XDSpy Analisi

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (14)

Linguaggio

en	10
es	4

Nazione

es	8
us	4
gb	2

Attori

XDSpy	1

Interesse

Genere

Operating System	4
Web Server	2
Service Management Software	2
Web Browser	2
Software Library	2

Fornitore

Not Defined	4
Apple	4
Oracle	2
Google	2
GNU	2

Prodotto

Apple macOS	4
Oracle iPlanet Web Server	2
OTRS	2
Google Chrome OS	2
GNU C Library	2

Vulnerabilità

#	Vulnerabilità	Base	Temp	0day	Oggi	Sfr	Con	EPSS	CTI	CVE
1	GNU C Library vfprintf Local Privilege Escalation	7.8	7.0	$0-$5k	$0-$5k	Proof-of-Concept	Official Fix	0.01296	0.00	CVE-2012-0864
2	nginx URI String escalazione di privilegi	6.5	6.2	$0-$5k	$0-$5k	Not Defined	Official Fix	0.95433	0.04	CVE-2013-4547
3	Apache HTTP Server mod_proxy buffer overflow	7.3	6.6	$25k-$100k	$0-$5k	Proof-of-Concept	Official Fix	0.01228	0.02	CVE-2004-0492
4	Postfix Admin functions.inc.php sql injection	7.3	7.0	$5k-$25k	$0-$5k	High	Official Fix	0.00253	0.05	CVE-2014-2655
5	Apple macOS iBooks Redirect	6.2	5.9	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00233	0.00	CVE-2017-2497
6	Apple macOS libarchive escalazione di privilegi	5.4	5.3	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00042	0.07	CVE-2016-7619
7	HPE Aruba ClearPass escalazione di privilegi	9.2	8.8	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.02624	0.00	CVE-2017-5824
8	Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash rivelazione di un 'informazione	5.3	5.2	$5k-$25k	Calcolo	High	Workaround	0.02016	0.02	CVE-2007-1192
9	DZCP deV!L`z Clanportal config.php escalazione di privilegi	7.3	6.6	$0-$5k	$0-$5k	Proof-of-Concept	Official Fix	0.00943	0.87	CVE-2010-0966
10	Google Chrome OS Format String	8.8	8.4	$100k et plus	$5k-$25k	Not Defined	Official Fix	0.00345	0.00	CVE-2016-5169
11	phpEventMan text.ctrl.php escalazione di privilegi	7.3	6.9	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.14902	0.00	CVE-2007-0702
12	OTRS sql injection	6.3	6.0	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00335	0.00	CVE-2010-0438
13	OTRS StateGetStatesByType sql injection	7.3	7.0	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00407	0.00	CVE-2014-1471
14	Oracle iPlanet Web Server Administration Console cross site scripting	6.3	6.0	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00868	0.00	CVE-2012-0516

IOC - Indicator of Compromise (3)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

ID	indirizzo IP	Hostname	Attore	Identified	Genere	Fiducia
1	62.213.213.170	62-213-213-170.ip.stuart.be	XDSpy	31/05/2021	verified	Alto
2	XX.XX.XXX.XX	xx-xx-xxx-xx.xxxxx.xxxxxxxxxx.xx	Xxxxx	31/05/2021	verified	Alto
3	XX.XXX.XX.XX	xx-xx-xxx-xx.xxxx.xxxxx.xxx	Xxxxx	31/05/2021	verified	Alto

TTP - Tactics, Techniques, Procedures (6)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

ID	Technique	Classe	Vulnerabilità	Accesso al vettore	Genere	Fiducia
1	T1059	CAPEC-242	CWE-94	Argument Injection	predictive	Alto
2	T1059.007	CAPEC-18	CWE-80	Cross Site Scripting	predictive	Alto
3	TXXXX	CAPEC-122	CWE-XXX, CWE-XXX	Xxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxx	predictive	Alto
4	TXXXX.XXX	CAPEC-178	CWE-XXX	Xxxx Xxxxxxxx	predictive	Alto
5	TXXXX	CAPEC-108	CWE-XX	Xxx Xxxxxxxxx	predictive	Alto
6	TXXXX	CAPEC-116	CWE-XXX	Xxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxx	predictive	Alto

IOA - Indicator of Attack (9)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID	Classe	Indicator	Genere	Fiducia
1	File	data/gbconfiguration.dat	predictive	Alto
2	File	functions.inc.php	predictive	Alto
3	File	xxx/xxxxxx.xxx	predictive	Alto
4	File	xxxx.xxxx.xxx	predictive	Alto
5	Argument	xxxxxxxx	predictive	Media
6	Argument	xxxxxxx-xxxxxx	predictive	Alto
7	Argument	xxxxx	predictive	Basso
8	Argument	xxxx_xxxxx	predictive	Media
9	Pattern	xxxxxxx-xxxxxx\|xx\|	predictive	Alto

Referenze (2)

The following list contains external sources which discuss the actor and the associated activities:

◂ PrecedenteVisione D'insiemeIl prossimo ▸

Might our Artificial Intelligence support you?

Check our Alexa App!