seclist.org

Subscribe to seclist.org hírcsatorna
A public, vendor-neutral forum for detailed discussion of vulnerabilities and exploitation techniques, as well as tools, papers, news, and events of interest to the community. The relaxed atmosphere of this quirky list provides some comic relief and certain industry gossip. More importantly, fresh vulnerabilities sometimes hit this list many hours or days before they pass through the Bugtraq moderation queue.
Frissítve: 2 óra 26 perc
2021. január 13.

SEC Consult SA-20210113-1 :: Multiple vulnerabilities in flatCore CMS

Posted by SEC Consult Vulnerability Lab on Jan 13

SEC Consult Vulnerability Lab Security Advisory < 20210113-1 >
=======================================================================
title: Multiple Vulnerabilities
product: flatCore CMS
vulnerable version: < 2.0.0 Build 139
fixed version: Release 2.0.0 Build 139
CVE number: CVE-2021-23835, CVE-2021-23836, CVE-2021-23837, CVE-2021-23838
impact: High
homepage:...
2021. január 13.

SEC Consult SA-20210113-0 :: Multiple vulnerabilities in Pepperl+Fuchs IO-Link Master Series

Posted by SEC Consult Vulnerability Lab on Jan 13

SEC Consult Vulnerability Lab Security Advisory < 20210113-0 >
=======================================================================
title: Multiple vulnerabilities
product: Pepperl+Fuchs IO-Link Master Series
See "Vulnerable / tested versions"
vulnerable version: System 1.36 / Application 1.5.28
fixed version: System 1.52 / Application 1.6.11
CVE number:...
2021. január 13.

Backdoor.Win32.Zombam.a / Remote Stack Buffer Overflow

Posted by malvuln on Jan 12

Discovery / credits: malvuln - Malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/6c5081e9b65a52963b0b1ae612ef7eb4.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Zombam.a
Vulnerability: Remote Stack Buffer Overflow
Description: The malware listens on TCP port 80, sending an HTTP GET
request with 300 or more bytes will trigger buffer overflow
overwriting EIP.
Type: PE32
MD5:...
2021. január 13.

Backdoor.Win32.Levelone.b / Remote Stack Buffer Overflow

Posted by malvuln on Jan 12

Discovery / credits: malvuln - Malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/3f82e6ddc9f5242f5af200d2fbae4ce4.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Levelone.b
Vulnerability: Remote Stack Buffer Overflow
Description: The backdoor listens on Port 7777, sending two large
consecutive HTTP OPTIONS requests trigger the buffer overflow
overwriting EIP.
Type: PE32
MD5:...
2021. január 13.

Backdoor.Win32.Levelone.a / Remote Stack Buffer Overflow

Posted by malvuln on Jan 12

Discovery / credits: malvuln - Malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/6a2d09c4527cf222e4e2571b074fcc0c.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Levelone.a
Vulnerability: Remote Stack Buffer Overflow
Description: The malware listens on Port 1500, sending a specially
crafted HTTP TRACE request causes a buffer overflow and overwrites EIP
with our payload. If testing you need...
2021. január 13.

Backdoor.Win32.Ketch.b / Remote Stack Buffer Overflow

Posted by malvuln on Jan 12

Discovery / credits: malvuln - Malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/9d7be3799594a82bf7056905f501af03.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Ketch.b
Vulnerability: Remote Stack Buffer Overflow

Description: Makes HTTP GET request for a file "script.dat", and writes the
server response to temporary file named "watchb.tmp" under c:\Windows dir.
At 1032...
2021. január 13.

Re: Backdoor.Win32.Xtreme.yvp / Insecure Permissions EoP

Posted by bo0od on Jan 12

When you say backdoor, you mean backdoor which microsoft remotely using
it or you mean a malware can take advantage of?

malvuln:
2021. január 13.

Advisory: ES2021-01 - Loopback access control bypass in coturn by using 0.0.0.0, [::1] or [::] as the peer address

Posted by Sandro Gauci on Jan 12

# Loopback access control bypass in coturn by using 0.0.0.0, [::1] or [::] as the peer address

- Fixed version: 4.5.2
- Enable Security Advisory:
https://github.com/EnableSecurity/advisories/tree/master/ES2021-01-coturn-access-control-bypass
- Coturn Security Advisory: https://github.com/coturn/coturn/security/advisories/GHSA-6g6j-r9rf-cm7p
- Other references:
- CVE-2020-26262
-...
2021. január 13.

Re: Trovent Security Advisory 2010-01 [updated] / CVE-2020-28208: Rocket.Chat email address enumeration vulnerability

Posted by Stefan Pietsch on Jan 12

# Trovent Security Advisory 2010-01 #
#####################################

Email address enumeration in reset password
###########################################

Overview
########

Advisory ID: TRSA-2010-01
Advisory version: 1.1
Advisory status: Public
Advisory URL: https://trovent.io/security-advisory-2010-01
Affected product: Web application Rocket.Chat
Affected version: <= 3.7.1
Vendor: Rocket.Chat Technologies Corp.,...
2021. január 13.

Envira Gallery - Lite Edition - Version 1.8.3.2 CVE-2020-35581 CVE-2020-35582

Posted by Rodolfo Augusto do Nascimento Tavares on Jan 12

==== [Tempest Security Intelligence - ADV-12/2020]
=============================

Envira Gallery - Lite Edition - Version 1.8.3.2
Author: Rodolfo Tavares
Tempest Security Intelligence - Recife, Pernambuco - Brazil

===== [Table of Contents] ================================================
• Overview
• Detailed description
• Disclosure timeline
• Acknowledgements
• References

===== [Vulnerability Information]...
2021. január 13.

Multiple vulnerabilities found in FiberHome HG6245D routers

Posted by Pierre Kim on Jan 12

## Advisory Information

Title: Multiple vulnerabilities found in FiberHome HG6245D routers
Advisory URL: https://pierrekim.github.io/advisories/2021-fiberhome-0x00-ont.txt
Blog URL: https://pierrekim.github.io/blog/2021-01-12-fiberhome-ont-0day-vulnerabilities.html
Date published: 2021-01-12
Vendors contacted: None
Release mode: Full-Disclosure
CVE: None yet assigned

## Product Description

FiberHome Technologies is a leading equipment vendor...
2021. január 13.

Re: Backdoor.Win32.NinjaSpy.c / Remote Stack Buffer Overflow

Posted by Matthew Fernandez on Jan 12

How should we be treating the stream of malware vulnerabilities you’ve reported recently? If something is malware,
surely I want to remove it from my machine anyway? I’m all for full disclosure, but I’m just trying to understand if
there’s anything actionable list members could do with this information. Thank you for your work on this, which is
quite interesting to follow by the way.
2021. január 8.

Trovent Security Advisory 2010-01 / CVE-2020-28208: Rocket.Chat email address enumeration vulnerability

Posted by Stefan Pietsch on Jan 07

# Trovent Security Advisory 2010-01 #
#####################################

Email address enumeration in reset password
###########################################

Overview
########

Advisory ID: TRSA-2010-01
Advisory version: 1.0
Advisory status: Public
Advisory URL: https://trovent.io/security-advisory-2010-01
Affected product: Web application Rocket.Chat
Affected version: <= 3.7.1
Vendor: Rocket.Chat Technologies Corp.,...
2021. január 8.

Open-Xchange Security Advisory 2021-01-07

Posted by Martin Heiland via Fulldisclosure on Jan 07

Dear subscribers,

we're sharing our latest advisory with you and like to thank everyone who contributed in finding and solving those
vulnerabilities. Feel free to join our bug bounty programs for OX AppSuite, Dovecot and PowerDNS at HackerOne.

Yours sincerely,
Martin Heiland, Open-Xchange GmbH

Product: OX App Suite / OX Documents
Vendor: OX Software GmbH

Internal reference: MWB-423
Vulnerability type: Server-Side Request Forgery...
2021. január 8.

Backdoor.Win32.NinjaSpy.c / Remote Stack Buffer Overflow

Posted by malvuln on Jan 07

Discovery / credits: malvuln - Malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/6eece319bc108576bd1f4a8364616264.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.NinjaSpy.c
Vulnerability: Remote Stack Buffer Overflow
Description: The specimen drops a DLL named "cmd.dll" under C:\WINDOWS\
which listens on both TCP ports 2003 and 2004. By sending consecutive HTTP
PUT requests with...
2021. január 8.

Backdoor.Win32.Xtreme.yvp / Insecure Permissions EoP

Posted by malvuln on Jan 07

Discovery / credits: malvuln - Malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/7bd93c10c9373cfc2bcc8eff712631f1.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Xtreme.yvp
Vulnerability: Insecure Permissions EoP
Description: Change permissions are granted to authenticated users,
allowing privilege escalation.
Type: PE32
MD5: 7bd93c10c9373cfc2bcc8eff712631f1
Vuln ID: MVID-2021-0017
Dropped...
2021. január 8.

Backdoor.Win32.Agent.dcbh / Insecure Permissions EoP

Posted by malvuln on Jan 07

Discovery / credits: malvuln - Malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/bba63df41adcf2cf80c74e4a62539d44.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Agent.dcbh
Vulnerability: Insecure Permissions EoP
Description: Drops an executable with a randomly generated numeric name
E.g. 674_674.exe. Change permissions are granted to authenticated users,
allowing privilege escalation.
Type:...
2021. január 6.

Re: [SECURITY] CVE-2013-4444 Remote Code Execution in Apache Tomcat

Posted by Mark Thomas on Jan 06


2021. január 6.

[KIS-2021-01] IPS Community Suite <= 4.5.4 (Downloads REST API) SQL Injection Vulnerability

Posted by Egidio Romano on Jan 06

-----------------------------------------------------------------------------
IPS Community Suite <= 4.5.4 (Downloads REST API) SQL Injection Vulnerability
-----------------------------------------------------------------------------

[-] Software Link:

https://invisioncommunity.com

[-] Affected Versions:

Version 4.5.4 and prior versions.

[-] Vulnerability Description:

The vulnerability is located within the...
2021. január 6.

Backdoor.Win32.Zombam.k / Remote Stack Buffer Overflow

Posted by malvuln on Jan 06

Discovery / credits: malvuln - Malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/79d9908b6769e64f922e74a090f5ceeb.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Zombam.k
Vulnerability: Remote String Dereference Stack Buffer Overflow

Description: HTTP RAT 0.21 Backdoor Webserver By z0mbie, create's on the
fly executable backdoors that can listen on various ports you specify. The
main...