This Metasploit module exploits CVE-2020-1054, an out of bounds write reachable from DrawIconEx within win32k. The out of bounds write can be used to overwrite the pvbits of a SURFOBJ. By utilizing this vulnerability to execute controlled writes to kernel memory, an attacker can gain arbitrary code execution as the SYSTEM user. This module has been tested against a fully updated Windows 7 x64 SP1. Offsets within the exploit code may need to be adjusted to work with other versions of Windows.
868acae66ad56703c17e3c65ef2f0fd90bad10c8ec6f9816219080fe42106f93Google's American Fuzzy Lop is a brute-force fuzzer coupled with an exceedingly simple but rock-solid instrumentation-guided genetic algorithm. afl++ is a superior fork to Google's afl. It has more speed, more and better mutations, more and better instrumentation, custom module support, etc.
75a2cd6c9e14d4160defcf4899c6d654eba9ae1aad2b2c850bb165c84ee763bbRed Hat Security Advisory 2020-5437-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer over-read and null pointer vulnerabilities.
9d3708ba296874c5618cf8021564296dd4593f759f8d1496838e0ec07bf3fb11Red Hat Security Advisory 2020-5453-01 - The Pacemaker cluster resource manager is a collection of technologies working together to maintain data integrity and application availability in the event of failures. Issues addressed include a bypass vulnerability.
03bb61c3369a4b84357a19a89fa5d4597443a32d9099225e7144093d2060c1c7Qualcomm Adreno GPU PID reuse can lead to a shared mapping leak vulnerability.
3e3e7b15f4478de5e65c145f4176a69491a971efa9d024d29399588336df506cSolaris SunSSH versions 10 through 11.0 on x86 libpam remote root exploit.
93c50138db56dcc96e612d0fa56cca01459695d4f656345667a2e4fdec807e5dRed Hat Security Advisory 2020-5434-01 - The targetcli package contains an administration shell for configuring Internet Small Computer System Interface, Fibre Channel over Ethernet, and other SCSI targets, using the Target Core Mod/Linux-IO kernel target subsystem. FCoE users also need to install and use the fcoe-utils package.
88d732069cbff0c46d3ccc25d396674da0b900f648c9ba4a293db6c642b034ebAlumni Management System version 1.0 suffers from a remote shell upload vulnerability.
4bfe93d63aa8b884f827dac2016275021452f0ac25d6651dfe10a1e6e8fe05e6Red Hat Security Advisory 2020-5439-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Issues addressed include a memory leak vulnerability.
1cd908b159ef1b76221d2e9d0d69adbb11c5ecc9cafde8a5307b43268d43d893Gitlab version 11.4.7 authenticated remote code execution exploit.
060ec27bc199fb9c231243a34947bcd6f792298a67ae1f4ab3d023368297fe8dRed Hat Security Advisory 2020-5443-01 - GD is an open source code library for the dynamic creation of images by programmers. GD creates PNG, JPEG, GIF, WebP, XPM, BMP images, among other formats. Issues addressed include heap overflow and integer overflow vulnerabilities.
a52b53f51871e9f09d4e5affe5357910752a7ba99d8ba9eb815566d8e248ac9clibbabl version 0.1.62 broken double-free detection proof of concept exploit.
c9625fdfa8e4f30279a1070a44fe6ea3eb8e3675976560ced8a254a2b39109caRed Hat Security Advisory 2020-5441-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include a buffer over-read vulnerability.
10fd709ec5317c6e9ff836aba241b2b37ab6793d5400a1db991201fa616e3608PHPJabbers Appointment Scheduler 2.3 suffers from a cross site scripting vulnerability.
6d9f865f19e0ad489deb9399c4ddf39299e14a0507ba056a5a408033ba345e68Red Hat Security Advisory 2020-5435-01 - The python-rtslib package provides a Python library to configure the kernel target subsystem, using the configfs file system.
5688c131a8428c2bc09f6e55f0cb1e1f4e85c7a3eae68300d704d0c2ccc1e7abTask Management System version 1.0 suffers from a local file inclusion vulnerability.
a07c22e636733ee06134ab3cbdf49c23ec2ec4c0bb20ebd8e528c0428139832aRed Hat Security Advisory 2020-5422-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Issues addressed include a null pointer vulnerability.
15c45f9be5214fd88707760a438d8698732db0afac9a334318ee2188e2e238e6Red Hat Security Advisory 2020-5416-01 - The linux-firmware packages contain all of the firmware files that are required by various devices to operate. Issues addressed include a buffer overflow vulnerability.
e0488085dba32b0270af4477522e67cb0f6bcdd8fd0b35d4800de131cbcb828cCisco ASA version 9.14.1.10 and FTD version 6.6.0.1 path traversal exploit. Original discovery of this vulnerability is attributed to 3ndG4me in October of 2020.
dfe0fcf7f0c733ce87bf53173ca792e20086cc5828ba3e9907aa3993b08bf8feRed Hat Security Advisory 2020-5418-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system.
8973a9ae5ebe29196c30173d1014c6915bc52d3e20210910aac02c2779cca62bRed Hat Security Advisory 2020-5430-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include out of bounds write and use-after-free vulnerabilities.
0bfd4a3134b86355b7ff63ecd9834313e1383db6cbc7a5a8ae97fc7cb795cb18Red Hat Security Advisory 2020-5420-01 - The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol, including an SNMP library, an extensible agent, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl Management Information Base browser.
de0ed0fe595324740da72e3c96802f2e70dfc8bbd5dc38d05c1298fc14f0d429Online Marriage Registration System version 1.0 authenticated remote code execution exploit. Original discovery of remote code execution in this version was discovered by Selim Enes Karaduman.
fb9d5797bad77ed8c6a1484c739b1398a4d81951087d21f8db5fe249b8a2b2e7Red Hat Security Advisory 2020-5417-01 - The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP.
b57f36f309bc3f0aa3fe312a986e20d2ea160cf2b12070ba0a963d933f7ac2a8Red Hat Security Advisory 2020-5423-01 - The Pacemaker cluster resource manager is a collection of technologies working together to maintain data integrity and application availability in the event of failures. Issues addressed include a bypass vulnerability.
6dbb1d47b9916093bfa205991e5bb7ef943d650ae8a8dee6e5f3df6b2d5dd265
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Subscribe to an RSS Feed