL
Hijacking Vulnerability I found :

https://seclists.org/fulldisclosure/2020/Oct/16

In that post I mentioned "I will add more details 90 days after my report
or a security bulletin available". Here it comes.

NOTICE : This vulnerability seems did not get full patched!

After install IBM Db2 decompile C:\Program
Files\IBM\SQLLIB\BIN\db2swtchg.exe and we can find...

CIRA Canadian Shield iOS Application - MITM SSL Certificate Vulnerability (CVE-2021-27189)

Full Disclosure - 23 February, 2021 - 03:51

Posted by David Coomber on Feb 23

CIRA Canadian Shield iOS Application - MITM SSL Certificate
Vulnerability (CVE-2021-27189)

[KIS-2021-02] docsify <= 4.11.6 DOM-based Cross-Site Scripting Vulnerability

Full Disclosure - 19 February, 2021 - 20:18

Posted by research on Feb 19

--------------------------------------------------------------
docsify <= 4.11.6 DOM-based Cross-Site Scripting Vulnerability
--------------------------------------------------------------

[-] Software Link:

https://docsify.js.org/

[-] Affected Versions:

Version 4.11.6 and prior versions.

[-] Vulnerability Description:

The vulnerability exists due to an incomplete fix for CVE-2020-7680.
When parsing HTML from remote URLs, the HTML code...

Backdoor.Win32.Bionet.10 / Anonymous Logon

Full Disclosure - 19 February, 2021 - 12:31

Posted by malvuln on Feb 19

Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/be559307f5cd055f123a637b1135c8d3.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Bionet.10
Vulnerability: Anonymous Logon
Description: The backdoor listens on TCP port 12348 and allows anonymous
logon credentials to be used to access an infected host.
Type: PE32
MD5: be559307f5cd055f123a637b1135c8d3
Vuln ID:...

Backdoor.Win32.DarkKomet.apcc / Insecure Permissions

Full Disclosure - 19 February, 2021 - 12:31

Posted by malvuln on Feb 19

Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/8c82de32ab2b407451b9fc054c09f717.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.DarkKomet.apcc
Vulnerability: Insecure Permissions
Description: DarkKomet.apcc creates an insecure directory under c:\ drive
granting change (C) permissions to the authenticated user group and drops
an EXE named...

Backdoor.Win32.DarkKomet.bhfh / Insecure Permissions

Full Disclosure - 19 February, 2021 - 12:31

Posted by malvuln on Feb 19

Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/2e507b75c0df0fcb2f9a85f4a0c1bc04.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.DarkKomet.bhfh
Vulnerability: Insecure Permissions
Description: DarkKomet.bhfh creates a hidden insecure directory under c:\
drive granting change (C) permissions to the authenticated user group. The
backdoor also drops an EXE named...

Multiple remote memory corruptions in Telegram's handling of animated stickers

Full Disclosure - 19 February, 2021 - 12:31

Posted by polict of Shielder on Feb 19

I have recently found and reported 13 memory corruptions to Telegram
(https://telegram.org), you can find the just-published technical blog
post at
https://www.shielder.it/blog/2021/02/hunting-for-bugs-in-telegrams-animated-stickers-remote-attack-surface/
and advisories at https://www.shielder.it/advisories/

The vulnerable official clients for android, ios and macos have already
been patched on september 30 and october 2, have a look at the blog...

[CSA-2021-001] Cross-Site Request Forgery in Apache MyFaces

Full Disclosure - 19 February, 2021 - 12:31

Posted by Certitude - Advisories on Feb 19

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~ Ceritude Securiy Advisory - CSA-2021-001 ~
~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~
PRODUCT : Apache MyFaces
VENDOR : The Apache Software Foundation
SEVERITY : High
AFFECTED VERSION : <=2.2.13, <=2.3.7, <=2.3-next-M4, <=2.1 branches
IDENTIFIERS :...

Backdoor.Win32.Agent.aak / Remote Buffer Overflow

Full Disclosure - 18 February, 2021 - 19:25

Posted by malvuln on Feb 18

Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/64f2fd4dbd9039e5bc054f475eaa582a_C.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Agent.aak
Vulnerability: Remote Buffer Overflow
Description: The HTTP backdoor server HBKDR v0.3 listens on TCP port 8080
and accepts HTTP POST requests, by sending a specially crafted HTTP HEAD
request payload we can trigger...

Backdoor.Win32.Agent.aak / Cross Site Request Forgery (CSRF) - Code Execution

Full Disclosure - 18 February, 2021 - 19:25

Posted by malvuln on Feb 18

Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/64f2fd4dbd9039e5bc054f475eaa582a_B.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Agent.aak
Vulnerability: Cross Site Request Forgery (CSRF) - Code Execution
Description: Backdoor HTTP server HBKDR v0.3 executes commands on the
infected host using an HTML form with POST method. The HTML web form
component fails...

Backdoor.Win32.Agent.aak / Weak Hardcoded Credentials

Full Disclosure - 18 February, 2021 - 19:25

Posted by malvuln on Feb 18

Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/64f2fd4dbd9039e5bc054f475eaa582a.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Agent.aak
Vulnerability: Weak Hardcoded Credentials
Description: The HTTP backdoor server HBKDR v0.3 listens on TCP port 8080
and accepts HTTP POST requests in order to execute commands on the infected
system. The malware hardcodes...
Syndicate content