Posted by malvuln on Mar 14

Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/c4cc1317aea42f7dd4a1b786c5278a24.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Hades RAT – Web Panel
Vulnerability: Insecure Credential Storage
Family: Hades
Type: WebUI
MD5: c4cc1317aea42f7dd4a1b786c5278a24
MD5: a117b7fa4691b766dd5aa6455438fded (strings.ini)
Vuln ID: MVID-2022-0512
Disclosure: 03/13/2022
Description: The…

Read More

Posted by malvuln on Mar 14

Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/baf102927947289e4d589028620ce291.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: RedLine.MainPanel – cracked.exe
Vulnerability: Insecure Permissions
Description: The malware writes PE files with insecure permissions to c
drive granting change (C) permissions to the authenticated user group.
Standard users can rename the…

Read More

Posted by Kelvin Yip on Mar 14

Hi Team,

Here is the exploit information for CVE-2021-45040.

Below is summary of timeline for reference:

1. Contact developer (security contact: Freek) regarding the vulnerability at Mon 12/13/2021 11:42 AM (GMT+8)
2. Contact CERT.org at Mon 12/13/2021 10:36 PM
3. Submit CVE Request to Mitre at Mon 12/13/2021 11:30 PM
4. No response from vendor until now.
5. Possible solution had been documented by our research team:…

Read More

FEDORA-2022-0b216519ff

Packages in this update:

cabal-rpm-2.0.11-1.fc36

Update description:

take build-tool-depends into account (#65)
‘spec’,’update’: detect autorelease and preserve autochangelog (#66)
‘spec –standalone’: strip executable
support _builddir

Read More

Tavis Ormandy discovered that the BN_mod_sqrt() function of OpenSSL
could be tricked into an infinite loop. This could result in denial of
service via malformed certificates.

Read More

Post Content

Read More

Post Content

Read More

Post Content

Read More

Post Content

Read More