FEDORA-2022-998f810306
Packages in this update:
libinput-1.20.1-1.fc36
Update description:
libinput 1.20.1, fixes a format string vulnerability (CVE-2022-1215)
libinput-1.20.1-1.fc36
libinput 1.20.1, fixes a format string vulnerability (CVE-2022-1215)
libinput-1.19.4-1.fc35
libinput 1.19.4, fixes CVE-2022-1215 with a format string vulnerability
libinput-1.19.4-1.fc34
libinput 1.19.4, fixes CVE-2022-1215 with a format string vulnerability
Out of caution, and in line with best practice, Tenable has upgraded the bundled components to address the potential impact of these issues. Tenable.sc 5.21.0 updates the following components to address the identified vulnerabilities:
jQuery UI upgraded from 1.12.0 to 1.13.1
MomentJS upgraded from 2.29.1 to 2.29.2
Posted by malvuln on Apr 18
Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/5aa81ddc996be64116754efac0e4f55d_B.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.GateHell.21
Vulnerability: Port Bounce Scan
Description: The malware runs an FTP server on TCP ports
5301,5432,5300,5299,5298,5297,5296 and 5295. Third-party adversaries who
successfully logon can abuse the backdoor FTP server as…
Posted by malvuln on Apr 18
Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/5aa81ddc996be64116754efac0e4f55d.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.GateHell.21
Vulnerability: Authentication Bypass
Description: The malware runs an FTP server on TCP ports
5301,5432,5300,5299,5298,5297,5296 and 5295. Third-party attackers who can
reach infected systems can logon using any…
Posted by malvuln on Apr 18
Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/9acdbfc9f7c1f6e589485b30aa91bfd2.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.Delf.zn
Vulnerability: Insecure Credential Storage
Description: The default credentials for the backdoor are stored in
cleartext within the “Firefly.ini” file.
Family: Delf
Type: PE32
MD5: 9acdbfc9f7c1f6e589485b30aa91bfd2…
Posted by malvuln on Apr 18
Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/4b9a42ca1e65cf0a7febbe18f397ef24.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.Psychward.03.a
Vulnerability: Weak Hardcoded Password
Description: The malware listens on TCP port 13013. Authentication is
required, however the password “m4sturb4t10n” is weak and hardcoded in
cleartext within the PE…
Posted by malvuln on Apr 18
Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/d9542df20f8df457747451dd9e16d1c0.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.Hupigon.haqj
Vulnerability: Insecure Service Path
Description: The malware creates a service with an unquoted path. Third
party attackers who can place an arbitrary executable under c: drive can
potentially undermine the integrity…