Posted by malvuln on Sep 05
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024
Original source:
https://malvuln.com/advisory/4dc39c05bcc93e600dd8de16f2f7c599.txt
Contact: malvuln13 () gmail com
Media: x.com/malvuln
Threat: Backdoor.Win32.JustJoke.21 (BackDoor Pro – v2.0b4)
Vulnerability: Unauthenticated Remote Command Execution
Family: JustJoke
Type: PE32
MD5: 4dc39c05bcc93e600dd8de16f2f7c599
SHA256:…
Posted by malvuln on Sep 05
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024
Original source:
https://malvuln.com/advisory/b0748f1c1a17bad44dc9bd750fc97547.txt
Contact: malvuln13 () gmail com
Media: x.com/malvuln
Threat: Backdoor.Win32.PoisonIvy.ymw
Vulnerability: Insecure Credential Storage
Family: PoisonIvy
Type: PE32
MD5: b0748f1c1a17bad44dc9bd750fc97547
SHA256: 060c15f401ce4d38d70e7f60aabe31c81935d2c261e350c0ea34387886d48920
Vuln ID: MVID-2024-0688…
Posted by Matthias Deeg via Fulldisclosure on Sep 05
Advisory ID: SYSS-2024-024
Product: C-MOR Video Surveillance
Manufacturer: za-internet GmbH
Affected Version(s): 5.2401
Tested Version(s): 5.2401
Vulnerability Type: Improper Access Control (CWE-284)
Risk Level: High
Solution Status: Fixed
Manufacturer Notification: 2024-04-05
Solution Date: 2024-07-31
Public Disclosure: 2024-09-04
CVE…
Posted by Matthias Deeg via Fulldisclosure on Sep 05
Advisory ID: SYSS-2024-023
Product: C-MOR Video Surveillance
Manufacturer: za-internet GmbH
Affected Version(s): 5.2401, 6.00PL01
Tested Version(s): 5.2401, 6.00PL01
Vulnerability Type: SQL Injection (CWE-89)
Risk Level: High
Solution Status: Open
Manufacturer Notification: 2024-04-05
Solution Date: –
Public Disclosure: 2024-09-04
CVE…
Posted by Matthias Deeg via Fulldisclosure on Sep 05
Advisory ID: SYSS-2024-020
Product: C-MOR Video Surveillance
Manufacturer: za-internet GmbH
Affected Version(s): 5.2401
Tested Version(s): 5.2401
Vulnerability Type: Reflected Cross-Site Scripting (CWE-79)
Risk Level: Medium
Solution Status: Fixed
Manufacturer Notification: 2024-04-05
Solution Date: 2024-07-31
Public Disclosure:…
Posted by Asterisk Development Team via Fulldisclosure on Sep 05
The Asterisk Development Team would like to announce security release
Certified Asterisk 20.7-cert3.
The release artifacts are available for immediate download at
https://github.com/asterisk/asterisk/releases/tag/certified-20.7-cert3
and
https://downloads.asterisk.org/pub/telephony/certified-asterisk
Repository: https://github.com/asterisk/asterisk
Tag: certified-20.7-cert3
## Change Log for Release asterisk-certified-20.7-cert3
###…
Posted by Asterisk Development Team via Fulldisclosure on Sep 05
The Asterisk Development Team would like to announce security release
Certified Asterisk 18.9-cert12.
The release artifacts are available for immediate download at
https://github.com/asterisk/asterisk/releases/tag/certified-18.9-cert12
and
https://downloads.asterisk.org/pub/telephony/certified-asterisk
Repository: https://github.com/asterisk/asterisk
Tag: certified-18.9-cert12
## Change Log for Release asterisk-certified-18.9-cert12
###…
Posted by Asterisk Development Team via Fulldisclosure on Sep 05
The Asterisk Development Team would like to announce security release
Asterisk 21.4.3.
The release artifacts are available for immediate download at
https://github.com/asterisk/asterisk/releases/tag/21.4.3
and
https://downloads.asterisk.org/pub/telephony/asterisk
Repository: https://github.com/asterisk/asterisk
Tag: 21.4.3
## Change Log for Release asterisk-21.4.3
### Links:
– [Full ChangeLog](…
Posted by Asterisk Development Team via Fulldisclosure on Sep 05
The Asterisk Development Team would like to announce security release
Asterisk 20.9.3.
The release artifacts are available for immediate download at
https://github.com/asterisk/asterisk/releases/tag/20.9.3
and
https://downloads.asterisk.org/pub/telephony/asterisk
Repository: https://github.com/asterisk/asterisk
Tag: 20.9.3
## Change Log for Release asterisk-20.9.3
### Links:
– [Full ChangeLog](…
Posted by Asterisk Development Team via Fulldisclosure on Sep 05
The Asterisk Development Team would like to announce security release
Asterisk 18.24.3.
The release artifacts are available for immediate download at
https://github.com/asterisk/asterisk/releases/tag/18.24.3
and
https://downloads.asterisk.org/pub/telephony/asterisk
Repository: https://github.com/asterisk/asterisk
Tag: 18.24.3
## Change Log for Release asterisk-18.24.3
### Links:
– [Full ChangeLog](…
