86 matches found
EUVD-2005-3312
Malware in sbrugna...
EUVD-2009-2694
Malware in sbrugna...
EUVD-2014-0121
Malware in sbrugna...
EUVD-2018-8803
Malware in sbrugna...
ShellBot Uses Hex IPs to Evade Detection in Attacks on Linux SSH Servers
The threat actors behind ShellBot are leveraging IP addresses transformed into their hexadecimal notation to infiltrate poorly managed Linux SSH servers and deploy the DDoS malware. "The overall flow remains the same, but the download URL used by the threat actor to install ShellBot has changed...
TeamTNT's Silentbob Botnet Infecting 196 Hosts in Cloud Attack Campaign
As many as 196 hosts have been infected as part of an aggressive cloud campaign mounted by the TeamTNT group called Silentbob. "The botnet run by TeamTNT has set its sights on Docker and Kubernetes environments, Redis servers, Postgres databases, Hadoop clusters, Tomcat and Nginx servers, Weave...
SUSE CVE-2005-3313
The IRC protocol dissector in Ethereal 0.10.13 allows remote attackers to cause a denial of service infinite loop...
SUSE CVE-2010-2785
The IRC Protocol component in KVIrc 3.x and 4.x before r4693 does not properly handle \ backslash characters, which allows remote authenticated users to execute arbitrary CTCP commands via vectors involving \r and \40 sequences, a different vulnerability than CVE-2010-2451 and CVE-2010-2452...
SUSE CVE-2014-0020
The IRC protocol plugin in libpurple in Pidgin before 2.10.8 does not validate argument counts, which allows remote IRC servers to cause a denial of service application crash via a crafted message...
USN-5862-1: Linux kernel (Qualcomm Snapdragon) vulnerabilities
It was discovered that an out-of-bounds write vulnerability existed in the Video for Linux 2 V4L2 implementation in the Linux kernel. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-20369 Pawan Kumar Gupta, Alyssa Milburn, Ami...
USN-5861-1: Linux kernel (Dell300x) vulnerabilities
It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-43945 Tamás Koczka discovered that th...
USN-5854-1: Linux kernel vulnerabilities
It was discovered that an out-of-bounds write vulnerability existed in the Video for Linux 2 V4L2 implementation in the Linux kernel. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-20369 Pawan Kumar Gupta, Alyssa Milburn, Ami...
USN-5793-3: Linux kernel vulnerabilities
It was discovered that the iouring subsystem in the Linux kernel did not properly perform reference counting in some situations, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-3910 ...
Command injection
matrix-appservice-irc is an open source Node.js IRC bridge for Matrix. The Internet Relay Chat IRC protocol allows you to specify multiple modes in a single mode command. Due to a bug in the underlying matrix-org/node-irc library, affected versions of matrix-appservice-irc perform parsing of such...
Improper handling of multiline messages in node-irc
node-irc is a socket wrapper for the IRC protocol that extends Node.js' EventEmitter. The vulnerability allows an attacker to manipulate a Matrix user into executing IRC commands by having them reply to a maliciously crafted message. Incorrect handling of a CR character allowed for making part of...
GHSA-52RH-5RPJ-C3W6 Improper handling of multiline messages in node-irc
node-irc is a socket wrapper for the IRC protocol that extends Node.js' EventEmitter. The vulnerability allows an attacker to manipulate a Matrix user into executing IRC commands by having them reply to a maliciously crafted message. Incorrect handling of a CR character allowed for making part of...
Denial Of Service (DoS)
Bro is vulnerable to denial of service. The vulnerability exisit in IRC protocol names command parsing in analyzer/protocol/irc/IRC.cc...
QEMU: Slirp: potential OOB access due to unsafe snprintf() usages
An out-of-bounds heap buffer access flaw was found in the SLiRP networking implementation of the QEMU emulator. This flaw occurs in tcpemu routine while emulating IRC and other protocols due to unsafe usage of the snprintf3 function. A user or process could use this flaw to crash the QEMU process...
QEMU: slirp: OOB buffer access while emulating tcp protocols in tcp_emu()
A heap buffer overflow issue was found in the SLiRP networking implementation of the QEMU emulator. This flaw occurs in the tcpemu routine while emulating IRC and other protocols. An attacker could use this flaw to crash the QEMU process on the host, resulting in a denial of service or potential...
QEMU: slirp: OOB buffer access while emulating tcp protocols in tcp_emu()
A heap buffer overflow issue was found in the SLiRP networking implementation of the QEMU emulator. This flaw occurs in the tcpemu routine while emulating IRC and other protocols. An attacker could use this flaw to crash the QEMU process on the host, resulting in a denial of service or potential...