Trojan.Win32.Agent.hsm malware suffers from an insecure permissions vulnerability.
30fdf081c36736d3966de00b316db172Trojan.Win32.Bayrob.dtrg malware suffers from an insecure permissions vulnerability.
54c14723e1fed89a332e168edb0e7669Trojan-Dropper.Win32.Agent.bjtzcp malware suffers from an insecure permissions vulnerability.
ebf9feb12cbe5962ffa0a0a27208784fTrojan.Win32.NanoBot.onh malware suffers from an insecure permissions vulnerability.
547ee0ff71365297633d647614914aa7Trojan.Win32.Agentb.iofv malware suffers from an insecure permissions vulnerability.
f1d4908479b404b3600bb16933d6ba56Constructor.Win32.Bifrose.ag malware suffers from a buffer overflow vulnerability.
f1b3cba306d54f145af794310ff025d8HEUR.Backdoor.Win32.Generic malware suffers from a file download vulnerability.
73572e5b52ad07bd6ecfb252e08b4409Backdoor.Win32.Zombam.h malware suffers from a buffer overflow vulnerability.
308161972b359f1869950d7c71eb27e6HEUR.Hoax.Win32.FrauDrop.gen malware suffers from an insecure permissions vulnerability.
50c66b4d86576b7c155504ec687423d1Trojan.Win32.Agent.zfgh malware suffers from an insecure permissions vulnerability.
3b8d24907908e6336805de66cf3aa2f4Trojan.Win32.Jorik.qje malware suffers from an insecure permissions vulnerability.
faf5ffe170a3559624827f291850035fBackdoor.Win32.Small.n malware suffers from a code execution vulnerability.
1b9db765839e5999dd6ecce295dba951Backdoor.Win32.Hupigon.das malware has an unauthenticated open proxy functionality.
dca81b54259f4bc36685caef3c46225fTrojan.Win32.Hotkeychick.d malware suffers from an insecure permissions vulnerability.
33cfa40e079f57bf298edf55988d7d49Trojan-Downloader.Win32.Genome.qiw malware suffers from an insecure permissions vulnerability.
00a3fd2fe45a56e989c84555bf89a8e4Trojan-Downloader.Win32.Genome.omht malware suffers from an insecure permissions vulnerability.
b5b150be07257ed121639fd339c02bdbTrojan.Win32.Hosts2.yqf malware suffers from an insecure permissions vulnerability.
6677ad9aed6d61f51559c907ef77ad19This Metasploit module leverages an insecure setting to get remote code execution on the target OS in the context of the user running Gogs. This is possible when the current user is allowed to create git hooks, which is the default for administrative users. For non-administrative users, the permission needs to be specifically granted by an administrator. To achieve code execution, the module authenticates to the Gogs web interface, creates a temporary repository, sets a post-receive git hook with the payload and creates a dummy file in the repository. This last action will trigger the git hook and execute the payload. Everything is done through the web interface. No mitigation has been implemented so far (latest stable version is 0.12.3). This module has been tested successfully against version 0.12.3 on docker. Windows version could not be tested since the git hook feature seems to be broken.
b94ad9d4b20219eb61069ef797cbb9b2This Metasploit module leverages an insecure setting to get remote code execution on the target OS in the context of the user running Gitea. This is possible when the current user is allowed to create git hooks, which is the default for administrative users. For non-administrative users, the permission needs to be specifically granted by an administrator. To achieve code execution, the module authenticates to the Gitea web interface, creates a temporary repository, sets a post-receive git hook with the payload and creates a dummy file in the repository. This last action will trigger the git hook and execute the payload. Everything is done through the web interface. It has been mitigated in version 1.13.0 by setting the Gitea DISABLE_GIT_HOOKS configuration setting to true by default. This disables this feature and prevents all users (including admin) from creating custom git hooks. This module has been tested successfully against docker versions 1.12.5, 1.12.6 and 1.13.6 with DISABLE_GIT_HOOKS set to false, and on version 1.12.6 on Windows.
4cb5b6740800ce4b96147b406421ff7bTrojan-Downloader.Win32.FraudLoad.xevn malware suffers from an insecure permissions vulnerability.
8e38e07fb499f06e5b4268dbde4b8550Trojan.Win32.Sharer.h malware suffers from buffer overflow, denial of service, and heap corruption vulnerabilities.
46c6973ce9b92bed3583a9cf27f2d773Trojan.Win32.Sharer.h malware suffers from a man-in-the-middle vulnerability.
83fe4146a16b89a3f4b591f7695bc9bcTrojan.Win32.Sharer.h malware suffers from a code execution vulnerability.
d8fb18a00a1ee2f640bfeb75ecd05e69Trojan-Downloader.Win32.Delf.nzg malware suffers from an insecure permissions vulnerability.
09e6aa20c92b7757559ef3daea189a74Trojan-Downloader.Win32.Delf.ur malware suffers from an insecure permissions vulnerability.
e1da1de5da0338ac90ada65bf44cb4b9
© 2020 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed