Category Archives: Advisories

logiops-0.3.5-1.fc39

Read Time:14 Second

FEDORA-2024-69ce052378

Packages in this update:

logiops-0.3.5-1.fc39

Update description:

Fixes CVE-2024-45752: A vulnerability that allows users to remap keys arbitrarily. This allows all users on the system to remap a key unexpectedly to a potentially malicious sequence

Read More

logiops-0.3.5-1.fc40

Read Time:14 Second

FEDORA-2024-326390f033

Packages in this update:

logiops-0.3.5-1.fc40

Update description:

Fixes CVE-2024-45752: A vulnerability that allows users to remap keys arbitrarily. This allows all users on the system to remap a key unexpectedly to a potentially malicious sequence

Read More

logiops-0.3.5-1.fc41

Read Time:14 Second

FEDORA-2024-1a9b10c921

Packages in this update:

logiops-0.3.5-1.fc41

Update description:

Fixes CVE-2024-45752: A vulnerability that allows users to remap keys arbitrarily. This allows all users on the system to remap a key unexpectedly to a potentially malicious sequence

Read More

Backdoor.Win32.Benju.a / Unauthenticated Remote Command Execution

Read Time:16 Second

Posted by malvuln on Sep 28

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024
Original source:
https://malvuln.com/advisory/88922242e8805bfbc5981e55fdfadd71.txt
Contact: malvuln13 () gmail com
Media: x.com/malvuln

Threat: Backdoor.Win32.Benju.a
Vulnerability: Unauthenticated Remote Command Execution
Family: Benju
Type: PE32
MD5: 88922242e8805bfbc5981e55fdfadd71
SHA256: 7d34804173e09d0f378dfc8c9212fe77ff51f08c9d0b73d00a19b7045ddc1f0e
Vuln ID: MVID-2024-0700…

Read More

Backdoor.Win32.Prorat.jz / Remote Stack Buffer Overflow (SEH)

Read Time:21 Second

Posted by malvuln on Sep 28

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024
Original source:
https://malvuln.com/advisory/277f9a4db328476300c4da5f680902ea.txt
Contact: malvuln13 () gmail com
Media: x.com/malvuln

Threat: Backdoor.Win32.Prorat.jz
Vulnerability: Remote Stack Buffer Overflow (SEH)
Description: The RAT listens on TCP ports 51100,5112,5110 and runs an
FTP service. Prorat uses a vulnerable component in a secondary malware
it drops on the victim…

Read More

Backdoor.Win32.Amatu.a / Remote Arbitrary File Write (RCE)

Read Time:17 Second

Posted by malvuln on Sep 28

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024
Original source:
https://malvuln.com/advisory/1e2d0b90ffc23e00b743c41064bdcc6b.txt
Contact: malvuln13 () gmail com
Media: x.com/malvuln

Threat: Backdoor.Win32.Amatu.a
Vulnerability: Remote Arbitrary File Write (RCE)
Family: Amatu
Type: PE32
MD5: 1e2d0b90ffc23e00b743c41064bdcc6b
SHA256: 77fff9931013ab4de6d4be66ca4fda47be37b6f706a7062430ee8133c7521297
Vuln ID: MVID-2024-0698
Dropped…

Read More

Backdoor.Win32.Agent.pw / Remote Stack Buffer Overflow (SEH)

Read Time:20 Second

Posted by malvuln on Sep 28

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024
Original source:
https://malvuln.com/advisory/68dd7df213674e096d6ee255a7b90088.txt
Contact: malvuln13 () gmail com
Media: x.com/malvuln

Threat: Backdoor.Win32.Agent.pw
Vulnerability: Remote Stack Buffer Overflow (SEH)
Description: The malware listens on TCP port 21111. Third-party
attackers who can reach an infected machine can send specially crafted
sequential packetz triggering a…

Read More

Backdoor.Win32.Boiling / Remote Command Execution

Read Time:20 Second

Posted by malvuln on Sep 28

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024
Original source:
https://malvuln.com/advisory/80cb490e5d3c4205434850eff6ef5f8f.txt
Contact: malvuln13 () gmail com
Media: x.com/malvuln

Threat: Backdoor.Win32.Boiling
Vulnerability: Unauthenticated Remote Command Execution
Description: The malware listens on TCP port 4369. Third party
adversaries who can reach an infected host, can issue single OS
commands to takeover the system…

Read More