seclist.org

Posted by SEC Consult Vulnerability Lab on Jan 13

SEC Consult Vulnerability Lab Security Advisory < 20210113-1 >
=======================================================================
title: Multiple Vulnerabilities
product: flatCore CMS
vulnerable version: < 2.0.0 Build 139
fixed version: Release 2.0.0 Build 139
CVE number: CVE-2021-23835, CVE-2021-23836, CVE-2021-23837, CVE-2021-23838
impact: High
homepage:...

Posted by SEC Consult Vulnerability Lab on Jan 13

SEC Consult Vulnerability Lab Security Advisory < 20210113-0 >
=======================================================================
title: Multiple vulnerabilities
product: Pepperl+Fuchs IO-Link Master Series
See "Vulnerable / tested versions"
vulnerable version: System 1.36 / Application 1.5.28
fixed version: System 1.52 / Application 1.6.11
CVE number:...

Posted by malvuln on Jan 12

Discovery / credits: malvuln - Malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/6c5081e9b65a52963b0b1ae612ef7eb4.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Zombam.a
Vulnerability: Remote Stack Buffer Overflow
Description: The malware listens on TCP port 80, sending an HTTP GET
request with 300 or more bytes will trigger buffer overflow
overwriting EIP.
Type: PE32
MD5:...

Posted by malvuln on Jan 12

Discovery / credits: malvuln - Malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/3f82e6ddc9f5242f5af200d2fbae4ce4.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Levelone.b
Vulnerability: Remote Stack Buffer Overflow
Description: The backdoor listens on Port 7777, sending two large
consecutive HTTP OPTIONS requests trigger the buffer overflow
overwriting EIP.
Type: PE32
MD5:...

Posted by malvuln on Jan 12

Discovery / credits: malvuln - Malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/6a2d09c4527cf222e4e2571b074fcc0c.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Levelone.a
Vulnerability: Remote Stack Buffer Overflow
Description: The malware listens on Port 1500, sending a specially
crafted HTTP TRACE request causes a buffer overflow and overwrites EIP
with our payload. If testing you need...

Posted by malvuln on Jan 12

Discovery / credits: malvuln - Malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/9d7be3799594a82bf7056905f501af03.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Ketch.b
Vulnerability: Remote Stack Buffer Overflow

Description: Makes HTTP GET request for a file "script.dat", and writes the
server response to temporary file named "watchb.tmp" under c:\Windows dir.
At 1032...

Posted by bo0od on Jan 12

When you say backdoor, you mean backdoor which microsoft remotely using
it or you mean a malware can take advantage of?

malvuln:

Posted by Sandro Gauci on Jan 12

# Loopback access control bypass in coturn by using 0.0.0.0, [::1] or [::] as the peer address

- Fixed version: 4.5.2
- Enable Security Advisory:
https://github.com/EnableSecurity/advisories/tree/master/ES2021-01-coturn-access-control-bypass
- Coturn Security Advisory: https://github.com/coturn/coturn/security/advisories/GHSA-6g6j-r9rf-cm7p
- Other references:
- CVE-2020-26262
-...

Posted by Stefan Pietsch on Jan 12

# Trovent Security Advisory 2010-01 #
#####################################

Email address enumeration in reset password
###########################################

Overview
########

Advisory ID: TRSA-2010-01
Advisory version: 1.1
Advisory status: Public
Advisory URL: https://trovent.io/security-advisory-2010-01
Affected product: Web application Rocket.Chat
Affected version: <= 3.7.1
Vendor: Rocket.Chat Technologies Corp.,...

Posted by Rodolfo Augusto do Nascimento Tavares on Jan 12

==== [Tempest Security Intelligence - ADV-12/2020]
=============================

Envira Gallery - Lite Edition - Version 1.8.3.2
Author: Rodolfo Tavares
Tempest Security Intelligence - Recife, Pernambuco - Brazil

===== [Table of Contents] ================================================
• Overview
• Detailed description
• Disclosure timeline
• Acknowledgements
• References

===== [Vulnerability Information]...

Posted by Pierre Kim on Jan 12

## Advisory Information

Title: Multiple vulnerabilities found in FiberHome HG6245D routers
Advisory URL: https://pierrekim.github.io/advisories/2021-fiberhome-0x00-ont.txt
Blog URL: https://pierrekim.github.io/blog/2021-01-12-fiberhome-ont-0day-vulnerabilities.html
Date published: 2021-01-12
Vendors contacted: None
Release mode: Full-Disclosure
CVE: None yet assigned

## Product Description

FiberHome Technologies is a leading equipment vendor...

Posted by Matthew Fernandez on Jan 12

How should we be treating the stream of malware vulnerabilities you’ve reported recently? If something is malware,
surely I want to remove it from my machine anyway? I’m all for full disclosure, but I’m just trying to understand if
there’s anything actionable list members could do with this information. Thank you for your work on this, which is
quite interesting to follow by the way.

Posted by Stefan Pietsch on Jan 07

# Trovent Security Advisory 2010-01 #
#####################################

Email address enumeration in reset password
###########################################

Overview
########

Advisory ID: TRSA-2010-01
Advisory version: 1.0
Advisory status: Public
Advisory URL: https://trovent.io/security-advisory-2010-01
Affected product: Web application Rocket.Chat
Affected version: <= 3.7.1
Vendor: Rocket.Chat Technologies Corp.,...

Posted by Martin Heiland via Fulldisclosure on Jan 07

Dear subscribers,

we're sharing our latest advisory with you and like to thank everyone who contributed in finding and solving those
vulnerabilities. Feel free to join our bug bounty programs for OX AppSuite, Dovecot and PowerDNS at HackerOne.

Yours sincerely,
Martin Heiland, Open-Xchange GmbH

Product: OX App Suite / OX Documents
Vendor: OX Software GmbH

Internal reference: MWB-423
Vulnerability type: Server-Side Request Forgery...

Posted by malvuln on Jan 07

Discovery / credits: malvuln - Malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/6eece319bc108576bd1f4a8364616264.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.NinjaSpy.c
Vulnerability: Remote Stack Buffer Overflow
Description: The specimen drops a DLL named "cmd.dll" under C:\WINDOWS\
which listens on both TCP ports 2003 and 2004. By sending consecutive HTTP
PUT requests with...

Posted by malvuln on Jan 07

Discovery / credits: malvuln - Malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/7bd93c10c9373cfc2bcc8eff712631f1.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Xtreme.yvp
Vulnerability: Insecure Permissions EoP
Description: Change permissions are granted to authenticated users,
allowing privilege escalation.
Type: PE32
MD5: 7bd93c10c9373cfc2bcc8eff712631f1
Vuln ID: MVID-2021-0017
Dropped...

Posted by malvuln on Jan 07

Discovery / credits: malvuln - Malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/bba63df41adcf2cf80c74e4a62539d44.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Agent.dcbh
Vulnerability: Insecure Permissions EoP
Description: Drops an executable with a randomly generated numeric name
E.g. 674_674.exe. Change permissions are granted to authenticated users,
allowing privilege escalation.
Type:...

Posted by Mark Thomas on Jan 06

Posted by Egidio Romano on Jan 06

-----------------------------------------------------------------------------
IPS Community Suite <= 4.5.4 (Downloads REST API) SQL Injection Vulnerability
-----------------------------------------------------------------------------

[-] Software Link:

https://invisioncommunity.com

[-] Affected Versions:

Version 4.5.4 and prior versions.

[-] Vulnerability Description:

The vulnerability is located within the...

Posted by malvuln on Jan 06

Discovery / credits: malvuln - Malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/79d9908b6769e64f922e74a090f5ceeb.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Zombam.k
Vulnerability: Remote String Dereference Stack Buffer Overflow

Description: HTTP RAT 0.21 Backdoor Webserver By z0mbie, create's on the
fly executable backdoors that can listen on various ports you specify. The
main...