{"vulnerability": "CVE-2020-2771", "sightings": [{"uuid": "28fe3dce-a8e0-4dae-943c-493560366088", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-27716", "type": "seen", "source": "https://t.me/cyberbannews_ir/2382", "content": "\ud83d\uded1\u0634\u0646\u0627\u0633\u0627\u06cc\u06cc \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u062f\u0631 \u0645\u062d\u0635\u0648\u0644\u0627\u062a F5\n\n \u06a9\u0627\u0631\u0634\u0646\u0627\u0633\u0627\u0646 \u0634\u0631\u06a9\u062a \u067e\u0627\u0632\u062a\u06cc\u0648 \u062a\u06a9\u0646\u0627\u0644\u062c\u06cc\u0632 \u06cc\u06a9 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u062f\u0631 \u0631\u0627\u0628\u0637 \u067e\u06cc\u06a9\u0631\u0628\u0646\u062f\u06cc \u06a9\u0646\u062a\u0631\u0644\u0631 \u062a\u062d\u0648\u06cc\u0644 \u0646\u0631\u0645\u200c\u0627\u0641\u0632\u0627\u0631 BIG-IP\u060c \u0645\u062d\u0635\u0648\u0644 \u0634\u0631\u06a9\u062a F5\u060c \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc \u06a9\u0631\u062f\u0646\u062f \u06a9\u0647 \u0645\u0647\u0627\u062c\u0645\u0627\u0646 \u0628\u0627 \u0628\u0647\u0631\u0647\u200c\u06af\u06cc\u0631\u06cc \u0627\u0632 \u0622\u0646 \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u0633\u062a\u0646\u062f \u062d\u0645\u0644\u0647 \u0645\u0646\u0639 \u0633\u0631\u0648\u06cc\u0633 \u0627\u0646\u062c\u0627\u0645 \u062f\u0647\u0646\u062f.\n\n\u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u06a9\u0647 \u0628\u0627 \u0634\u0646\u0627\u0633\u0647 \u00abCVE-2020-27716\u00bb \u0634\u0646\u0627\u062e\u062a\u0647 \u0645\u06cc\u200c\u0634\u0648\u062f \u0627\u0645\u062a\u06cc\u0627\u0632 7.5 \u0631\u0627 \u0628\u0647 \u062e\u0648\u062f \u0627\u062e\u062a\u0635\u0627\u0635 \u062f\u0627\u062f\u0647 \u0627\u0633\u062a. \n\n#\u0622\u0633\u06cc\u0628_\u067e\u0630\u06cc\u0631\u06cc\n\n\u2705\u0628\u06cc\u0634\u062a\u0631 \u0628\u062e\u0648\u0627\u0646\u06cc\u062f:\nhttps://bit.ly/38CBA9e\n\n@cyberbannews_ir", "creation_timestamp": "2020-12-26T10:57:20.000000Z"}, {"uuid": "fad8d0ef-93f3-47ac-b687-0623aceba7de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-27716", "type": "seen", "source": "https://t.me/cibsecurity/21282", "content": "\u203c CVE-2020-27716 \u203c\n\nOn versions 15.1.0-15.1.0.5, 14.1.0-14.1.3, 13.1.0-13.1.3.5, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, when a BIG-IP APM virtual server processes traffic of an undisclosed nature, the Traffic Management Microkernel (TMM) stops responding and restarts.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-24T18:55:37.000000Z"}, {"uuid": "cfcc33d9-1164-404b-b551-2a21a349c2a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-27713", "type": "seen", "source": "https://t.me/cibsecurity/20568", "content": "\u203c CVE-2020-27713 \u203c\n\nIn certain configurations on version 13.1.3.4, when a BIG-IP AFM HTTP security profile is applied to a virtual server and the BIG-IP system receives a request with specific characteristics, the connection is reset and the Traffic Management Microkernel (TMM) leaks memory.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-12T00:45:37.000000Z"}, {"uuid": "b1bd9c25-7859-431a-8359-45216a6a153d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-27713", "type": "seen", "source": "https://t.me/cibsecurity/20587", "content": "\u203c CVE-2020-27713 \u203c\n\nIn certain configurations on version 13.1.3.4, when a BIG-IP AFM HTTP security profile is applied to a virtual server and the BIG-IP system receives a request with specific characteristics, the connection is reset and the Traffic Management Microkernel (TMM) leaks memory.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-12T01:04:55.000000Z"}, {"uuid": "d2f250fe-6fbc-4938-967f-59bc0cb426c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-27713", "type": "seen", "source": "https://t.me/cibsecurity/20495", "content": "\u203c CVE-2020-27713 \u203c\n\nIn certain configurations on version 13.1.3.4, when a BIG-IP AFM HTTP security profile is applied to a virtual server and the BIG-IP system receives a request with specific characteristics, the connection is reset and the Traffic Management Microkernel (TMM) leaks memory.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-11T22:54:24.000000Z"}, {"uuid": "9745101e-df24-4bb7-9235-fd4b0d01f91c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-27713", "type": "seen", "source": "https://t.me/cibsecurity/20627", "content": "\u203c CVE-2020-27713 \u203c\n\nIn certain configurations on version 13.1.3.4, when a BIG-IP AFM HTTP security profile is applied to a virtual server and the BIG-IP system receives a request with specific characteristics, the connection is reset and the Traffic Management Microkernel (TMM) leaks memory.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-12T02:25:10.000000Z"}, {"uuid": "58b61ad5-cf68-40fc-a8f4-818822e1a4fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-27713", "type": "seen", "source": "https://t.me/cibsecurity/20607", "content": "\u203c CVE-2020-27713 \u203c\n\nIn certain configurations on version 13.1.3.4, when a BIG-IP AFM HTTP security profile is applied to a virtual server and the BIG-IP system receives a request with specific characteristics, the connection is reset and the Traffic Management Microkernel (TMM) leaks memory.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-12T01:25:05.000000Z"}, {"uuid": "4ceba145-8832-4df9-b345-45840b6d2298", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-27713", "type": "seen", "source": "https://t.me/cibsecurity/20535", "content": "\u203c CVE-2020-27713 \u203c\n\nIn certain configurations on version 13.1.3.4, when a BIG-IP AFM HTTP security profile is applied to a virtual server and the BIG-IP system receives a request with specific characteristics, the connection is reset and the Traffic Management Microkernel (TMM) leaks memory.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-12T00:25:17.000000Z"}, {"uuid": "fa3007aa-5686-4a39-889d-35037b47339f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-27713", "type": "seen", "source": "https://t.me/cibsecurity/20476", "content": "\u203c CVE-2020-27713 \u203c\n\nIn certain configurations on version 13.1.3.4, when a BIG-IP AFM HTTP security profile is applied to a virtual server and the BIG-IP system receives a request with specific characteristics, the connection is reset and the Traffic Management Microkernel (TMM) leaks memory.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-11T22:38:50.000000Z"}, {"uuid": "90a0db85-df59-4dd9-88b8-4aab2f84b89a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-27713", "type": "seen", "source": "https://t.me/cibsecurity/20548", "content": "\u203c CVE-2020-27713 \u203c\n\nIn certain configurations on version 13.1.3.4, when a BIG-IP AFM HTTP security profile is applied to a virtual server and the BIG-IP system receives a request with specific characteristics, the connection is reset and the Traffic Management Microkernel (TMM) leaks memory.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-12T00:35:43.000000Z"}, {"uuid": "edfc012e-73cd-4747-8ddf-bd78069ebe7d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-27713", "type": "seen", "source": "https://t.me/cibsecurity/20515", "content": "\u203c CVE-2020-27713 \u203c\n\nIn certain configurations on version 13.1.3.4, when a BIG-IP AFM HTTP security profile is applied to a virtual server and the BIG-IP system receives a request with specific characteristics, the connection is reset and the Traffic Management Microkernel (TMM) leaks memory.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-11T23:25:15.000000Z"}, {"uuid": "e04899bd-b714-4ae0-adff-c03129648056", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-2771", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/2629", "content": "The INFILTRATE effect: 6 bugs in 6 months (PoCs):\n- LPE via xscreensaver (CVE-2019-3010);\n- Low impact information disclosure via Solaris xlock (CVE-2020-2656);\n- LPE via CDE (CVE-2020-2696, CVE-2020-2944);\n- Stack-based buffer overflow in CDE libDtSvc (CVE-2020-2851);\n- Heap-based buffer overflow in Solaris whodo and w commands (CVE-2020-2771)\nhttps://github.com/0xdea/raptor_infiltrate20", "creation_timestamp": "2021-02-03T12:43:01.000000Z"}, {"uuid": "50576173-5b3d-4ff1-8233-9dba6ec72a44", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-2771", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/979", "content": "#exploit\n1. CVE-2020-2771:\nHeap-based buffer overflow in Solaris 10/11x whodo and w commands\nhttps://github.com/0xdea/advisories/blob/master/2020-07-solaris-whodo-w.txt\n\n2. CVE-2020-5738,\nCVE-2020-5739:\nGrandstream VoIP Phone GXP16xx Series Multiple Issues\nhttps://www.tenable.com/security/research/tra-2020-22\n]-&gt; PoC: https://github.com/tenable/poc/tree/master/grandstream", "creation_timestamp": "2024-10-21T17:18:46.000000Z"}]}