CVE-2024-3544
published 2024-05-02CVE-2024-3544: Unauthenticated attackers can perform actions, using SSH private keys, by knowing the IP address and having access to the same network of one of the machines…
PriorityP343high7.5CVSS 3.1
AVAACHPRNUINSUCHIHAH
EPSS
0.38%
29.7th percentile
Unauthenticated attackers can perform actions, using SSH private keys, by knowing the IP address and having access to the same network of one of the machines in the HA or Cluster group. This vulnerability has been closed by enhancing LoadMaster partner communications to require a shared secret that must be exchanged between the partners before communication can proceed.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| progress | loadmaster | < 7.2.48.11 | 7.2.48.11 |
| progress | loadmaster | >= 7.2.49.0 < 7.2.54.10 | 7.2.54.10 |
| progress | loadmaster | >= 7.2.55.0 < 7.2.59.4 | 7.2.59.4 |
| progress_software_corporation | loadmaster | >= LoadMaster 7.2.48.11 (LTS) < 7.2.48.12 | 7.2.48.12 |
| progress_software_corporation | loadmaster | >= LoadMaster 7.2.49.0 (LTSF) < 7.2.54.10 | 7.2.54.10 |
| progress_software_corporation | loadmaster | >= LoadMaster 7.2.55.0 (GA) < 7.2.59.4 | 7.2.59.4 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Suricata
ET MALWARE Dooptroop CnC Beacon
suricata·2012-01-10
CVE-2011-3544 ET MALWARE Dooptroop CnC Beacon
ET MALWARE Dooptroop CnC Beacon
Rule: alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE Dooptroop CnC Beacon"; flow:established,to_server; http.method; content:"GET"; http.uri; content:".php?num="; fast_pattern; content:"&rev="; distance:0; pcre:"/^\/[a-z]+\.php\?num=\d+&rev=/"; http.header_names; to_lowercase; content:!"|0d 0a|referer|0d 0a|"; reference:url,blog.eset.com/2012/03/17/drive-by-ftp-a-new-view-of-cve-2011-3544; classtype:command-and-control; sid:2014112; rev:7; metadata:attack_target Client_Endpoint, created_at 2012_01_10, deployment Perimeter, signature_severity Major, tag c2, updated_at 2024_04_20, mitre_tactic_id TA0010, mitre_tactic_name Exfiltration, mitre_technique_id T1041, mitre_technique_name Exfiltration_Over_C2_Channel;)
Suricata
ET MALWARE Dooptroop Dropper Checkin
suricata·2011-04-07
CVE-2011-3544 ET MALWARE Dooptroop Dropper Checkin
ET MALWARE Dooptroop Dropper Checkin
Rule: alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE Dooptroop Dropper Checkin"; flow:established,to_server; http.method; content:"GET"; http.uri; content:"/nconfirm.php?"; fast_pattern; content:"rev="; distance:0; content:"code="; content:"param="; content:"num="; http.header_names; to_lowercase; content:!"|0d 0a|referer|0d 0a|"; reference:url,blog.eset.com/2012/03/17/drive-by-ftp-a-new-view-of-cve-2011-3544; classtype:command-and-control; sid:2013808; rev:6; metadata:created_at 2011_04_07, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2024_04_20;)
No public exploits indexed.
No writeups or analysis indexed.
https://kemptechnologies.com/https://support.kemptechnologies.com/hc/en-us/articles/25724813518605-ECS-Connection-Manager-Security-Vulnerabilities-CVE-2024-3544-and-CVE-2024-3543https://kemptechnologies.com/https://support.kemptechnologies.com/hc/en-us/articles/25724813518605-ECS-Connection-Manager-Security-Vulnerabilities-CVE-2024-3544-and-CVE-2024-3543
2024-05-02
Published