It was discovered that Bash did not properly drop privileges
when the binary had the setuid bit enabled. An attacker could
possibly use this issue to escalate privileges.
Category Archives: Advisories
libinput-1.20.1-1.fc36
FEDORA-2022-998f810306
Packages in this update:
libinput-1.20.1-1.fc36
Update description:
libinput 1.20.1, fixes a format string vulnerability (CVE-2022-1215)
libinput-1.19.4-1.fc35
FEDORA-2022-8d7a412c72
Packages in this update:
libinput-1.19.4-1.fc35
Update description:
libinput 1.19.4, fixes CVE-2022-1215 with a format string vulnerability
libinput-1.19.4-1.fc34
FEDORA-2022-63de6726ce
Packages in this update:
libinput-1.19.4-1.fc34
Update description:
libinput 1.19.4, fixes CVE-2022-1215 with a format string vulnerability
Oracle Critical Patch Update Advisory – April 2022
[R1] Tenable.sc 5.21.0 Fixes Fix Multiple Third-Party Vulnerabilities
Out of caution, and in line with best practice, Tenable has upgraded the bundled components to address the potential impact of these issues. Tenable.sc 5.21.0 updates the following components to address the identified vulnerabilities:
jQuery UI upgraded from 1.12.0 to 1.13.1
MomentJS upgraded from 2.29.1 to 2.29.2
Backdoor.Win32.GateHell.21 / Port Bounce Scan
Posted by malvuln on Apr 18
Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/5aa81ddc996be64116754efac0e4f55d_B.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.GateHell.21
Vulnerability: Port Bounce Scan
Description: The malware runs an FTP server on TCP ports
5301,5432,5300,5299,5298,5297,5296 and 5295. Third-party adversaries who
successfully logon can abuse the backdoor FTP server as…
Backdoor.Win32.GateHell.21 / Authentication Bypass
Posted by malvuln on Apr 18
Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/5aa81ddc996be64116754efac0e4f55d.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.GateHell.21
Vulnerability: Authentication Bypass
Description: The malware runs an FTP server on TCP ports
5301,5432,5300,5299,5298,5297,5296 and 5295. Third-party attackers who can
reach infected systems can logon using any…
Backdoor.Win32.Delf.zn / Insecure Credential Storage
Posted by malvuln on Apr 18
Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/9acdbfc9f7c1f6e589485b30aa91bfd2.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.Delf.zn
Vulnerability: Insecure Credential Storage
Description: The default credentials for the backdoor are stored in
cleartext within the “Firefly.ini” file.
Family: Delf
Type: PE32
MD5: 9acdbfc9f7c1f6e589485b30aa91bfd2…
Backdoor.Win32.Psychward.03.a / Weak Hardcoded Password
Posted by malvuln on Apr 18
Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/4b9a42ca1e65cf0a7febbe18f397ef24.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.Psychward.03.a
Vulnerability: Weak Hardcoded Password
Description: The malware listens on TCP port 13013. Authentication is
required, however the password “m4sturb4t10n” is weak and hardcoded in
cleartext within the PE…