Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/aa703bc17e3177d3b24a57c5d2a91a0c.txt
Contact: malvul...@gmail.com
Media: twitter.com/malvuln
Threat: Email-Worm.Win32.Kipis.a
Vulnerability: Unauthenticated Remote Code Execution
Description: The
# Trovent Security Advisory 2105-01 #
#
Unencrypted cleartext transmission of sensitive information
###
Overview
Advisory ID: TRSA-2105-01
Advisory version: 1.0
Advisory status: Public
Advisory ID: SYSS-2021-007
Product: Protectimus SLIM NFC
Manufacturer: Protectimus
Affected Version(s): Hardware Scheme 70 / Software Version 10.01
Tested Version(s): Hardware Scheme 70 / Software Version 10.01
Vulnerability Type: External Control of System or Configuration Setting
(CWE-15)
Hello KJ Jung,
neither of the mails you sent contain bugs.
The kernel code is sound and the vulnerabilities you reported don't seem
to exist.
In your first mail (popo:: linux kernel vulns of it),
you point out a flaw in bond_do_ioctl() and bond_set_dev_addr().
// [4]:: x90:
Hi,
wt., 15 cze 2021 o 09:56 KJ Jung napisał(a):
>
> Linux kernel 5.4 version.
> latest.
>
> __tun_chr_ioctl function of ~/drivers/net/tun.c has a stack buffer
> overflow vulnerability. it get's arg, ifreq_len, and copy the arg(argp)
> to ifr(ifreq struct) and this steps are no bounds-checking.
Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/57ab194d8c60ee97914eda22e4d71b68.txt
Contact: malvul...@gmail.com
Media: twitter.com/malvuln
Threat: Trojan.Win32.Alien.erf
Vulnerability: Remote Denial of Service
Description: The malware deploys a
Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/57ab194d8c60ee97914eda22e4d71b68_B.txt
Contact: malvul...@gmail.com
Media: twitter.com/malvuln
Threat: Trojan.Win32.Alien.erf
Vulnerability: Remote Stack Buffer Overflow
Description: The malware
Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/57ab194d8c60ee97914eda22e4d71b68_C.txt
Contact: malvul...@gmail.com
Media: twitter.com/malvuln
Threat: Trojan.Win32.Alien.erf
Vulnerability: Directory Traversal
Description: The malware deploys a Web
Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/4a8d6bc838c09c6701abfa8b283fd0de.txt
Contact: malvul...@gmail.com
Media: twitter.com/malvuln
Threat: Trojan-Dropper.Win32.Googite.b
Vulnerability: Unauthenticated Remote Command Execution