Executable installers are vulnerable^WEVIL (case 52): escalation of privilege with Microsoft’s .NET Framework installers
Home » Executable installers are vulnerable^WEVIL (case 52): escalation of privilege with Microsoft’s .NET Framework installers
Executable installers are vulnerable^WEVIL (case 52): escalation of privilege with Microsoft’s .NET Framework installers
Share
RSS
More Articles…
- Zero-Day attack: what they are and how to defend yourself with SOCaaS
- Monitoring system, an overview
- Data Exfiltration: defense against data theft
- Install a Let’s Encrypt certificate on Debian based machine
- WastedLocker: Next generation ransomware
- Protecting a site in WordPress: security package
- Critical ransomware: examples of successful attacks
- Secure Online Desktop Social Initiatives
Categories …
- Backup as a Service (2)
- Cloud Conference (3)
- Cloud CRM (1)
- Cloud Server/VPS (20)
- Conferenza Cloud (4)
- ICT Monitoring (4)
- Log Management (2)
- News (16)
- ownCloud (4)
- Privacy (6)
- Secure Online Desktop (14)
- Security (6)
- SOCaaS (9)
- Vulnerabilities (83)
- Web Hosting (12)
Tags
Dark Reading:
- Tips for a Bulletproof War Room Strategy January 20, 2021The techniques used in real-world combat apply in cybersecurity operations, except that instead of bullets flying downrange, it's packets.
- Vulnerabilities in Popular DNS Software Allow Poisoning January 19, 2021Seven flaws in DNSMasq have limited impact, but in combination they could be chained to create a multistaged attack.
- Microsoft to Launch 'Enforcement Mode' for Zerologon Flaw January 19, 2021Enforcement mode for the Netlogon Domain Controller will be enabled by default with the Feb. 9 security update.
- SolarWinds Attack Underscores 'New Dimension' in Cyber-Espionage Tactics January 19, 2021Meanwhile, Malwarebytes is the latest victim, Symantec discovers a fourth piece of malware used in the massive attack campaign, and FireEye Mandiant releases a free tool to help spot signs of the attack.
- 4 Intriguing Email Attacks Detected by AI in 2020 January 19, 2021Here's to the sneakiest of the sneaky. These clever phishing messages -- that standard validation measures often missed -- deserve proper dishonor. (Sponsored)
- The Most Pressing Concerns Facing CISOs Today January 19, 2021Building security into the software development life cycle creates more visibility, but CISOs still need stay on top of any serious threats on the horizon, even if they are largely unknown.
- A Security Practitioner's Guide to Encrypted DNS January 19, 2021Best practices for a shifting visibility landscape.
- NSA Appoints Rob Joyce as Cyber Director January 15, 2021Joyce has long worked in US cybersecurity leadership, most recently serving as the NSA's top representative in the UK.
- Successful Malware Incidents Rise as Attackers Shift Tactics January 15, 2021As employees moved to working from home and on mobile devices, attackers followed them and focused on weekend attacks, a security firm says.
- Name That Toon: Before I Go ... January 15, 2021Feeling creative? Submit your caption in the comments, and our panel of experts will reward the winner with a $25 Amazon gift card.
Full Disclosure
- Backdoor.Win32.NetBull.11.a / Remote Buffer Overflow January 19, 2021Posted by malvuln on Jan 19Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/80e98fdf726a3e727f3414bdbf2e86bb.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.NetBull.11.a Vulnerability: Remote Buffer Overflow Description: Netbull listens on both TCP ports 23444 and 23445, sending a large string of junk chars causes stack corruption overwriting EDX register. Type: PE32 MD5:...
- Email-Worm.Win32.Agent.gi / Remote Stack Buffer Overflow - (UDP Datagram) January 19, 2021Posted by malvuln on Jan 19Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/74e65773735f977185f6a09f1472ea46.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Email-Worm.Win32.Agent.gi Vulnerability: Remote Stack Buffer Overflow - (UDP Datagram) Description: Creates a service "Microsoft ASPI Manager" and listens on TCP ports 80, 81 and UDP 53. The service process is a […]
- Constructor.Win32.SMWG.c / Insecure Permissions January 19, 2021Posted by malvuln on Jan 19Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/47e819a6ce3d5e93819f4842cfbe23d6.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Constructor.Win32.SMWG.c Vulnerability: Insecure Permissions Description: Description: SMWG - P2P VBS.sucke.gen worm generator by sevenC / N0:7 outputs its malicious VBS script granting change (C) permissions to authenticated users group. Type:...
- Constructor.Win32.SMWG.a / Insecure Permissions January 19, 2021Posted by malvuln on Jan 19Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/07cd532823d6ab05d6e5e3a56f7afbfd.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Constructor.Win32.SMWG.a Vulnerability: Insecure Permissions Description: Win32.SMWG VBS.sucke.gen worm generator by sevenC / N0:7 outputs its malicious VBS script granting change (C) permissions to authenticated users group. Type: PE32 MD5:...
- Newfuture Trojan V.1.0 BETA 1 / Insecure Permissions January 19, 2021Posted by malvuln on Jan 19Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/4f9376824718ff23a6238c877f73ff73.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Newfuture Trojan V.1.0 BETA 1 Vulnerability: Insecure Permissions Description: Newfuture by Wider is a remote access client and has a (Fast_sms) server component, it is written in spanish. On installation it […]
- Backdoor.Win32.Mnets / Remote Stack Buffer Overflow - (UDP Datagram Proto) January 19, 2021Posted by malvuln on Jan 19Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/1e42493dcef54a62bc28e0a1338c1142.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.Mnets Vulnerability: Remote Stack Buffer Overflow - (UDP Datagram Proto) Description: The backdoor listens for commands on UDP ports 2222 and 4444. Sending a mere 323 bytes we can overwrite the […]
- Backdoor.Win32.Whgrx / Remote Host Header Stack Buffer Overflow January 19, 2021Posted by malvuln on Jan 19Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/eb6fd418cd3b52132ffb029b52839edf.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.Whgrx Vulnerability: Remote Host Header Stack Buffer Overflow Description: The specimen listens on datagram UDP port 65000, by sending a specially crafted HTTP PUT request and specifying a large string of […]
- Backdoor.Win32.Latinus.b / Remote Buffer Overflow January 19, 2021Posted by malvuln on Jan 19Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/9adffcc98cd658a7f9c5419480013f72.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.Latinus.b Vulnerability: Remote Buffer Overflow Description: Malware listens on both TCP ports 11831 and 29559, by sending an HTTP OPTIONS request with about 8945 bytes we trigger buffer overflow and overwriting […]
- Backdoor.Win32.Nucleroot.t - MaskPE 1.6 / File Based Buffer Overflow January 19, 2021Posted by malvuln on Jan 19Discovery / credits: Malvuln - malvuln.com (c) 20211 Original source: https://malvuln.com/advisory/170d3ccf9f036c552aef6690bf419b2e.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.Nucleroot.t - MaskPE 1.6 Vulnerability: File Based Buffer Overflow Description: Description: MaskPE by yzkzero is a tool for implanting backdoors in existing PE files. The Backdoor tool doesnt properly check the […]
- Backdoor.Win32.Nucleroot.bi - MaskPE 2.0 / File Based Buffer Overflow January 19, 2021Posted by malvuln on Jan 19Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/25e0570cc803cd77abc2268b41237937.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.Nucleroot.bi - MaskPE 2.0 Vulnerability: File Based Buffer Overflow Description: MaskPE by yzkzero is a tool for implanting backdoors in existing PE files. The Backdoor tool doesnt properly check the files […]
Customers
Twitter FEED
Recent activity
SecureOnlineDesktop
Tempo di lettura: 5 minSul web sono disponibili moltissime applicazioni open source che permettono di gestire le pi… https://t.co/SjCg383iEF
SecureOnlineDesktop
On the web there are many open source applications that allow you to manage the most various situations. It is comm… https://t.co/e5OZvRPAqm
SecureOnlineDesktop
Tempo di lettura: 4 minLa pratica dello shadow IT e' l'utilizzo di sistemi informatici, dispositivi, software, appl… https://t.co/9wQPtvqemG
SecureOnlineDesktop
The practice of shadow IT is the use of computer systems, devices, software, applications and services without the… https://t.co/CgzjblglX9
SecureOnlineDesktop
Acronis Active Protection e' una tecnologia anti-ransomware avanzata. Protegge attivamente tutti i dati dei vostri… https://t.co/Hw7Rs2YOQa
Newsletter
Products and Solutions
News
- Zero-Day attack: what they are and how to defend yourself with SOCaaS January 6, 2021
- Monitoring system, an overview January 4, 2021
- Data Exfiltration: defense against data theft December 30, 2020
- Install a Let’s Encrypt certificate on Debian based machine December 28, 2020
- WastedLocker: Next generation ransomware December 23, 2020
Google Reviews






















Copyright © 2011 Secure Online Desktop s.r.l. All Rights Reserved.
VAT: 07485920966 “Cloud Computing services - Software cloud - Cloud server - VPS” Terms of ServicePrivacy Policy ISO Certifications