Read Time:10 Second
Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using combinations of VLAN 0 headers, LLC/SNAP headers, and converting frames from Ethernet to Wifi and its reverse.
Category Archives: Advisories
CVE-2021-27861
Read Time:7 Second
Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using LLC/SNAP headers with invalid length (and optionally VLAN0 headers)
CVE-2021-27862
Read Time:9 Second
Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using LLC/SNAP headers with invalid length and Ethernet to Wifi frame conversion (and optionally VLAN0 headers).
CVE-2021-27853
Read Time:8 Second
Layer 2 network filtering capabilities such as IPv6 RA guard or ARP inspection can be bypassed using combinations of VLAN 0 headers and LLC/SNAP headers.
bash-5.1.16-3.fc36
Read Time:7 Second
FEDORA-2022-4ff296fe8e
Packages in this update:
bash-5.1.16-3.fc36
Update description:
Add a null check in parameter_brace_transform() function
bash-5.1.8-3.fc35
Read Time:7 Second
FEDORA-2022-5b644a935b
Packages in this update:
bash-5.1.8-3.fc35
Update description:
Add a null check in parameter_brace_transform() function
bash-5.1.16-4.fc37
Read Time:7 Second
FEDORA-2022-bf387ff344
Packages in this update:
bash-5.1.16-4.fc37
Update description:
Add a null check in parameter_brace_transform() function
Backdoor.Win32.Augudor.b / Remote File Write Code Execution
Read Time:21 Second
Posted by malvuln on Sep 27
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/94ccd337cbdd4efbbcc0a6c888abb87d.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.Augudor.b
Vulnerability: Remote File Write Code Execution
Description: The malware drops an empty file named “zy.exe” and listens on
TCP port 810. Third-party adversaries who can reach the infected host can…
Backdoor.Win32.Psychward.b / Weak Hardcoded Credentials
Read Time:19 Second
Posted by malvuln on Sep 27
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/0b8cf90ab9820cb3fcb7f1d1b45e4e57.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.Psychward.b
Vulnerability: Weak Hardcoded Credentials
Description: The malware listens on TCP port 8888 and requires
authentication. However, the password “4174” is weak and hardcoded in
cleartext within the PE…
Backdoor.Win32.Bingle.b / Weak Hardcoded Credentials
Read Time:20 Second
Posted by malvuln on Sep 27
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/eacaa12336f50f1c395663fba92a4d32.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.Bingle.b
Vulnerability: Weak Hardcoded Credentials
Description: The malware is packed using ASPack 2.11, listens on TCP port
22 and requires authentication. However, the password “let me in” is weak
and…