Posted by malvuln on Jan 22
Discovery / credits: Malvuln – malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/bf0682b674ef23cf8ba0deeaf546f422.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.Whirlpool.10
Vulnerability: Remote Stack Buffer Overflow
Description: Whirlpool listens on UDP Datagram ports 8848 and 8864.
Sending a 192 byte payload to port 8864 triggers a stack buffer
overflow overwriting both EIP and SEH. This…
– Read More – Full Disclosure