Malicious Package

Overview upstart-offer-container is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this packa...

Malicious Package

Overview upstart-loan-status is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

Malicious Package

Overview upstart-lending-status is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this packag...

Malicious code in upstart-offer-container (npm)

Package collects sensitive data SSH keys, AWS creds, env vars, exfiltrates it to a remote server, and executes shell commands. MALWARE! --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 148e48dd7b06a250063027a17895962000ca784a3fe52b704bea049afc85763a The package...

MAL-2026-2613 Malicious code in upstart-offer-container (npm)

Package collects sensitive data SSH keys, AWS creds, env vars, exfiltrates it to a remote server, and executes shell commands. MALWARE! --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 148e48dd7b06a250063027a17895962000ca784a3fe52b704bea049afc85763a The package...

Malicious code in upstart-lending-status (npm)

Package is malware. It steals credentials, collects system info, and exfiltrates data to a remote server via postinstall script. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 627a2802a53ad7eb751fcac4b0a43245c6b0bf9e667db77051758b24d8bc4d96 The package...

MAL-2026-2611 Malicious code in upstart-lending-status (npm)

Package is malware. It steals credentials, collects system info, and exfiltrates data to a remote server via postinstall script. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 627a2802a53ad7eb751fcac4b0a43245c6b0bf9e667db77051758b24d8bc4d96 The package...

Malicious code in upstart-loan-status (npm)

Malicious package with postinstall script exfiltrating sensitive system data to a remote server. Multiple YARA rules and LLM analysis confirm. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2e7850b2e1fe8a8eeebd2a8593220743deeacbed610ada8e460fcd15bc51c732 The...

MAL-2026-2612 Malicious code in upstart-loan-status (npm)

Malicious package with postinstall script exfiltrating sensitive system data to a remote server. Multiple YARA rules and LLM analysis confirm. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2e7850b2e1fe8a8eeebd2a8593220743deeacbed610ada8e460fcd15bc51c732 The...

Service Upstart Persistence

This module will create a service on the box, and mark it for auto-restart. We need enough access to write service files and potentially restart services Targets: CentOS 6 Fedora = 9, = 9.10, use exploit/linux/persistence/initupstart msf exploitinitupstart show targets ...targets... msf...

📄 Service Upstart Persistence

This Metasploit module will create a service on the box, and mark it for auto-restart. You need enough access to write service files and potentially restart services. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework...

EUVD-2015-2383

Malware in sbrugna...

EUVD-2019-4335

Malware in sbrugna...

CVE-2015-2285

The logrotation script /etc/cron.daily/upstart in the Ubuntu Upstart package before 1.13.2-0ubuntu9, as used in Ubuntu Vivid 15.04, allows local users to execute arbitrary commands and gain privileges via a crafted file in /run/user//upstart/sessions/...

OPENSUSE-SU-2024:0342-1 Security update for lxc

This update for lxc fixes the following issues: lxc was updated to 6.0.2: The LXC team is pleased to announce the release of LXC 6.0.2! This is the second bugfix release for LXC 6.0 which is supported until June 2029. As usual this bugfix releases focus on stability and hardening. Some of the...

SUSE CVE-2017-6507

An issue was discovered in AppArmor before 2.12. Incorrect handling of unknown AppArmor profiles in AppArmor init scripts, upstart jobs, and/or systemd unit files allows an attacker to possibly have increased attack surfaces of processes that were intended to be confined by AppArmor. This is due ...

SUSE CVE-2019-12749

dbus before 1.10.28, 1.12.x before 1.12.16, and 1.13.x before 1.13.12, as used in DBusServer in Canonical Upstart in Ubuntu 14.04 and in some, less common, uses of dbus-daemon, allows cookie spoofing because of symlink mishandling in the reference implementation of DBUSCOOKIESHA1 in the libdbus...

Security Bulletin: IBM Security Guardium is affected by a dbus vulnerability

Summary IBM Security Guardium has addressed the following vulnerabilities. Vulnerability Details CVEID: CVE-2019-12749 DESCRIPTION: dbus before 1.10.28, 1.12.x before 1.12.16, and 1.13.x before 1.13.12, as used in DBusServer in Canonical Upstart in Ubuntu 14.04 and in some, less common, uses of...

dbus before 1.10.28 1.12.x before 1.12.16 and 1.13.x before 1.13.12 as used in DBusServer in Canonical Upstart in Ubuntu 14.04 (and in some less common uses of dbus-daemon) allows cookie spoofing because of symlink mishandling in the reference implementation of DBUS_COOKIE_SHA1 in the libdbus library. (This only affects the DBUS_COOKIE_SHA1 authentication mechanism.) A malicious client with write access to its own home directory could manipulate a ~/.dbus-keyrings symlink to cause a DBusServer with a different uid to read and write in unintended locations. In the worst case this could result in the DBusServer reusing a cookie that is known to the malicious client and treating that cookie as evidence that a subsequent client connection came from an attacker-chosen uid allowing authentication bypass.

...

NewStart CGSL MAIN 4.05 : dbus Vulnerability (NS-SA-2020-0016)

The remote NewStart CGSL host, running version MAIN 4.05, has dbus packages installed that are affected by a vulnerability: - dbus before 1.10.28, 1.12.x before 1.12.16, and 1.13.x before 1.13.12, as used in DBusServer in Canonical Upstart in Ubuntu 14.04 and in some, less common, uses of...