Category Archives: Advisories

Backdoor.Win32.Symmi.qua / Remote Stack Buffer Overflow (SEH)

Read Time:20 Second

Posted by malvuln on Sep 05

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024
Original source:
https://malvuln.com/advisory/6e81618678ddfee69342486f6b5ee780.txt
Contact: malvuln13 () gmail com
Media: x.com/malvuln

Threat: Backdoor.Win32.Symmi.qua
Vulnerability: Remote Stack Buffer Overflow (SEH)
Description: The malware listens on two random high TCP ports, when
connecting (ncat) one port will return a single character like “♣”
ord(a)…

Read More

HackTool.Win32.Freezer.br (WinSpy) / Insecure Credential Storage

Read Time:20 Second

Posted by malvuln on Sep 05

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024
Original source:
https://malvuln.com/advisory/2992129c565e025ebcb0bb6f80c77812.txt
Contact: malvuln13 () gmail com
Media: x.com/malvuln

Threat: HackTool.Win32.Freezer.br (WinSpy)
Vulnerability: Insecure Credential Storage
Description: The malware listens on TCP ports 443, 80 and provides a
web interface for remote access to victim information like screenshots
etc.The username…

Read More

Backdoor.Win32.Optix.02.b / Weak Hardcoded Credentials

Read Time:21 Second

Posted by malvuln on Sep 05

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024
Original source:
https://malvuln.com/advisory/706ddc06ebbdde43e4e97de4d5af3b19.txt
Contact: malvuln13 () gmail com
Media: x.com/malvuln

Threat: Backdoor.Win32.Optix.02.b
Vulnerability: Weak Hardcoded Credentials
Description: Optix listens on TCP port 5151 and is packed with ASPack
(2.11d). Unpacking is trivial set breakpoints on POPAD, RET, run and
dump using OllyDumpEx. The…

Read More

Backdoor.Win32.JustJoke.21 (BackDoor Pro) / Unauthenticated Remote Command Execution

Read Time:16 Second

Posted by malvuln on Sep 05

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024
Original source:
https://malvuln.com/advisory/4dc39c05bcc93e600dd8de16f2f7c599.txt
Contact: malvuln13 () gmail com
Media: x.com/malvuln

Threat: Backdoor.Win32.JustJoke.21 (BackDoor Pro – v2.0b4)
Vulnerability: Unauthenticated Remote Command Execution
Family: JustJoke
Type: PE32
MD5: 4dc39c05bcc93e600dd8de16f2f7c599
SHA256:…

Read More

Backdoor.Win32.PoisonIvy.ymw / Insecure Credential Storage

Read Time:16 Second

Posted by malvuln on Sep 05

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024
Original source:
https://malvuln.com/advisory/b0748f1c1a17bad44dc9bd750fc97547.txt
Contact: malvuln13 () gmail com
Media: x.com/malvuln

Threat: Backdoor.Win32.PoisonIvy.ymw
Vulnerability: Insecure Credential Storage
Family: PoisonIvy
Type: PE32
MD5: b0748f1c1a17bad44dc9bd750fc97547
SHA256: 060c15f401ce4d38d70e7f60aabe31c81935d2c261e350c0ea34387886d48920
Vuln ID: MVID-2024-0688…

Read More

[SYSS-2024-024]: C-MOR Video Surveillance – Improper Access Control (CWE-284)

Read Time:19 Second

Posted by Matthias Deeg via Fulldisclosure on Sep 05

Advisory ID: SYSS-2024-024
Product: C-MOR Video Surveillance
Manufacturer: za-internet GmbH
Affected Version(s): 5.2401
Tested Version(s): 5.2401
Vulnerability Type: Improper Access Control (CWE-284)
Risk Level: High
Solution Status: Fixed
Manufacturer Notification: 2024-04-05
Solution Date: 2024-07-31
Public Disclosure: 2024-09-04
CVE…

Read More

[SYSS-2024-023]: C-MOR Video Surveillance – SQL Injection (CWE-89)

Read Time:19 Second

Posted by Matthias Deeg via Fulldisclosure on Sep 05

Advisory ID: SYSS-2024-023
Product: C-MOR Video Surveillance
Manufacturer: za-internet GmbH
Affected Version(s): 5.2401, 6.00PL01
Tested Version(s): 5.2401, 6.00PL01
Vulnerability Type: SQL Injection (CWE-89)
Risk Level: High
Solution Status: Open
Manufacturer Notification: 2024-04-05
Solution Date: –
Public Disclosure: 2024-09-04
CVE…

Read More

[SYSS-2024-020]: C-MOR Video Surveillance – Reflected Cross-Site Scripting (CWE-79)

Read Time:18 Second

Posted by Matthias Deeg via Fulldisclosure on Sep 05

Advisory ID: SYSS-2024-020
Product: C-MOR Video Surveillance
Manufacturer: za-internet GmbH
Affected Version(s): 5.2401
Tested Version(s): 5.2401
Vulnerability Type: Reflected Cross-Site Scripting (CWE-79)
Risk Level: Medium
Solution Status: Fixed
Manufacturer Notification: 2024-04-05
Solution Date: 2024-07-31
Public Disclosure:…

Read More

Certified Asterisk Security Release certified-20.7-cert3

Read Time:22 Second

Posted by Asterisk Development Team via Fulldisclosure on Sep 05

The Asterisk Development Team would like to announce security release
Certified Asterisk 20.7-cert3.

The release artifacts are available for immediate download at
https://github.com/asterisk/asterisk/releases/tag/certified-20.7-cert3
and
https://downloads.asterisk.org/pub/telephony/certified-asterisk

Repository: https://github.com/asterisk/asterisk
Tag: certified-20.7-cert3

## Change Log for Release asterisk-certified-20.7-cert3

###…

Read More

Certified Asterisk Security Release certified-18.9-cert12

Read Time:22 Second

Posted by Asterisk Development Team via Fulldisclosure on Sep 05

The Asterisk Development Team would like to announce security release
Certified Asterisk 18.9-cert12.

The release artifacts are available for immediate download at
https://github.com/asterisk/asterisk/releases/tag/certified-18.9-cert12
and
https://downloads.asterisk.org/pub/telephony/certified-asterisk

Repository: https://github.com/asterisk/asterisk
Tag: certified-18.9-cert12

## Change Log for Release asterisk-certified-18.9-cert12

###…

Read More