Title: Magnitude Exploit Kit on the rise
Description: The Sourcefire VRT monitors the activity of Exploit Kits throughout the day, and the activity of which exploit kit would be clamoring for the “top title” since the arrest of Blackhole/Cool Exploit Kits author ‘paunch’ has been interesting to watch. Sweet Orange Exploit Kit had a sharp rise right after the arrest, but as of the writing of this, Magnitude/PopAds seems to be the most active.
Magnitude is currently using ports
51423
44449
33300
and g01pack has been observed on port
15489
Reference:
http://vrt-blog.snort.org/2013/10/sweet-orange-exploit-kit-was-new-king.html
Snort SID: Multiple
ClamAV: Multiple
Title: EMC AlphaStor Device Manager Format String Vulnerability
Description: EMC AlphaStore uses a proprietary protocol to handle tape-backup tasks. It is vulnerable to a format string attack in five of the EMC NetWorker commands when a certain OpCode is used.
Reference:
http://www.osvdb.org/show/osvdb/89435
Snort SID: 28394-28398
ClamAV: N/A
Title: HP Intelligent Management Center BIMS UploadServlet Arbitrary File Upload
Description: An arbitrary file upload vulnerability exists in the HP Intelligent Management Center Branch Intelligent Management Software module.
Reference:
http://www.osvdb.org/show/osvdb/98247
Snort SID: 28407
ClamAV: N/A
Deja un comentario