Security vulnerability: CVE-2020-28188, CVE-2021-3007 and CVE-2020-7961 aka FreakOut
This document (000019844) is provided subject to the disclaimer at the end of this document.
Situation
Security researchers from Check Point disclosed a new report, called "FreakOut goal was to create an IRC botnet which could be used for Distributed Denial of Service (DDOS) or crypto-mining. There are multiple variants of this attack.
A successful attack requires at least one of the following software/packages/framework install:
- TerraMaster TOS(TerraMaster Operating System): The operating system used for managing TerraMaster NAS (Network Attached Storage) servers (CVE-2020-28188)
- Liferay Portal: A web application platform that offers features relevant for the development of portals and websites (CVE-2020-7961)
- Zend Framework: a collection of packages used in building web application and services using PHP (CVE-2021-3007)
Resolution
Status
Additional Information
Disclaimer
This Support Knowledgebase provides a valuable tool for SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.
- Document ID:000019844
- Creation Date: 25-Jan-2021
- Modified Date:25-Jan-2021
-
- SUSE Linux Enterprise Server
For questions or concerns with the SUSE Knowledgebase please contact: tidfeedback[at]suse.com
