Security News
HackTool.Win32.Hidd.b / Remote Stack Buffer Overflow (UDP Datagram)
Posted by malvuln on Aug 13
Discovery / credits: Malvuln - malvuln.com (c) 2021Original source:
https://malvuln.com/advisory/665a408981294ca49be23096363eec2f.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: HackTool.Win32.Hidd.b
Vulnerability: Remote Stack Buffer Overflow (UDP Datagram)
Description: The malware listens on UDP ports 52810 and 65423. Third-party
attackers who can reach an infected system can send a 479 byte payload to
port 65423 and...
Backdoor.Win32.IRCBot.gen / Hardcoded Weak Password
Posted by malvuln on Aug 13
Discovery / credits: Malvuln - malvuln.com (c) 2021Original source:
https://malvuln.com/advisory/bcfc89ca07bd0ad7b9396a0815c9fc39.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.IRCBot.gen
Vulnerability: Hardcoded Weak Password
Description: The malware listens on TCP port 13013. Authentication is
required for remote user access. However, the password "sexjerx" is weak
and hardcoded in plaintext...
Trojan-Proxy.Win32.Raznew.gen / Unauthenticated Open Proxy
Posted by malvuln on Aug 13
Discovery / credits: Malvuln - malvuln.com (c) 2021Original source:
https://malvuln.com/advisory/55ce4b6c2ec10838c54dca54d96801d6.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Trojan-Proxy.Win32.Raznew.gen
Vulnerability: Unauthenticated Open Proxy
Description: The malware listens on TCP port 8080. Third-party attackers
who can connect to the infected system can relay requests from the original
connection to the...
firebase/php-jwt Algorithm Confusion with Key IDs
Posted by Paragon Initiative Enterprises Security Team on Aug 13
__Background__Once upon a time, the Auth0 team demonstrated several attacks against JWT
libraries that are still found to this day. You can read about their
research here:
https://auth0.com/blog/critical-vulnerabilities-in-json-web-token-libraries/
Or for a more fun spin on the issue, you can just check
https://www.howmanydayssinceajwtalgnonevuln.com
The two issues that were identified there were alg=none and substituting
HMAC over an...
[SYSS-2021-042] TJWS - Reflected Cross-Site Scripting (CVE-2021-37573)
Posted by Maurizio Ruchay on Aug 13
Advisory ID: SYSS-2021-042Product: Tiny Java Web Server and Servlet Container
(TJWS)
Manufacturer: D. Rogatkin
Affected Versions: <= 1.115
Tested Versions: 1.107, 1.114
Vulnerability Type: Cross-Site Scripting (CWE-79)
Risk Level: Medium
Solution Status: Fixed
Manufacturer Notification: 2021-07-21
Solution Date: 2021-07-23...
[RT-SA-2021-002] XML External Entity Expansion in MobileTogether Server
Posted by RedTeam Pentesting GmbH on Aug 10
Advisory: XML External Entity Expansion in MobileTogether ServerRedTeam Pentesting discovered a vulnerability in the MobileTogether
server which allows users with access to at least one app to read
arbitrary, non-binary files from the file system and perform server-side
requests. The vulnerability can also be used to deny availability of the
system. As an example, this advisory shows the compromise of the
server's certificate and private...
Re: Spammers Using storage[.]googleapis[.]com ?!!?
Posted by Jeffrey Walton on Aug 10
That's nothing compared to Sharepoint and sharepointonline.com. I get10 to 20 pieces of offensive emails daily from Microsoft's cesspool.
All using those useless redirects under the guise of "sharing a
document" with me and offering me sex.
Microsoft has more garbage spewing from their web properties than
Amazon, Google, IBM, Salesforce and Rackspace combined (based on my
experience).
sharepointonline.com is the crack...
Accept Facebook friend requests without unlocking your Android [Unpatched]
Posted by Sivanesh Ashok on Aug 10
Author - Sivanesh Ashok | @sivaneshashok | stazot.comDate : 2021-08-03
Vendor : https://facebook.com/
Version : *
Tested on : Version 329.0.0.29.120, Android 10
Last Modified : 2021-08-10
--[ Bug Description
Facebook for Android is vulnerable to a permission issue which allows
anyone with physical access to the Android device, to accept friend
requests without unlocking the phone. The bug works when the device's...
Bugtraq: On Second Thought...
On Second Thought...
Bugtraq: Re: BugTraq Shutdown
Re: BugTraq Shutdown
Bugtraq: Re: [SECURITY] [DSA 4628-1] php7.0 security update
Re: [SECURITY] [DSA 4628-1] php7.0 security update
Bugtraq: BugTraq Shutdown
BugTraq Shutdown
More rss feeds from SecurityFocus
News, Infocus, Columns, Vulnerabilities, Bugtraq ...
Backdoor.Win32.Zaratustra / Unauthenticated Remote File Write (Remote Code Exec)
Posted by malvuln on Aug 06
Discovery / credits: Malvuln - malvuln.com (c) 2021Original source:
https://malvuln.com/advisory/f240c16af2189ea9c94f317281ce7e59.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.Zaratustra
Vulnerability: Unauthenticated Remote File Write (Remote Code Exec)
Description: Zaratustra malware listens on TCP port 660. Third-party
attackers who can reach infected systems can use a socket program to write
binary...
Backdoor.Win32.Zdemon.126 / Unauthenticated Remote Command Execution
Posted by malvuln on Aug 06
Discovery / credits: Malvuln - malvuln.com (c) 2021Original source:
https://malvuln.com/advisory/cedc886b593f013133df39bb6b43a762.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.Zdemon.126
Vulnerability: Unauthenticated Remote Command Execution
Description: Zdemon malware listens on TCP ports 31556, 6051. Third-party
attackers who can reach infected systems can execute commands made
available by the...
Backdoor.Win32.Zdemon.10 / Unauthenticated Remote Command Execution
Posted by malvuln on Aug 06
Discovery / credits: Malvuln - malvuln.com (c) 2021Original source:
https://malvuln.com/advisory/d12f38e959d70af76fd263aa1933033c.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.Zdemon.10
Vulnerability: Unauthenticated Remote Command Execution
Description: Zdemon malware listens on TCP ports 31556, 6051. Third-party
attackers who can reach infected systems can execute commands made
available by the...
Trojan-Dropper.Win32.Small.fp / Unauthenticated Open Proxy
Posted by malvuln on Aug 06
Discovery / credits: Malvuln - malvuln.com (c) 2021Original source:
https://malvuln.com/advisory/07122dd3b069bbbb445e060c1249d5a2.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Trojan-Dropper.Win32.Small.fp
Vulnerability: Unauthenticated Open Proxy
Description: The malware listens on random TCP ports like 2904, 1200 etc.
Third-party attackers who can connect to the infected system can relay
requests from the original...
Constructor.Win32.SS.11.c / Unauthenticated Open Proxy
Posted by malvuln on Aug 06
Discovery / credits: Malvuln - malvuln.com (c) 2021Original source:
https://malvuln.com/advisory/da60b92742abff72930879fa8560b3c3.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Constructor.Win32.SS.11.c
Vulnerability: Unauthenticated Open Proxy
Description: The malware listens on TCP port 9035. Third-party attackers
who can connect to the infected system can relay requests from the original
connection to the destination...
Connect-app (CDU) Version: 3.8 - Cross Site Scripting
Posted by merion44 via Fulldisclosure on Aug 06
app: connect-app (cdu) (version: 3.8)cross-site scripting in the registration form name variables. Remote attackers can inject js payloads as name variables
to exploit the frontend in the profile view and potentially execute in the backend via the preview. Uncertainty in
validating object names in outbound emails, causing the context to be validated insecurely. This allows reflected
execution in the message body of the email where the name...
Re: Spammers Using storage[.]googleapis[.]com ?!!?
Posted by Adrien JOLIBERT on Aug 06
Quite an old trick becoming popular.So yep, the stuff is hosted on one of the google services in private mode; redirections gives you a valid token to
access.
