CVE-2018-1000072

iRedMail version prior to commit f04b8ef contains a Insecure Permissions vulnerability in Roundcube Webmail that can result in Exfiltrate a user's password protected secret GPG key file and other important configuration files.. This attack appear to be exploitable via network connectivity. This...

CVE-2017-16769

Exposure of private information vulnerability in Photo Viewer in Synology Photo Station 6.8.1-3458 allows remote attackers to obtain metadata from password-protected photographs via the map viewer mode...

Design/Logic Flaw

Exposure of private information vulnerability in Photo Viewer in Synology Photo Station 6.8.1-3458 allows remote attackers to obtain metadata from password-protected photographs via the map viewer mode...

SUSE SLES11 Security Update : unzip (SUSE-SU-2018:0465-1)

This update for unzip fixes the following issues : - CVE-2018-1000035: Fixed a heap-based buffer overflow in password protected ZIP archives bsc1080074 Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted ...

SUSE-SU-2018:0465-1 Security update for unzip

This update for unzip fixes the following issues: - CVE-2018-1000035: Fixed a heap-based buffer overflow in password protected ZIP archives bsc1080074...

InfoZip UnZip heap buffer overflow vulnerability (CNVD-2018-03770)

UnZip is a utility for extracting compressed files also known as "zipfiles" in .zip format. A heap buffer overflow vulnerability exists in InfoZip UnZip 6.00 and prior versions in the handling of password-protected archive files. An attacker could exploit this vulnerability to cause a denial of...

AZL-6941 CVE-2018-1000035 affecting package unzip for versions less than 6.0-19

A heap-based buffer overflow exists in Info-Zip UnZip version = 6.00 in the processing of password-protected archives that allows an attacker to perform a denial of service or to possibly achieve code execution...

CVE-2018-1000035

A heap-based buffer overflow exists in Info-Zip UnZip version = 6.00 in the processing of password-protected archives that allows an attacker to perform a denial of service or to possibly achieve code execution...

CVE-2018-1000022

Electrum Technologies GmbH Electrum Bitcoin Wallet version prior to version 3.0.5 contains a Missing Authorization vulnerability in JSONRPC interface that can result in Bitcoin theft, if the user's wallet is not password protected. This attack appear to be exploitable via The victim must visit a...

CVE-2018-1000035

A heap-based buffer overflow exists in Info-Zip UnZip version = 6.00 in the processing of password-protected archives that allows an attacker to perform a denial of service or to possibly achieve code execution...

InfoZip UnZip 6.00 / 6.1c22 Buffer Overflow

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple buffer overflow vulnerabilities product: InfoZip UnZip vulnerable version: UnZip = 6.00 / UnZip = 6.1c22 fixed version: 6.10c23 CVE number:...

Using legitimate tools to hide malicious code

The authors of malware use various techniques to circumvent defensive mechanisms and conceal harmful activity. One of them is the practice of hiding malicious code in the context of a trusted process. Typically, malware that uses concealment techniques injects its code into a system process, e.g...

Pwning the Dlink 850L routers and abusing the MyDlink Cloud protocol

Product Description Dlink is a multinational networking equipment manufacturing corporation. The Dlink 850L is a Wireless AC1200 Dual Band Gigabit "Cloud" Router. Mydlink Cloud Services allow you to access, view and control the devices on your home network from anywhere. Vulnerabilities Summary T...

Spam and phishing in Q2 2017

Spam: quarterly highlights Delivery service Trojans At the start of Q2 2017, we registered a wave of malicious mailings imitating notifications from well-known delivery services. Trojan downloaders were sent out in ZIP archives, and after being launched they downloaded other malware –...

Windows/x64 - Password Protected Bind Shellcode (825 bytes)

/ Title : Windows x64 Password Protected Bind Shell TCP shellcode size : 825 bytes Author : Roziul Hasan Khan Shifat Tested On : Windows 7 x64 professional Date : 01-01-2017 / / file format pe-x86-64 Disassembly of section .text: 0000000000000000 : 0: 99 cltd 1: b2 80 mov $0x80,%dl 3: 48 29 d4 su...

Windows x64 - Password Protected Bind Shellcode (825 bytes)

Windows x64 - Password Protected Bind Shellcode 825 bytes. Shellcode exploit for Winx86-64 platform / Title : Windows x64 Password Protected Bind Shell TCP shellcode size : 825 bytes Author : Roziul Hasan Khan Shifat Tested On : Windows 7 x64 professional Date : 01-01-2017 / / file format pe-x86-...

Windows/x86 - Password Protected TCP Bind Shell (637 bytes)

/ Title : Windows x86 password protected bind shell tcp shellcode Date : 12-09-2016 Author : Roziul Hasan Khan Shifat size : 637 bytes Tested On : Windows 7 ultimate x86 x64 Email : email protected / / Disassembly of section .text: 00000000 : 0: 99 cltd 1: 64 8b 42 30 mov %fs:0x30%edx,%eax 5: 8b ...

LocalTapiola: Oracle WebCenter Sites Support Tools available and Information disclosure (/cs/Satellite)

Oracle WebCenter Sites Support Tools are available in: www.lahitapiola.fi This software is password protected, but some pages are publicly available and reveal internal information. The welcome page is located at: http://www.lahitapiola.fi/henkilo?pagename=Support/Home This page reveal data as th...

Libarchive Heap Out-of-Bounds Read Vulnerability

libarchive is a multi-format archive and compression library. A security vulnerability exists in libarchive, which can be exploited by an attacker to cause a heap out-of-bounds read by reading a malicious ZIP password...

Nextcloud: Authentication Issue

UserA creates a password protected share 2. UserA shares this link with UserB 3. UserB accessed the share with the password 4. UserA changes the password 5. Now userB can still access the share. At step 5 userB should be prompted to authenticate again...