3 matches found
algernon 安全漏洞
Algernon is a web server developed by Alexander F. Rødseth. Versions of Algernon prior to 1.17.7 contained security vulnerabilities. These vulnerabilities stemmed from the SSE event server being bound to 0.0.0.0:5553 by default, which could allow unauthorized network access...
GHSA-GJ84-924C-48FX Algernon: Auto-refresh SSE event server binds to all interfaces by default on Linux/macOS
Summary The SSE event server bound to 0.0.0.0:5553 on Linux/macOS by default because the platform-dependent host default in engine/flags.go:39-46 set host = "" for non-Windows, and utils.JoinHostPort"", ":5553" resolves to ":5553" — a Go http.Server.Addr of ":5553" listens on every interface. On...
Backdoor.Win32.XLog.21 Authentication Bypass / Race Condition
Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/2906b5dc5132dd1319827415e837168f.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.XLog.21 Vulnerability: Authentication Bypass Race Condition Description: The malware...