FreshRSS

๐Ÿ”’
โ–ณ ๐Ÿ”ƒ
โ˜ โ˜† โœ‡ Full Disclosure

Backdoor.Win32.Guptachar.20 / Insecure Credential Storage

August 9th 2022 at 03:42

Posted by malvuln on Aug 08

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/857999d2306f257b80d1b8f6a51ae8b0.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Guptachar.20
Vulnerability: Insecure Credential Storage
Description: The malware runs a web server on TCP port 2015 (default) and
uses BASIC authentication. The credentials "hacker01:imchampgr8" get stored
in a...
โ˜ โ˜† โœ‡ Full Disclosure

Backdoor.Win32.Jokerdoor / Remote Stack Buffer Overflow

August 5th 2022 at 04:15

Posted by malvuln on Aug 04

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/783a191e7944e1af84ec0fa96d933f30.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Jokerdoor
Vulnerability: Remote Stack Buffer Overflow
Description: The malware listens on TCP port 27374. Attackers who can reach
an infected system can send a large payload and trigger a classic stack
buffer overflow...
โ˜ โ˜† โœ‡ Full Disclosure

Backdoor.Win32.Bushtrommel.122 / Authentication Bypass

August 5th 2022 at 04:15

Posted by malvuln on Aug 04

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/76c09bc82984c7f7ef55eb13018e0d87.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Bushtrommel.122
Vulnerability: Authentication Bypass
Description: The malware listens on TCP port 31745 runs an ftp server on
port 1030. Attackers who can reach infected systems can logon using any
username/password...
โ˜ โ˜† โœ‡ Full Disclosure

Backdoor.Win32.Bushtrommel.122 / Unauthenticated Remote Command Execution

August 5th 2022 at 04:15

Posted by malvuln on Aug 04

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/76c09bc82984c7f7ef55eb13018e0d87_B.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Bushtrommel.122
Vulnerability: Unauthenticated Remote Command Execution
Description: The malware listens on TCP port 31745 and 1030. Adversaries
who can reach infected hosts can run commands made available by the...
โŒ