FEDORA-2024-ef9db8b16d
Packages in this update:
perl-App-cpanminus-1.7047-5.fc41
Update description:
Patch the code to use https instead of http (CVE-2024-45321)
perl-App-cpanminus-1.7047-5.fc41
Patch the code to use https instead of http (CVE-2024-45321)
logiops-0.3.5-1.fc39
Fixes CVE-2024-45752: A vulnerability that allows users to remap keys arbitrarily. This allows all users on the system to remap a key unexpectedly to a potentially malicious sequence
logiops-0.3.5-1.fc40
Fixes CVE-2024-45752: A vulnerability that allows users to remap keys arbitrarily. This allows all users on the system to remap a key unexpectedly to a potentially malicious sequence
logiops-0.3.5-1.fc41
Fixes CVE-2024-45752: A vulnerability that allows users to remap keys arbitrarily. This allows all users on the system to remap a key unexpectedly to a potentially malicious sequence
Posted by malvuln on Sep 28
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024
Original source:
https://malvuln.com/advisory/88922242e8805bfbc5981e55fdfadd71.txt
Contact: malvuln13 () gmail com
Media: x.com/malvuln
Threat: Backdoor.Win32.Benju.a
Vulnerability: Unauthenticated Remote Command Execution
Family: Benju
Type: PE32
MD5: 88922242e8805bfbc5981e55fdfadd71
SHA256: 7d34804173e09d0f378dfc8c9212fe77ff51f08c9d0b73d00a19b7045ddc1f0e
Vuln ID: MVID-2024-0700…
Posted by malvuln on Sep 28
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024
Original source:
https://malvuln.com/advisory/277f9a4db328476300c4da5f680902ea.txt
Contact: malvuln13 () gmail com
Media: x.com/malvuln
Threat: Backdoor.Win32.Prorat.jz
Vulnerability: Remote Stack Buffer Overflow (SEH)
Description: The RAT listens on TCP ports 51100,5112,5110 and runs an
FTP service. Prorat uses a vulnerable component in a secondary malware
it drops on the victim…
Posted by malvuln on Sep 28
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024
Original source:
https://malvuln.com/advisory/1e2d0b90ffc23e00b743c41064bdcc6b.txt
Contact: malvuln13 () gmail com
Media: x.com/malvuln
Threat: Backdoor.Win32.Amatu.a
Vulnerability: Remote Arbitrary File Write (RCE)
Family: Amatu
Type: PE32
MD5: 1e2d0b90ffc23e00b743c41064bdcc6b
SHA256: 77fff9931013ab4de6d4be66ca4fda47be37b6f706a7062430ee8133c7521297
Vuln ID: MVID-2024-0698
Dropped…
Posted by malvuln on Sep 28
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024
Original source:
https://malvuln.com/advisory/68dd7df213674e096d6ee255a7b90088.txt
Contact: malvuln13 () gmail com
Media: x.com/malvuln
Threat: Backdoor.Win32.Agent.pw
Vulnerability: Remote Stack Buffer Overflow (SEH)
Description: The malware listens on TCP port 21111. Third-party
attackers who can reach an infected machine can send specially crafted
sequential packetz triggering a…
Posted by malvuln on Sep 28
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024
Original source:
https://malvuln.com/advisory/80cb490e5d3c4205434850eff6ef5f8f.txt
Contact: malvuln13 () gmail com
Media: x.com/malvuln
Threat: Backdoor.Win32.Boiling
Vulnerability: Unauthenticated Remote Command Execution
Description: The malware listens on TCP port 4369. Third party
adversaries who can reach an infected host, can issue single OS
commands to takeover the system…
Posted by Stefan Kanthak on Sep 28
Hi @ll,
<https://cwe.mitre.org/data/definitions/73.html>
CWE-73: External Control of File Name or Path
is a well-known and well-documented weakness.
<https://seclists.org/fulldisclosure/2020/Mar/48> as well as
<https://skanthak.homepage.t-online.de/offender.html> demonstrate how to
(ab)use just one instance of this weakness (introduced about 7 years ago
with Microsoft Defender, so-called “security software”) due to…