VirtualBox suffers from an unprivileged host user to host kernel privilege escalation vulnerability via environment and ioctl.
5ae11d5da89c21fa2ec3f008d6534c457837c34c5f2d020a423a08192ddfde0aVirtualBox suffers from a guest-to-host local privilege escalation vulnerability via broken length handling in slirp copy.
79cd9c11d5258beceede4e3ea94c22037f513ff968d9ae2a19eeefa0afadf459Red Hat Security Advisory 2017-0988-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Security Fix: Quick Emulator, built with the Cirrus CLGD 54xx VGA Emulator and the VNC display driver support, is vulnerable to a heap buffer overflow issue. The issue could occur when a VNC client attempts to update its display after a VGA operation is performed by a guest. A privileged user/process inside guest could use this flaw to crash the QEMU process resulting in DoS or, potentially, leverage it to execute arbitrary code on the host with privileges of the QEMU process.
ebcca6155666f270a5597b98c7f537ba5ae9df4825a50bc8efbf6d0ff9163a4eRed Hat Security Advisory 2017-0987-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fix: A heap buffer overflow flaw was found in QEMU's Cirrus CLGD 54xx VGA emulator's VNC display driver support; the issue could occur when a VNC client attempted to update its display after a VGA operation is performed by a guest. A privileged user/process inside a guest could use this flaw to crash the QEMU process or, potentially, execute arbitrary code on the host with privileges of the QEMU process.
644727d84aca416d3dd02e5d12fd3896099ec52380e4c5ba4156e4de68fa4cd4Microsoft Windows suffers from a runtime broker ClipboardBroker privilege escalation vulnerability.
7c916e43984e060a2ac3129f24b582d32092c2278a75ff95dfbfab95fd72d2cfMicrosoft Windows suffers from a ManagementObject arbitrary .NET serialization remote code execution vulnerability.
2191c2cf58409ae65a711b869567e7f0086659f623a87e56f5ca19199ab839a9Apple Webkit suffers from a universal cross site scripting vulnerability in PrototypeMap::createEmptyStructure.
79780b821c23d3e4824a776971e35553e09962f68907b17945b1816687de7323Microsoft Windows taskschd.msc local SYSTEM privilege escalation exploit.
745e5a4f4c52227b4be45f15a6b78b196c664d1436532ae73577cf9534505f2eRed Hat Security Advisory 2017-0986-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A race condition flaw was found in the N_HLDC Linux kernel driver when accessing n_hdlc.tbuf list that can lead to double free. A local, unprivileged user able to set the HDLC line discipline on the tty device could use this flaw to increase their privileges on the system.
d9f2e9165162f45b0d688155a96d6e4bb313349e3b5a7cee7b9700fe2990412bRed Hat Security Advisory 2017-0985-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev packages provide the user-space component for running virtual machines using KVM in environments managed by Red Hat Virtualization Manager. Security Fix: Quick Emulator, built with the Cirrus CLGD 54xx VGA Emulator and the VNC display driver support, is vulnerable to a heap buffer overflow issue. The issue could occur when a VNC client attempts to update its display after a VGA operation is performed by a guest. A privileged user/process inside guest could use this flaw to crash the QEMU process resulting in DoS or, potentially, leverage it to execute arbitrary code on the host with privileges of the QEMU process.
db1b72066944db0bdf0ce1bc4ba19551ab3c507b266953b66566a09e79f75fd1Red Hat Security Advisory 2017-0979-01 - LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extended office suite. Security Fix: It was found that LibreOffice disclosed contents of a file specified in an embedded object's preview. An attacker could potentially use this flaw to expose details of a system running LibreOffice as an online service via a crafted document.
8cd2fba6a95ac7f78aedff997599e71c4f67ba16be2c0293410a83b43489c753Red Hat Security Advisory 2017-0984-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Security Fix: Quick Emulator, built with the Cirrus CLGD 54xx VGA Emulator and the VNC display driver support, is vulnerable to a heap buffer overflow issue. The issue could occur when a VNC client attempts to update its display after a VGA operation is performed by a guest. A privileged user/process inside guest could use this flaw to crash the QEMU process resulting in DoS or, potentially, leverage it to execute arbitrary code on the host with privileges of the QEMU process.
868c4643c5f00ba072aab4d83758fbebdf1cf27b532f4e2af07fd1455a52a1b7Red Hat Security Advisory 2017-0983-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Security Fix: Quick Emulator, built with the Cirrus CLGD 54xx VGA Emulator and the VNC display driver support, is vulnerable to a heap buffer overflow issue. The issue could occur when a VNC client attempts to update its display after a VGA operation is performed by a guest. A privileged user/process inside guest could use this flaw to crash the QEMU process resulting in DoS or, potentially, leverage it to execute arbitrary code on the host with privileges of the QEMU process.
89e446bb5c5343cd809309dec01c83fbdf4a0b0c4a5891ef6eea9b3299f6212aRed Hat Security Advisory 2017-0980-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Security Fix: Quick Emulator, built with the Cirrus CLGD 54xx VGA Emulator and the VNC display driver support, is vulnerable to a heap buffer overflow issue. The issue could occur when a VNC client attempts to update its display after a VGA operation is performed by a guest. A privileged user/process inside guest could use this flaw to crash the QEMU process resulting in DoS or, potentially, leverage it to execute arbitrary code on the host with privileges of the QEMU process.
439d394b0a5ab965220d35c8ae8f0895aedee38ce7a96952273cce9e485f984dRed Hat Security Advisory 2017-0981-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Security Fix: Quick Emulator, built with the Cirrus CLGD 54xx VGA Emulator and the VNC display driver support, is vulnerable to a heap buffer overflow issue. The issue could occur when a VNC client attempts to update its display after a VGA operation is performed by a guest. A privileged user/process inside guest could use this flaw to crash the QEMU process resulting in DoS or, potentially, leverage it to execute arbitrary code on the host with privileges of the QEMU process.
98ece6f9a2db1938937a03a2eba4815fa519f336179b11459c1f35fcca867829Red Hat Security Advisory 2017-0982-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Security Fix: Quick Emulator, built with the Cirrus CLGD 54xx VGA Emulator and the VNC display driver support, is vulnerable to a heap buffer overflow issue. The issue could occur when a VNC client attempts to update its display after a VGA operation is performed by a guest. A privileged user/process inside guest could use this flaw to crash the QEMU process resulting in DoS or, potentially, leverage it to execute arbitrary code on the host with privileges of the QEMU process.
ff73c4c88ba0cc9a1275e7ea05d32d435c6cfca3c09625b067006adb2f04070cApache XML Graphics FOP versions 1.0 through 2.1 suffer from an information disclosure vulnerability.
520b76c48d1f6cbd37e2e175fd011bb41c0570075c09d431c9d8d3a998a53a8aThere is a vulnerability in ATS with the HPACK Bomb Attack that can lead to a denial of service vulnerability. Versions 6.0.0 to 6.2.0 are affected. Please upgrade to ATS 6.2.1 or 7.0.0.
cce30cb7de97faec9ff6ac82fe129fe2f0047da211951cf689af0e98e9a18d82VLC Media Player version 2.2.3 DecodeAdpcmImaQ buffer overflow exploit.
ce938631e3a9c9ef064a71a86662cee234639f00fe1ce75a32787d6606ff0462This Metasploit module uses information disclosure to determine if MS17-010 has been patched or not. Specifically, it connects to the IPC$ tree and attempts a transaction on FID 0. If the status returned is "STATUS_INSUFF_SERVER_RESOURCES", the machine does not have the MS17-010 patch. This Metasploit module does not require valid SMB credentials in default server configurations. It can log on as the user "\" and connect to IPC$.
406793a6d738119ccb6d6413edb253d56dcc7567c30b9802bc8d69cb7209cb0bBlue Team Training Toolkit (BT3) is an attempt to introduce improvements in current computer network defense analysis training. Based on adversary replication techniques, and with reusability in mind, BT3 allows individuals and organizations to create realistic computer attack scenarios, while reducing infrastructure costs, implementation time and risk. The Blue Team Training Toolkit is written in Python, and it includes the latest versions of Encripto's Maligno and Pcapteller.
6452693362cf081a653c9da4094f4cd28eed8a27db00338da17456c5600822b3Watchguard's Firebox and XTM appliances suffer from XML external entity injection and XML-RPC user enumeration vulnerabilities.
947dba226b2f6a9ad24e1b5e7af199cf29a3450764e88c890268dcb7b1cd44c2This Metasploit module exploits a command injection vulnerability in the Huawei HG532n routers provided by TE-Data Egypt, leading to a root shell. The router's web interface has two kinds of logins, a "limited" user:user login given to all customers and an admin mode. The limited mode is used here to expose the router's telnet port to the outside world through NAT port-forwarding. With telnet now remotely accessible, the router's limited "ATP command line tool" (served over telnet) can be upgraded to a root shell through an injection into the ATP's hidden "ping" command.
13f129a4c5fe898ac3c2bbe4698d84747643595b279f6dd5ed13bb1e7817b43b360-FAAR Firewall Analysis Audit and Repair is an offline command line perl policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in checkpoint dbedit or screenos commands.
9530e7f9edc52dc222597d903ee4f6797a20b6cccb765503b6c3082408e9d386This article documents practical exploitation of CVE-2017-0199 and includes a proof of concept.
7e95162e6d74646b2e07b57b6589a73c89a2105aa6fc97d5f1fd7552b825222e
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed