Category Archives: Advisories

Advisories

rsh-0.17-94.el8

Read Time:6 Second

FEDORA-EPEL-2022-85bd5fc48f

Packages in this update:

rsh-0.17-94.el8

Update description:

Security fix for CVE-2019-7282

Read More

Advisories

[CFP-ESORICS 2022]: 27th European Symposium on Research in Computer Security (ESORICS) 2022

Read Time:16 Second

Posted by CFP – ESORICS 2022 on Mar 20

[Apologies for cross-posting]

————————————————————————–
C a l l F o r P a p e r s

27th European Symposium on Research in Computer Security (ESORICS) 2022
26-30 September 2022, Copenhagen, Denmark
URL: https://esorics2022.compute.dtu.dk/#
————————————————————————–

===================
CONFERENCE OUTLINE:
===================

We are looking…

Read More

Advisories

BuilderRevengeRAT – (Revenge-RAT v0.3) / XML External Entity Injection

Read Time:21 Second

Posted by malvuln on Mar 20

Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/531d8b4ac8f7eb827d62424169321b2b.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: BuilderRevengeRAT – (Revenge-RAT v0.3)
Vulnerability: XML External Entity Injection
Description: The malware listens on TCP port 333. There is a Config.xml
file used by the RAT builder to specify port, notification, webcam etc. The
XML parser used…

Read More

Advisories

BuilderTorCTPHPRAT.b / Remote Persistent XSS

Read Time:17 Second

Posted by malvuln on Mar 20

Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/838f67d7a4b6824ec59892057aab3bb7_C.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: BuilderTorCTPHPRAT.b
Vulnerability: Remote Persistent XSS
Family: TorCTPHPRAT
Type: WebUI
MD5: 838f67d7a4b6824ec59892057aab3bb7 (Webremote TorCT Client.exe)
MD5: dc40fa699cfce01802213dbbd0cbe37e (SlaveOnline.php)
Vuln ID: MVID-2022-0520…

Read More

Advisories

BuilderTorCTPHPRAT.b / Arbitrary File Upload – RCE

Read Time:17 Second

Posted by malvuln on Mar 20

Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/838f67d7a4b6824ec59892057aab3bb7_B.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: BuilderTorCTPHPRAT.b
Vulnerability: Arbitrary File Upload – RCE
Family: TorCTPHPRAT
Type: WebUI
MD5: 838f67d7a4b6824ec59892057aab3bb7 (Webremote TorCT Client.exe)
MD5: b54822058a3ed33c673d06113b453ebe (upload.php)
Vuln ID: MVID-2022-0519…

Read More

Advisories

BuilderTorCTPHPRAT.b / Insecure Credential Storage

Read Time:18 Second

Posted by malvuln on Mar 20

Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/838f67d7a4b6824ec59892057aab3bb7.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: BuilderTorCTPHPRAT.b
Vulnerability: Insecure Credential Storage
Description: The default password for the TorCT client malwares web-panel
is “ww” and is stored in cleartext within the “password.php” file.
Family: TorCTPHPRAT…

Read More