Category Archives: Advisories

python-ujson-5.2.0-1.fc36

Read Time:31 Second

FEDORA-2022-569b6b45e2

Packages in this update:

python-ujson-5.2.0-1.fc36

Update description:

Update to 5.2.0 (close RHBZ#2072241, fix CVE-2021-45958)

Added

Support parsing NaN, Infinity and -Infinity
Support dynamically linking against system double-conversion library
Add env var to control stripping debug info
Add JSONDecodeError

Fixed

Fix buffer overflows (CVE-2021-45958)
Upgrade Black to fix Click
simplify exception handling on integer overflow
Remove dead code that used to handle the separate int type in Python 2
Fix exceptions on encoding list or dict elements and non-overflow errors on int handling getting silenced

Read More

Email-Worm.Win32.Pluto.b / Insecure Permissions

Read Time:20 Second

Posted by malvuln on Apr 14

Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/60a7d5e2d446110d84ef65f6a37af0eb.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Email-Worm.Win32.Pluto.b
Vulnerability: Insecure Permissions
Description: The malware writes a dir and PE files with insecure
permissions to c drive granting change (C) permissions to the authenticated
user group. Standard users can rename the…

Read More

Backdoor.Win32.Kilo.016 / Denial of Service (UDP Datagram)

Read Time:21 Second

Posted by malvuln on Apr 14

Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/9ede6951ea527f96a785c5e32b5079e6.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Kilo.016
Vulnerability: Denial of Service (UDP Datagram)
Description: The malware listens on TCP ports 6712, 6713, 6714, 6715, 7722,
15206, 15207, 16712 and UDP 6666. Attackers who can reach an infected host
can send a large payload…

Read More

Backdoor.Win32.NinjaSpy.c / Authentication Bypass

Read Time:20 Second

Posted by malvuln on Apr 14

Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/9f39606d9e19771af5acc6811ccf557f.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.NinjaSpy.c
Vulnerability: Authentication Bypass
Description: The malware listens on TCP ports 2003, 2004 and drops a PE
file named “cmd.dll” under Windows dir. Connecting to port 2003, you will
get back a number…

Read More

Backdoor.Win32.NetSpy.10 / Unauthenticated Remote Command Execution

Read Time:20 Second

Posted by malvuln on Apr 14

Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/45d413b46f1d14a45e8fd36921813d62.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.NetSpy.10
Vulnerability: Unauthenticated Remote Command Execution
Description: The malware listens on TCP port 7306. Attackers who can reach
infected hosts can run commands made available by the backdoor. Sending
commands using Ncat…

Read More

Backdoor.Win32.NetCat32.10 / Unauthenticated Remote Command Execution

Read Time:19 Second

Posted by malvuln on Apr 14

Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/dcf16aed5ad4e0058a6cfcc7593dd9e3.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.NetCat32.10
Vulnerability: Unauthenticated Remote Command Execution
Description: The malware listens on TCP port 6666. Attackers who can reach
infected systems can run commands made available by the backdoor using
TELNET.
Family:…

Read More

HackTool.Win32.IpcScan.c / Local Stack Buffer Overflow

Read Time:19 Second

Posted by malvuln on Apr 14

Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/8f44374d587eb1657d25da9628cb2b87.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: HackTool.Win32.IpcScan.c
Vulnerability: Local Stack Buffer Overflow
Description: Loading a specially crafted PE file will cause a stack buffer
overflow overwriting the ECX and EIP registers.
Family: IpcScan
Type: PE32
MD5:…

Read More

Backdoor.Win32.Psychward.03.a / Weak Hardcoded Password

Read Time:19 Second

Posted by malvuln on Apr 14

Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/d069738f18957117367b8a79195a6a96.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Psychward.03.a
Vulnerability: Weak Hardcoded Password
Description: The malware listens in TCP port 69. The password “tyme” is
weak and stored in plaintext with the executable.
Family: Psychward
Type: PE32
MD5:…

Read More

Backdoor.Win32.Prorat.cwx / Insecure Permissions

Read Time:19 Second

Posted by malvuln on Apr 14

Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/2d81bf2c55c81778533b55fb444d4dc6.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Prorat.cwx
Vulnerability: Insecure Permissions
Description: The malware writes a “.EXE” file with insecure permissions to
c drive granting change (C) permissions to the authenticated user group.
Standard users can rename…

Read More