Worm.Win32.Delf.hu malware suffers from an insecure permissions vulnerability.
4de532f07b14fcfbf215acdf872f2351Worm.Win32.Busan.k malware suffers from an insecure transit vulnerability.
754b5fcaa70daf8bda8786f1be2b3068IM-Worm.Win32.Bropia.aa malware suffers from an insecure permissions vulnerability.
695f9acb229dede25734a9ad77cdd57bIRC-Worm.Win32.Silentium.a malware suffers from an insecure permissions vulnerability.
ea86c34c522a2e91ed94255670b2b1a8IRC-Worm.Win32.Jane.a malware suffers from bypass and man-in-the-middle vulnerabilities.
90701fec5ba325d00d5cda1bc06ea330IRC-Worm.Win32.Jane.a malware suffers from bypass and code execution vulnerabilities.
bc5fafa0d28f3f6af4f4c0b4f3234792Worm.Win32.Ngrbot.acno malware suffers from an insecure permissions vulnerability.
b1fa08112e7ed4c8429cd2487b58add7Worm.Win32.Recyl.dp malware suffers from an insecure permissions vulnerability.
2f1b36b68f5c41439b070966e75854b6Worm.Win32.Ngrbot.abpr malware suffers from an insecure permissions vulnerability.
659134a5a1759b9458935738d7e5ca0eWorm.Win32.Detnat.c malware suffers from an insecure permissions vulnerability.
1cdc3c79c3abffd54884f2e0b259214aEmail-Worm.Win32.Sircam.eb malware suffers from an insecure permissions vulnerability.
549ef90768d393736c83930a680b5f5bEmail-Worm.Win32.Agent.gi malware suffers from a remote stack buffer overflow vulnerability.
4cd0dcc841eb9464b95eea555c050501Email-Worm.Win32.Zhelatin.ago malware suffers from a remote stack buffer overflow vulnerability.
8bd0a581f8bc5944d334d3e2733b636fThis Metasploit module exploits sendmail's well-known historical debug mode to escape to a shell and execute commands in the SMTP RCPT TO command. This vulnerability was exploited by the Morris worm in 1988-11-02. Cliff Stoll reports on the worm in the epilogue of The Cuckoo's Egg. Currently only cmd/unix/reverse and cmd/unix/generic are supported.
916044331d126eab8e387612884dc927This Metasploit module exploits a stack buffer overflow in fingerd on 4.3BSD. This vulnerability was exploited by the Morris worm in 1988-11-02. Cliff Stoll reports on the worm in the epilogue of The Cuckoo's Egg.
ed1eb77912bc6cc0c8fcd9813c7bc2b6This Metasploit module exploits a command injection vulnerability on WiFi Pineapples versions 2.0 and below and pineapple versions prior to 2.4. We use a combination of default credentials with a weakness in the anti-csrf generation to achieve command injection on fresh pineapple devices prior to configuration. Additionally if default credentials fail, you can enable a brute force solver for the proof-of-ownership challenge. This will reset the password to a known password if successful and may interrupt the user experience. These devices may typically be identified by their SSID beacons of 'Pineapple5_....'; details derived from the TospoVirus, a WiFi Pineapple infecting worm.
6decdeddc87bc1b4e2eab5e2ce78b412Whitepaper that discusses types of computer worms and how metamorphic worms differ from the rest.
4ae6e561c0c9dbfec13ce2965d4d8a49Some Linksys E-Series Routers are vulnerable to an unauthenticated OS command injection. This vulnerability was used from the so called "TheMoon" worm. There are many Linksys systems that might be vulnerable including E4200, E3200, E3000, E2500, E2100L, E2000, E1550, E1500, E1200, E1000, E900. This Metasploit module was tested successfully against an E1500 v1.0.5.
efd9a1fb2aa6013c587f6a0d62ca6b44Proof of concept exploit used by the recent Linksys worm (known as "Moon"). Exploits blind command injection in tmUnblock.cgi.
98029f878e6fe6748f2a3f31170306c5Linksys E-Series unauthenticated remote command execution exploit that leverages the same vulnerability as used in the "Moon" worm.
e5e8a82bab2ad32c6f6fbad03561fa32Whitepaper called To Kill a Centrifuge - A Technical Analysis of What Stuxnet's Creators Tried to Achieve.
378b0d6b52e08452f849a30292b24badWormtrack is a network IDS that helps detect scanning worms on a local area network by monitoring anomalous ARP traffic. This allows detection of scanning threats on the network, without having privileged access on a switch to set up a dedicated monitor port, nor does it require a constant updating of the rules engine to address new threats.
82df762231b40c0bacfb4861cb2b105cPHP-Nuke versions 7.0, 8.1 and 8.1.35 wormable remote code execution exploit.
eb272c6ff1c00e0c3cdc8c49150c4be4This Metasploit module exploits a format string vulnerability in the LPRng print server. This vulnerability was discovered by Chris Evans. There was a publicly circulating worm targeting this vulnerability, which prompted RedHat to pull their 7.0 release. They consequently re-released it as "7.0-respin".
6d35b4aae06d6486bf87ed8f10cfbfb4This Metasploit module exploits the FTP server component of the Sasser worm. By sending an overly long PORT command the stack can be overwritten.
d43c04ad521b75f49917fecff05e6333
© 2020 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed