seclist.org

A public, vendor-neutral forum for detailed discussion of vulnerabilities and exploitation techniques, as well as tools, papers, news, and events of interest to the community. The relaxed atmosphere of this quirky list provides some comic relief and certain industry gossip. More importantly, fresh vulnerabilities sometimes hit this list many hours or days before they pass through the Bugtraq moderation queue.
Frissítve: 2 óra 26 perc
SEC Consult SA-20210113-1 :: Multiple vulnerabilities in flatCore CMS
Posted by SEC Consult Vulnerability Lab on Jan 13
SEC Consult Vulnerability Lab Security Advisory < 20210113-1 >=======================================================================
title: Multiple Vulnerabilities
product: flatCore CMS
vulnerable version: < 2.0.0 Build 139
fixed version: Release 2.0.0 Build 139
CVE number: CVE-2021-23835, CVE-2021-23836, CVE-2021-23837, CVE-2021-23838
impact: High
homepage:...
SEC Consult SA-20210113-0 :: Multiple vulnerabilities in Pepperl+Fuchs IO-Link Master Series
Posted by SEC Consult Vulnerability Lab on Jan 13
SEC Consult Vulnerability Lab Security Advisory < 20210113-0 >=======================================================================
title: Multiple vulnerabilities
product: Pepperl+Fuchs IO-Link Master Series
See "Vulnerable / tested versions"
vulnerable version: System 1.36 / Application 1.5.28
fixed version: System 1.52 / Application 1.6.11
CVE number:...
Backdoor.Win32.Zombam.a / Remote Stack Buffer Overflow
Posted by malvuln on Jan 12
Discovery / credits: malvuln - Malvuln.com (c) 2021Original source:
https://malvuln.com/advisory/6c5081e9b65a52963b0b1ae612ef7eb4.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.Zombam.a
Vulnerability: Remote Stack Buffer Overflow
Description: The malware listens on TCP port 80, sending an HTTP GET
request with 300 or more bytes will trigger buffer overflow
overwriting EIP.
Type: PE32
MD5:...
Backdoor.Win32.Levelone.b / Remote Stack Buffer Overflow
Posted by malvuln on Jan 12
Discovery / credits: malvuln - Malvuln.com (c) 2021Original source:
https://malvuln.com/advisory/3f82e6ddc9f5242f5af200d2fbae4ce4.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.Levelone.b
Vulnerability: Remote Stack Buffer Overflow
Description: The backdoor listens on Port 7777, sending two large
consecutive HTTP OPTIONS requests trigger the buffer overflow
overwriting EIP.
Type: PE32
MD5:...
Backdoor.Win32.Levelone.a / Remote Stack Buffer Overflow
Posted by malvuln on Jan 12
Discovery / credits: malvuln - Malvuln.com (c) 2021Original source:
https://malvuln.com/advisory/6a2d09c4527cf222e4e2571b074fcc0c.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.Levelone.a
Vulnerability: Remote Stack Buffer Overflow
Description: The malware listens on Port 1500, sending a specially
crafted HTTP TRACE request causes a buffer overflow and overwrites EIP
with our payload. If testing you need...
Backdoor.Win32.Ketch.b / Remote Stack Buffer Overflow
Posted by malvuln on Jan 12
Discovery / credits: malvuln - Malvuln.com (c) 2021Original source:
https://malvuln.com/advisory/9d7be3799594a82bf7056905f501af03.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.Ketch.b
Vulnerability: Remote Stack Buffer Overflow
Description: Makes HTTP GET request for a file "script.dat", and writes the
server response to temporary file named "watchb.tmp" under c:\Windows dir.
At 1032...
Re: Backdoor.Win32.Xtreme.yvp / Insecure Permissions EoP
Posted by bo0od on Jan 12
When you say backdoor, you mean backdoor which microsoft remotely usingit or you mean a malware can take advantage of?
malvuln:
Advisory: ES2021-01 - Loopback access control bypass in coturn by using 0.0.0.0, [::1] or [::] as the peer address
Posted by Sandro Gauci on Jan 12
# Loopback access control bypass in coturn by using 0.0.0.0, [::1] or [::] as the peer address- Fixed version: 4.5.2
- Enable Security Advisory:
https://github.com/EnableSecurity/advisories/tree/master/ES2021-01-coturn-access-control-bypass
- Coturn Security Advisory: https://github.com/coturn/coturn/security/advisories/GHSA-6g6j-r9rf-cm7p
- Other references:
- CVE-2020-26262
-...
Re: Trovent Security Advisory 2010-01 [updated] / CVE-2020-28208: Rocket.Chat email address enumeration vulnerability
Posted by Stefan Pietsch on Jan 12
# Trovent Security Advisory 2010-01 ######################################
Email address enumeration in reset password
###########################################
Overview
########
Advisory ID: TRSA-2010-01
Advisory version: 1.1
Advisory status: Public
Advisory URL: https://trovent.io/security-advisory-2010-01
Affected product: Web application Rocket.Chat
Affected version: <= 3.7.1
Vendor: Rocket.Chat Technologies Corp.,...
Envira Gallery - Lite Edition - Version 1.8.3.2 CVE-2020-35581 CVE-2020-35582
Posted by Rodolfo Augusto do Nascimento Tavares on Jan 12
==== [Tempest Security Intelligence - ADV-12/2020]=============================
Envira Gallery - Lite Edition - Version 1.8.3.2
Author: Rodolfo Tavares
Tempest Security Intelligence - Recife, Pernambuco - Brazil
===== [Table of Contents] ================================================
• Overview
• Detailed description
• Disclosure timeline
• Acknowledgements
• References
===== [Vulnerability Information]...
Multiple vulnerabilities found in FiberHome HG6245D routers
Posted by Pierre Kim on Jan 12
## Advisory InformationTitle: Multiple vulnerabilities found in FiberHome HG6245D routers
Advisory URL: https://pierrekim.github.io/advisories/2021-fiberhome-0x00-ont.txt
Blog URL: https://pierrekim.github.io/blog/2021-01-12-fiberhome-ont-0day-vulnerabilities.html
Date published: 2021-01-12
Vendors contacted: None
Release mode: Full-Disclosure
CVE: None yet assigned
## Product Description
FiberHome Technologies is a leading equipment vendor...
Re: Backdoor.Win32.NinjaSpy.c / Remote Stack Buffer Overflow
Posted by Matthew Fernandez on Jan 12
How should we be treating the stream of malware vulnerabilities you’ve reported recently? If something is malware,surely I want to remove it from my machine anyway? I’m all for full disclosure, but I’m just trying to understand if
there’s anything actionable list members could do with this information. Thank you for your work on this, which is
quite interesting to follow by the way.
Trovent Security Advisory 2010-01 / CVE-2020-28208: Rocket.Chat email address enumeration vulnerability
Posted by Stefan Pietsch on Jan 07
# Trovent Security Advisory 2010-01 ######################################
Email address enumeration in reset password
###########################################
Overview
########
Advisory ID: TRSA-2010-01
Advisory version: 1.0
Advisory status: Public
Advisory URL: https://trovent.io/security-advisory-2010-01
Affected product: Web application Rocket.Chat
Affected version: <= 3.7.1
Vendor: Rocket.Chat Technologies Corp.,...
Open-Xchange Security Advisory 2021-01-07
Posted by Martin Heiland via Fulldisclosure on Jan 07
Dear subscribers,we're sharing our latest advisory with you and like to thank everyone who contributed in finding and solving those
vulnerabilities. Feel free to join our bug bounty programs for OX AppSuite, Dovecot and PowerDNS at HackerOne.
Yours sincerely,
Martin Heiland, Open-Xchange GmbH
Product: OX App Suite / OX Documents
Vendor: OX Software GmbH
Internal reference: MWB-423
Vulnerability type: Server-Side Request Forgery...
Backdoor.Win32.NinjaSpy.c / Remote Stack Buffer Overflow
Posted by malvuln on Jan 07
Discovery / credits: malvuln - Malvuln.com (c) 2021Original source:
https://malvuln.com/advisory/6eece319bc108576bd1f4a8364616264.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.NinjaSpy.c
Vulnerability: Remote Stack Buffer Overflow
Description: The specimen drops a DLL named "cmd.dll" under C:\WINDOWS\
which listens on both TCP ports 2003 and 2004. By sending consecutive HTTP
PUT requests with...
Backdoor.Win32.Xtreme.yvp / Insecure Permissions EoP
Posted by malvuln on Jan 07
Discovery / credits: malvuln - Malvuln.com (c) 2021Original source:
https://malvuln.com/advisory/7bd93c10c9373cfc2bcc8eff712631f1.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.Xtreme.yvp
Vulnerability: Insecure Permissions EoP
Description: Change permissions are granted to authenticated users,
allowing privilege escalation.
Type: PE32
MD5: 7bd93c10c9373cfc2bcc8eff712631f1
Vuln ID: MVID-2021-0017
Dropped...
Backdoor.Win32.Agent.dcbh / Insecure Permissions EoP
Posted by malvuln on Jan 07
Discovery / credits: malvuln - Malvuln.com (c) 2021Original source:
https://malvuln.com/advisory/bba63df41adcf2cf80c74e4a62539d44.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.Agent.dcbh
Vulnerability: Insecure Permissions EoP
Description: Drops an executable with a randomly generated numeric name
E.g. 674_674.exe. Change permissions are granted to authenticated users,
allowing privilege escalation.
Type:...
Re: [SECURITY] CVE-2013-4444 Remote Code Execution in Apache Tomcat
Posted by Mark Thomas on Jan 06
[KIS-2021-01] IPS Community Suite <= 4.5.4 (Downloads REST API) SQL Injection Vulnerability
Posted by Egidio Romano on Jan 06
-----------------------------------------------------------------------------IPS Community Suite <= 4.5.4 (Downloads REST API) SQL Injection Vulnerability
-----------------------------------------------------------------------------
[-] Software Link:
https://invisioncommunity.com
[-] Affected Versions:
Version 4.5.4 and prior versions.
[-] Vulnerability Description:
The vulnerability is located within the...
Backdoor.Win32.Zombam.k / Remote Stack Buffer Overflow
Posted by malvuln on Jan 06
Discovery / credits: malvuln - Malvuln.com (c) 2021Original source:
https://malvuln.com/advisory/79d9908b6769e64f922e74a090f5ceeb.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.Zombam.k
Vulnerability: Remote String Dereference Stack Buffer Overflow
Description: HTTP RAT 0.21 Backdoor Webserver By z0mbie, create's on the
fly executable backdoors that can listen on various ports you specify. The
main...