Summary: A new fish in town with two version of itself, a malware, that impacts Windows machines named Lucifer, is a powerful DDos based malware does crypto jacking and other such nefarious activities using old and new vulnerabilities. In actual, out of the two versions of Lucifer the second sample was compiled on Thursday, June 11, 2020 caught by Palo Alto Networks Next-Generation … Continue reading “Lucifer malware multiple DDoS vulnerabilites (CVE-2019-9081, CVE-2014-6287, CVE-2018-1000861, CVE-2017-10271, CVE-2018-20062, CVE-2018-7600, CVE-2017-9791, CVE-2019-9081, CVE-2017-0144, CVE-2017-0145, CVE-2017-8464)”
Tag: CVE-2017-10271
WebLogic WLS Deserialization RCE : CVE-2017-10271
In the month of October 2017 a Java deserialization vulnerability was disclosed to Oracle. The vulnerability is assigned CVE-2017-10271. Oracle has addressed this issue by releasing patches in October. Upon successful exploitation an attacker can achieve remote code execution with out authentication. An attacker sends a custom XML request to CoordinatorPortType web service, this causes … Continue reading “WebLogic WLS Deserialization RCE : CVE-2017-10271”