This vulnerability allows local attackers to escalate privileges on affected installations of FreeBSD Kernel. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability.
This vulnerability allows local attackers to escalate privileges on affected installations of FreeBSD Kernel. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability.
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of multiple D-Link routers. Authentication is not required to exploit this vulnerability.
This vulnerability allows local attackers to escalate privileges on affected installations of FreeBSD Kernel. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability.
This vulnerability allows local attackers to escalate privileges on affected installations of FreeBSD Kernel. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability.
Posted by malvuln on Sep 19
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/2cbd0fcf4d5fd5fb6c8014390efb0b21_B.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.Hellza.120
Vulnerability: Authentication Bypass
Description: The malware listens on TCP ports 12122, 21. Third-party
adversarys who can reach infected systems can logon using any
username/password combination….
Posted by malvuln on Sep 19
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/2cbd0fcf4d5fd5fb6c8014390efb0b21.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.Hellza.120
Vulnerability: Unauthorized Remote Command Execution
Description: The malware listens on TCP ports 12122, 21. Third-party
adversarys who can reach infected systems can issue commands made available
by the…
Posted by malvuln on Sep 19
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/5ac0f050f93f86e69026faea1fbb4450.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Trojan.Ransom.Ryuk.A
Vulnerability: Arbitrary Code Execution
Description: The ransomware looks for and executes DLLs in its current
directory. Therefore, we can potentially hijack a vuln DLL execute our own
code, control and terminate…
Posted by malvuln on Sep 19
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/f72138e574743640bdcdb9f102dff0a5.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Trojan-Dropper.Win32.Corty.10
Vulnerability: Insecure Credential Storage
Description: The malware stores its credentials in cleartext within the
Windows registry.
Family: Corty
Type: PE32
MD5: f72138e574743640bdcdb9f102dff0a5
Vuln ID:…
Posted by Matthew Fernandez on Sep 19
What is the security boundary being violated here? As a maintainer of
some of the packages implicated here, I’m unsure what my actionable
tasks are. The threat model(s) for my packages does not consider crashes
to be a security violation. On the other side, things like crypto code
frequently use their own non-GMP implementation of bignum arith for this
(and other) reason.
Not trying to brush this off. But I’m just trying to gain an…
