Category Archives: Advisories

Backdoor.Win32.Wollf.h / Unauthenticated Remote Command Execution

Read Time:20 Second

Posted by malvuln on Apr 07

Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/867c6b432ccd4aa51adc5e2722a4b144.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Wollf.h
Vulnerability: Unauthenticated Remote Command Execution
Description: The malware runs with SYSTEM integrity and listens on TCP
port 7614. Third-party adversaries who can reach an infected host can
run commands made available…

Read More

Backdoor.Win32.Delf.ps / Information Disclosure

Read Time:20 Second

Posted by malvuln on Apr 07

Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/cf3c08afa6c2d49ba36ed0f895893d71.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Delf.ps
Vulnerability: Information Disclosure
Description: The malware listens on TCP port 80. Third-party adversaries
who can reach an infected host can generate and download screenshots of the
systems desktop.
Family: Delf
Type:…

Read More

Backdoor.Win32.Jokerdoor / Weak Hardcoded Credentials

Read Time:18 Second

Posted by malvuln on Apr 07

Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/a6437375fff871dff97dc91c8fd6259f.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Jokerdoor
Vulnerability: Weak Hardcoded Credentials
Family: Jokerdoor
Type: PE32
MD5: a6437375fff871dff97dc91c8fd6259f
Vuln ID: MVID-2022-0531
Dropped files: Random name “awup.exe”
Disclosure: 04/02/2022
Description: The…

Read More

Backdoor.Win32.Wollf.h / Unauthenticated Remote Command Execution

Read Time:20 Second

Posted by malvuln on Apr 07

Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/867c6b432ccd4aa51adc5e2722a4b144.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Wollf.h
Vulnerability: Unauthenticated Remote Command Execution
Description: The malware runs with SYSTEM integrity and listens on TCP port
7614. Third-party adversaries who can reach an infected host can run
commands made available…

Read More

Multiple Vulnerabilities in Reprise License Manager 14.2

Read Time:12 Second

Posted by Gionathan Reale via Fulldisclosure on Apr 07

Multiple Vulnerabilities in Reprise License Manager 14.2

Credit: Giulia Melotti Garibaldi

//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////

# Product:  RLM 14.2
# Vendor:   Reprise Software
# CVE ID:   CVE-2022-28363
# Vulnerability Title: Reflected Cross-Site Scripting
# Severity: Medium
#…

Read More

xen-4.16.0-6.fc36

Read Time:21 Second

FEDORA-2022-fca60937b8

Packages in this update:

xen-4.16.0-6.fc36

Update description:

Racy interactions between dirty vram tracking and paging log dirty
hypercalls [XSA-397, CVE-2022-26356]
race in VT-d domain ID cleanup [XSA-399, CVE-2022-26357]
IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues [XSA-400,
CVE-2022-26358, CVE-2022-26359, CVE-2022-26360, CVE-2022-26361]

Read More

USN-5370-1: Firefox vulnerabilities

Read Time:38 Second

Multiple security issues were discovered in Firefox. If a user were
tricked into opening a specially crafted website, an attacker could
potentially exploit these to cause a denial of service, execute script
unexpectedly, obtain sensitive information, conduct spoofing attacks,
or execute arbitrary code. (CVE-2022-1097, CVE-2022-24713, CVE-2022-28281,
CVE-2022-28282, CVE-2022-28284, CVE-2022-28285, CVE-2022-28286,
CVE-2022-28288, CVE-2022-28289)

A security issue was discovered with the sourceMapURL feature of devtools.
An attacker could potentially exploit this to include local files that
should have been inaccessible. (CVE-2022-28283)

It was discovered that selecting text caused Firefox to crash in some
circumstances. An attacker could potentially exploit this to cause a
denial of service. (CVE-2022-28287)

Read More

libbson-1.3.5-7.el7

Read Time:17 Second

FEDORA-EPEL-2022-14d598751d

Packages in this update:

libbson-1.3.5-7.el7

Update description:

This release prevents from a memory corruption when dealing with a too large (larger than a half of a address space) JSON documents. The prevention results in terminating the offended process. The same meassure which libbson triggers on a memory exhaustion.

Read More