Email-Worm.Win32.Lama / Insecure Permissions - Cyber Security News

Read Time:19 Second

Posted by malvuln on Feb 16

Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/1c255ef6fd44877700867f94a59875d2.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Email-Worm.Win32.Lama
Vulnerability: Insecure Permissions
Description: The malware writes a “.BAT” file with insecure permissions
under c drive granting change (C) permissions to the authenticated user
group. Standard users can rename…

More Stories

USN-5974-1: GraphicsMagick vulnerabilities

It was discovered that GraphicsMagick was not properly performing bounds checks when processing TGA image files, which could lead to...

USN-5973-1: url-parse vulnerabilities

It was discovered that url-parse incorrectly handled certain inputs. If a user or an automated system were tricked into opening...

USN-5964-2: curl vulnerabilities

USN-5964-1 fixed several vulnerabilities in curl. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM....

LSN-0093-1: Kernel Live Patch Security Notice

Davide Ornaghi discovered that the netfilter subsystem in the Linux kernel did not properly handle VLAN headers in some situations....

USN-5972-1: Thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a...

CVE-2018-25083

The pullit package before 1.4.0 for Node.js allows OS Command Injection because eval is used on an attacker-supplied Git branch...

Generated by Feedzy