TT Malware Log

マルウェア / サイバー攻撃 / 解析技術 に関する「個人」の調査・研究・参照ログ

SaltStack (まとめ)

【リンク】

◆SaltStack (まとめ) -- TT 脆弱性 Blog --
https://vul.hatenadiary.com/entry/SaltStack

◆4505 / 4506番ポートへのアクセス (まとめ)
https://malware-log.hatenablog.com/entry/Port_4505


【辞書】

◆Thunderspy (Thunderspy.io)
https://thunderspy.io/

◆DMA attack (Wikipedia)
https://en.wikipedia.org/wiki/DMA_attack

◆Thunderclap (Thunderclap.io)
http://thunderclap.io/


【ニュース】

◆Critical SaltStack vulnerability affects thousands of datacentres (ComputerWeekly, 2020/04/30 15:53)

Critical vulnerabilities in the Salt remote task and configuration framework enable hackers to take control of cloud servers and must be patched right away

https://www.computerweekly.com/news/252482461/Critical-SaltStack-vulnerability-affects-thousands-of-datacentres
https://malware-log.hatenablog.com/entry/2020/04/30/000000_4

◆SaltStack Salt critical bugs allow data center, cloud server hijacking as root (ZDNet, 2020/05/01)
https://www.zdnet.com/article/saltstack-salt-critical-bugs-allow-data-center-cloud-server-hijacking-as-root/
https://malware-log.hatenablog.com/entry/2020/05/01/000000_7


【ブログ】

◆SALTSTACK VULNERABILITIES ACTIVELY EXPLOITED IN THE WILD (Akamai, 2020/05/05 09:05)
https://blogs.akamai.com/sitr/2020/05/saltstack-vulnerabilities-actively-exploited-in-the-wild.html
https://malware-log.hatenablog.com/entry/2020/05/05/000000

◆SaltStack RCE 実行してみた (CVE-2020-11651) (Nick Security Log, 2020/05/09)
https://www.nicksecuritylog.com/entry/SaltStack_RCE
https://malware-log.hatenablog.com/entry/2020/05/09/000000_1


【Exploit Code】

◆Saltstack 3000.1 - Remote Code Execution (Exploit Database, 2020/05/04)
https://www.exploit-db.com/exploits/48421
https://malware-log.hatenablog.com/entry/2020/05/04/000000


【関連情報】

◆SaltStack (まとめ)
https://vul.hatenadiary.com/entry/SaltStack

◆4505 / 4506番ポートへのアクセス (まとめ)
https://malware-log.hatenablog.com/entry/Port_4505


【関連まとめ記事】

全体まとめ

◆アプリ (まとめ)
https://malware-log.hatenablog.com/entry/Application


Copyright (C) 谷川哲司 (Tetsuji Tanigawa) 1997 - 2020