Researchers Warn of 'Raspberry Robin' Malware Spreading via External Drives

Cybersecurity researchers have discovered a new Windows malware with worm-like capabilities and is propagated by means of removable USB devices. Attributing the malware to a cluster named "Raspberry Robin," Red Canary researchers noted that the worm "leverages Windows Installer to reach out to...

Magic Hound Exploiting Old Microsoft Exchange ProxyShell Vulnerabilities

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here APT35 aka Magic Hound, an Iranian-backed threat group, has begun using Microsoft Exchange ProxyShell vulnerabilities as an initial attack vector and to execute code through multiple web shells. The group has primarily targeted...

Microsoft IIS ISAPI Heap Overflow (MS02-018; CVE-2002-0079)

The Microsoft Internet Information Server ASP Active Server Pages ISAPI filter is prone to remote exploitable heap buffer overflow vulnerability. A heap buffer overflow in the "chunked encoding transfer mechanism" in Microsoft IIS Internet Information Server and Active Server Pages allows attacke...

CVE-2002-1441

Multiple buffer overflows in Tomahawk SteelArrow before 4.5 allow remote attackers to execute arbitrary code via 1 the Steelarrow Service Steelarrow.exe using a long UserIdent Cookie header, 2 DLLHOST.EXE Steelarrow.dll via a request for a long .aro file, or 3 DLLHOST.EXE via a Chunked...

CVE-2002-0869

Unknown vulnerability in the hosting process dllhost.exe for Microsoft Internet Information Server IIS 4.0 through 5.1 allows remote attackers to gain privileges by executing an out of process application that acquires LocalSystem privileges, aka "Out of Process Privilege Elevation."...

CVE-2002-0869

CVE-2002-0869 refers to an unknown vulnerability in the IIS hosting process (dllhost.exe) affecting IIS 4.0–5.1 that enables remote attackers to gain LocalSystem privileges by executing an out-of-process application. Connected sources document related patches: OpenVAS/NASL entries reference MS02-...