VirtualBox suffers from an unprivileged host user to host kernel privilege escalation vulnerability via environment and ioctl.
5ae11d5da89c21fa2ec3f008d6534c457837c34c5f2d020a423a08192ddfde0a
VirtualBox suffers from a guest-to-host local privilege escalation vulnerability via broken length handling in slirp copy.
79cd9c11d5258beceede4e3ea94c22037f513ff968d9ae2a19eeefa0afadf459
Red Hat Security Advisory 2017-0988-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Security Fix: Quick Emulator, built with the Cirrus CLGD 54xx VGA Emulator and the VNC display driver support, is vulnerable to a heap buffer overflow issue. The issue could occur when a VNC client attempts to update its display after a VGA operation is performed by a guest. A privileged user/process inside guest could use this flaw to crash the QEMU process resulting in DoS or, potentially, leverage it to execute arbitrary code on the host with privileges of the QEMU process.
ebcca6155666f270a5597b98c7f537ba5ae9df4825a50bc8efbf6d0ff9163a4e
Red Hat Security Advisory 2017-0987-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fix: A heap buffer overflow flaw was found in QEMU's Cirrus CLGD 54xx VGA emulator's VNC display driver support; the issue could occur when a VNC client attempted to update its display after a VGA operation is performed by a guest. A privileged user/process inside a guest could use this flaw to crash the QEMU process or, potentially, execute arbitrary code on the host with privileges of the QEMU process.
644727d84aca416d3dd02e5d12fd3896099ec52380e4c5ba4156e4de68fa4cd4
Microsoft Windows suffers from a runtime broker ClipboardBroker privilege escalation vulnerability.
7c916e43984e060a2ac3129f24b582d32092c2278a75ff95dfbfab95fd72d2cf
Microsoft Windows suffers from a ManagementObject arbitrary .NET serialization remote code execution vulnerability.
2191c2cf58409ae65a711b869567e7f0086659f623a87e56f5ca19199ab839a9
Apple Webkit suffers from a universal cross site scripting vulnerability in PrototypeMap::createEmptyStructure.
79780b821c23d3e4824a776971e35553e09962f68907b17945b1816687de7323
Microsoft Windows taskschd.msc local SYSTEM privilege escalation exploit.
745e5a4f4c52227b4be45f15a6b78b196c664d1436532ae73577cf9534505f2e
Red Hat Security Advisory 2017-0986-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A race condition flaw was found in the N_HLDC Linux kernel driver when accessing n_hdlc.tbuf list that can lead to double free. A local, unprivileged user able to set the HDLC line discipline on the tty device could use this flaw to increase their privileges on the system.
d9f2e9165162f45b0d688155a96d6e4bb313349e3b5a7cee7b9700fe2990412b
Red Hat Security Advisory 2017-0985-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev packages provide the user-space component for running virtual machines using KVM in environments managed by Red Hat Virtualization Manager. Security Fix: Quick Emulator, built with the Cirrus CLGD 54xx VGA Emulator and the VNC display driver support, is vulnerable to a heap buffer overflow issue. The issue could occur when a VNC client attempts to update its display after a VGA operation is performed by a guest. A privileged user/process inside guest could use this flaw to crash the QEMU process resulting in DoS or, potentially, leverage it to execute arbitrary code on the host with privileges of the QEMU process.
db1b72066944db0bdf0ce1bc4ba19551ab3c507b266953b66566a09e79f75fd1
Red Hat Security Advisory 2017-0979-01 - LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extended office suite. Security Fix: It was found that LibreOffice disclosed contents of a file specified in an embedded object's preview. An attacker could potentially use this flaw to expose details of a system running LibreOffice as an online service via a crafted document.
8cd2fba6a95ac7f78aedff997599e71c4f67ba16be2c0293410a83b43489c753
Red Hat Security Advisory 2017-0984-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Security Fix: Quick Emulator, built with the Cirrus CLGD 54xx VGA Emulator and the VNC display driver support, is vulnerable to a heap buffer overflow issue. The issue could occur when a VNC client attempts to update its display after a VGA operation is performed by a guest. A privileged user/process inside guest could use this flaw to crash the QEMU process resulting in DoS or, potentially, leverage it to execute arbitrary code on the host with privileges of the QEMU process.
868c4643c5f00ba072aab4d83758fbebdf1cf27b532f4e2af07fd1455a52a1b7
Red Hat Security Advisory 2017-0983-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Security Fix: Quick Emulator, built with the Cirrus CLGD 54xx VGA Emulator and the VNC display driver support, is vulnerable to a heap buffer overflow issue. The issue could occur when a VNC client attempts to update its display after a VGA operation is performed by a guest. A privileged user/process inside guest could use this flaw to crash the QEMU process resulting in DoS or, potentially, leverage it to execute arbitrary code on the host with privileges of the QEMU process.
89e446bb5c5343cd809309dec01c83fbdf4a0b0c4a5891ef6eea9b3299f6212a
Red Hat Security Advisory 2017-0980-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Security Fix: Quick Emulator, built with the Cirrus CLGD 54xx VGA Emulator and the VNC display driver support, is vulnerable to a heap buffer overflow issue. The issue could occur when a VNC client attempts to update its display after a VGA operation is performed by a guest. A privileged user/process inside guest could use this flaw to crash the QEMU process resulting in DoS or, potentially, leverage it to execute arbitrary code on the host with privileges of the QEMU process.
439d394b0a5ab965220d35c8ae8f0895aedee38ce7a96952273cce9e485f984d
Red Hat Security Advisory 2017-0981-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Security Fix: Quick Emulator, built with the Cirrus CLGD 54xx VGA Emulator and the VNC display driver support, is vulnerable to a heap buffer overflow issue. The issue could occur when a VNC client attempts to update its display after a VGA operation is performed by a guest. A privileged user/process inside guest could use this flaw to crash the QEMU process resulting in DoS or, potentially, leverage it to execute arbitrary code on the host with privileges of the QEMU process.
98ece6f9a2db1938937a03a2eba4815fa519f336179b11459c1f35fcca867829
Red Hat Security Advisory 2017-0982-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Security Fix: Quick Emulator, built with the Cirrus CLGD 54xx VGA Emulator and the VNC display driver support, is vulnerable to a heap buffer overflow issue. The issue could occur when a VNC client attempts to update its display after a VGA operation is performed by a guest. A privileged user/process inside guest could use this flaw to crash the QEMU process resulting in DoS or, potentially, leverage it to execute arbitrary code on the host with privileges of the QEMU process.
ff73c4c88ba0cc9a1275e7ea05d32d435c6cfca3c09625b067006adb2f04070c
Apache XML Graphics FOP versions 1.0 through 2.1 suffer from an information disclosure vulnerability.
520b76c48d1f6cbd37e2e175fd011bb41c0570075c09d431c9d8d3a998a53a8a
There is a vulnerability in ATS with the HPACK Bomb Attack that can lead to a denial of service vulnerability. Versions 6.0.0 to 6.2.0 are affected. Please upgrade to ATS 6.2.1 or 7.0.0.
cce30cb7de97faec9ff6ac82fe129fe2f0047da211951cf689af0e98e9a18d82
VLC Media Player version 2.2.3 DecodeAdpcmImaQ buffer overflow exploit.
ce938631e3a9c9ef064a71a86662cee234639f00fe1ce75a32787d6606ff0462
This Metasploit module uses information disclosure to determine if MS17-010 has been patched or not. Specifically, it connects to the IPC$ tree and attempts a transaction on FID 0. If the status returned is "STATUS_INSUFF_SERVER_RESOURCES", the machine does not have the MS17-010 patch. This Metasploit module does not require valid SMB credentials in default server configurations. It can log on as the user "\" and connect to IPC$.
406793a6d738119ccb6d6413edb253d56dcc7567c30b9802bc8d69cb7209cb0b
Blue Team Training Toolkit (BT3) is an attempt to introduce improvements in current computer network defense analysis training. Based on adversary replication techniques, and with reusability in mind, BT3 allows individuals and organizations to create realistic computer attack scenarios, while reducing infrastructure costs, implementation time and risk. The Blue Team Training Toolkit is written in Python, and it includes the latest versions of Encripto's Maligno and Pcapteller.
6452693362cf081a653c9da4094f4cd28eed8a27db00338da17456c5600822b3
Watchguard's Firebox and XTM appliances suffer from XML external entity injection and XML-RPC user enumeration vulnerabilities.
947dba226b2f6a9ad24e1b5e7af199cf29a3450764e88c890268dcb7b1cd44c2
This Metasploit module exploits a command injection vulnerability in the Huawei HG532n routers provided by TE-Data Egypt, leading to a root shell. The router's web interface has two kinds of logins, a "limited" user:user login given to all customers and an admin mode. The limited mode is used here to expose the router's telnet port to the outside world through NAT port-forwarding. With telnet now remotely accessible, the router's limited "ATP command line tool" (served over telnet) can be upgraded to a root shell through an injection into the ATP's hidden "ping" command.
13f129a4c5fe898ac3c2bbe4698d84747643595b279f6dd5ed13bb1e7817b43b
360-FAAR Firewall Analysis Audit and Repair is an offline command line perl policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in checkpoint dbedit or screenos commands.
9530e7f9edc52dc222597d903ee4f6797a20b6cccb765503b6c3082408e9d386
This article documents practical exploitation of CVE-2017-0199 and includes a proof of concept.
7e95162e6d74646b2e07b57b6589a73c89a2105aa6fc97d5f1fd7552b825222e