Tag: CVE-2017-10271

Lucifer malware multiple DDoS vulnerabilites (CVE-2019-9081, CVE-2014-6287, CVE-2018-1000861, CVE-2017-10271, CVE-2018-20062, CVE-2018-7600, CVE-2017-9791, CVE-2019-9081, CVE-2017-0144, CVE-2017-0145, CVE-2017-8464)

Posted by Author Dhiren Vaghela on Posted on

Summary:   A new fish in town with two version of itself, a malware, that impacts Windows machines named Lucifer, is a powerful DDos based malware does crypto jacking and other such nefarious activities using old and new vulnerabilities.   In actual, out of the two versions of Lucifer the second sample was compiled on Thursday, June 11, 2020 caught by Palo Alto Networks Next-Generation … Continue reading “Lucifer malware multiple DDoS vulnerabilites (CVE-2019-9081, CVE-2014-6287, CVE-2018-1000861, CVE-2017-10271, CVE-2018-20062, CVE-2018-7600, CVE-2017-9791, CVE-2019-9081, CVE-2017-0144, CVE-2017-0145, CVE-2017-8464)”

WebLogic WLS Deserialization RCE : CVE-2017-10271

Posted by Author Deepak Shanker on Posted on

In the month of October 2017 a Java deserialization vulnerability was disclosed to Oracle. The vulnerability is assigned CVE-2017-10271. Oracle has addressed this issue by releasing patches in October. Upon successful exploitation an attacker can achieve remote code execution with out authentication. An attacker sends a custom XML request to CoordinatorPortType web service, this causes … Continue reading “WebLogic WLS Deserialization RCE : CVE-2017-10271”