Showing 1 - 3 of 3

Files Date: 2019-05-22

FreeBSD rtld execl() Privilege Escalation: Posted May 22, 2019; Authored by stealth, Kingcope | Site metasploit.com; This Metasploit module exploits a vulnerability in the FreeBSD run-time link-editor (rtld). The rtld unsetenv() function fails to remove LD_* environment variables if __findenv() fails. This can be abused to load arbitrary shared objects using LD_PRELOAD, resulting in privileged code execution.; tags | exploit, arbitrary, code execution; systems | freebsd, bsd; advisories | CVE-2009-4146, CVE-2009-4147; MD5 | 8389e3a76ad8302ffe4213d460a38deb; Download | Favorite | Comments (0)

Mac OS X Feedback Assistant Race Condition: Posted May 22, 2019; Authored by timwr, CodeColorist | Site metasploit.com; This Metasploit module exploits a race condition vulnerability in Mac's Feedback Assistant. A successful attempt would result in remote code execution under the context of root.; tags | exploit, remote, root, code execution; advisories | CVE-2019-8565; MD5 | 92e9e59de8b1c44532025e2d75591bf9; Download | Favorite | Comments (0)

Shopware createInstanceFromNamedArguments PHP Object Instantiation: Posted May 22, 2019; Authored by mr_me, Karim Ouerghemmi | Site metasploit.com; This Metasploit module exploits a php object instantiation vulnerability that can lead to remote code execution in Shopware. An authenticated backend user could exploit the vulnerability. The vulnerability exists in the createInstanceFromNamedArguments function, where the code insufficiently performs whitelist check which can be bypassed to trigger an object injection. An attacker can leverage this to deserialize an arbitrary payload and write a webshell to the target system, resulting in remote code execution. Tested on Shopware git branches 5.6, 5.5, 5.4, 5.3.; tags | exploit, remote, arbitrary, php, code execution; advisories | CVE-2017-18357; MD5 | a99c1e8083c3f15ba37bddffdcfae6ae; Download | Favorite | Comments (0)

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days