This Metasploit module exploits a vulnerability that has been in the Linux kernel since version 5.8. It allows writing of read only or immutable memory. The vulnerability was fixed in Linux 5.16.11, 5.15.25 and 5.10.102. The module exploits this vulnerability by overwriting a suid binary with the payload, executing it, and then writing the original data back. There are two major limitations of this exploit: the offset cannot be on a page boundary (it needs to write one byte before the offset to add a reference to this page to the pipe), and the write cannot cross a page boundary. This means the payload must be less than the page size (4096 bytes).
95e39ce5f94de2996183947c580313fe0356df719e22343a89d095b460489c7aSysdig Falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.
207b875c5b24717ecc9a5c288ff8df703d5d2a9ad00533f798d530e758f8ae42Zabbix version 5.0.17 authenticated remote code execution exploit.
ebc3165e97e60d9bd46503f07408149675fc7f713f4d3e0501cf3ac3498e18b8Siemens S7-1200 versions 4.5 and below have an unauthenticated CPU start/stop command vulnerability.
88f2803fc2e5b53b6f08e265637da1495e7da749c19ccbe44164c5f1225850e9Ubuntu Security Notice 5320-1 - USN-5288-1 fixed several vulnerabilities in Expat. For CVE-2022-25236 it caused a regression and an additional patch was required. This update address this regression and several other vulnerabilities. It was discovered that Expat incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. It was discovered that Expat incorrectly handled certain files. An attacker could possibly use this issue to cause a crash or execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 21.10.
f73ffaf6eb03b92ee8fa616e8b96fe44c883861c77e20c470a4a5a8c89b228daWOW21 version 5.0.1.9 suffers from an unquoted service path vulnerability.
dd3790169d6ed36986ad50b78130b908b3afd0bfc81309448db2fec5970807fdSandboxie-Plus version 5.50.2 suffers from an unquoted service path vulnerability.
c11e7ad42d8bfa9e14b092d5fce628e76aa5c16a926d44c5e66ffe8de045f235McAfee Safe Connect VPN suffers from an unquoted service path vulnerability.
5502da1c6d1cd3f45b148e073ebac251aa5385dbc8b2be76e1f2a220bbe458f1BattlEye version 0.9 suffers from an unquoted service path vulnerability.
b96d0cfc1479d79b17eca435c513eb44002d31fb0fbcc2c759667534968b52c7Sony Playmemories Home suffers from an unquoted service path vulnerability.
da76cfffc8e00970cf818236c584198ba40bb3a6290a63f1ea4d74bdd5b9dc4e
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed