This Metasploit module will bypass Windows 10 UAC by hijacking a special key in the Registry under the current user hive, and inserting a custom command that will get invoked when the Windows fodhelper.exe application is launched. It will spawn a second shell that has the UAC flag turned off. This Metasploit module modifies a registry key, but cleans up the key once the payload has been invoked. The module does not require the architecture of the payload to match the OS. If specifying EXE::Custom your DLL should call ExitProcess() after starting your payload in a separate process.
c734bdb09edf5376d5107b207ff1878647e190574e19ad03d2b4f421847dc7b9Various WiMAX CPEs are vulnerable to an authentication bypass. An attacker can set arbitrary configuration values without prior authentication. The vulnerability is located in commit2.cgi (implemented in libmtk_httpd_plugin.so).
1c406ac717264e13cef5f2341197c0e2013b4a9fe6fe7c509442d497b4bb32b7Craft CMS version 2.6 suffers from cross site scripting and remote file upload vulnerabilities.
c98687bb8a81ec2a03f13a02cfbe7e2e119136bbee628f62d5afd32a52e3737dRed Hat Security Advisory 2017-1409-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 7.0.6 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.5, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix: It was discovered that under certain conditions RESTEasy could be forced to parse a request with YamlProvider, resulting in unmarshalling of potentially untrusted data. An attacker could possibly use this flaw execute arbitrary code with the permissions of the application using RESTEasy.
6655aa3f4ba69e9f79cc5aa9277208f3d94f6edd15fbc74efeaf60b97f6ff9a1Red Hat Security Advisory 2017-1414-01 - Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 1 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.23, and includes bug fixes, which are documented in the Release Notes document linked to in the References.
e31cbbf43e6335aa07238e1960a554f893a663a6add6b13476337524256e651aRed Hat Security Advisory 2017-1413-01 - Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 1 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.23, and includes bug fixes, which are documented in the Release Notes document linked to in the References.
fc5d578ab608d805766f010632eaa528562b46809479d52a698f7d9a3c64dc63Red Hat Security Advisory 2017-1415-01 - Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 1 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.23, and includes bug fixes, which are documented in the Release Notes document linked to in the References.
24687afd6a4178ce7a6bea57d07ffe21c8d73aff655ff9ce66ec2a3fe153139eUbuntu Security Notice 3253-2 - USN-3253-1 fixed vulnerabilities in Nagios. The update prevented log files from being displayed in the web interface. This update fixes the problem. It was discovered that Nagios incorrectly handled certain long strings. A remote authenticated attacker could use this issue to cause Nagios to crash, resulting in a denial of service, or possibly obtain sensitive information. It was discovered that Nagios incorrectly handled certain long messages to cmd.cgi. A remote attacker could possibly use this issue to cause Nagios to crash, resulting in a denial of service. Dawid Golunski discovered that Nagios incorrectly handled symlinks when accessing log files. A local attacker could possibly use this issue to elevate privileges. In the default installation of Ubuntu, this should be prevented by the Yama link restrictions. Various other issues were also addressed.
9cd930c45365b94384d95a76fd5e0a17478d59a64a006c5ca2020bd550784c72Ubuntu Security Notice 3316-1 - Stefan Winter and Lubos Pavlicek discovered that FreeRADIUS incorrectly handled the TLS session cache. A remote attacker could possibly use this issue to bypass authentication by resuming an unauthenticated session.
095195c45fa27a9a6c3e00820edba58d36e88390c73d39c422476dfce9054acaRed Hat Security Advisory 2017-1411-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 7.0.6 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.5, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix: It was discovered that under certain conditions RESTEasy could be forced to parse a request with YamlProvider, resulting in unmarshalling of potentially untrusted data. An attacker could possibly use this flaw execute arbitrary code with the permissions of the application using RESTEasy.
fd7a33b7eceadc56b5ecab3789c2aaa775779137936c0e2bd3ab4d7e04ccb77fRed Hat Security Advisory 2017-1412-01 - The eap7-jboss-ec2-eap packages provide scripts for Red Hat JBoss Enterprise Application Platform running on the Amazon Web Services Elastic Compute Cloud. With this update, the eap7-jboss-ec2-eap package has been updated to ensure compatibility with Red Hat JBoss Enterprise Application Platform 7.0.6.
572ff322bc0ba231d7d9932fa3ba4c52df7238dcebe07b0ad7b7b4629a1d48b7Red Hat Security Advisory 2017-1410-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 7.0.6 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.5, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix: It was discovered that under certain conditions RESTEasy could be forced to parse a request with YamlProvider, resulting in unmarshalling of potentially untrusted data. An attacker could possibly use this flaw execute arbitrary code with the permissions of the application using RESTEasy.
ddf58742aa1e9de8bddcd533b647ee82fd2161e4db937faa29aa9d0c2d41a023Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.
b1d8e5e53a76fbc89712d10ca8e2208f68f6fc2def0e6ac82e9693bb586a49cbUtilizing the DCOS Cluster's Marathon UI, an attacker can create a docker container with the '/' path mounted with read/write permissions on the host server that is running the docker container. As the docker container executes command as uid 0 it is honored by the host operating system allowing the attacker to edit/create files owed by root. This exploit abuses this to create a cron job in the '/etc/cron.d/' path of the host server. Note that the docker image must be a valid docker image from hub.docker.com. Further more the docker container will only deploy if there are resources available in the DC/OS cluster.
10a3e28a45a0567b678d813b94116bfb80c6f6277258907fff79b23d661ddc57Xavier PHP Login Script and User Management Admin Panel version 2.4 suffers from a remote SQL injection vulnerability.
35496196f3effbb70e82163efda2bde296879c8410d68fc560ac6a676428bbe5Perch CMS version 3.0.3 suffers from cross site scripting and remote file upload vulnerabilities.
6a0a152986b08dee8282a0c7c5bcba85795178625c73990c128c31e9835f1609GravCMS Core version 1.4.2 suffers from a persistent cross site scripting vulnerability.
6859904693f59dc1a87f949a9088db27006085c961e75af2505777a6dbb7ac5bUbuntu Security Notice 3313-1 - It was discovered that a buffer overflow existed in the trace subsystem in the Linux kernel. A privileged local attacker could use this to execute arbitrary code.
e3bf0d061eec75957f131a8db8693652f4530bee007574fc11d3087c424a88a0Ubuntu Security Notice 3312-2 - USN-3312-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that the netfilter netlink implementation in the Linux kernel did not properly validate batch messages. A local attacker with the CAP_NET_ADMIN capability could use this to expose sensitive information or cause a denial of service. Various other issues were also addressed.
9bc4f5c509d58e7374d08b91a33f59e8cc908ffa5e09f39be89e361fa0dd271eUbuntu Security Notice 3312-1 - It was discovered that the netfilter netlink implementation in the Linux kernel did not properly validate batch messages. A local attacker with the CAP_NET_ADMIN capability could use this to expose sensitive information or cause a denial of service. Qian Zhang discovered a heap-based buffer overflow in the tipc_msg_build function in the Linux kernel. A local attacker could use to cause a denial of service or possibly execute arbitrary code with administrative privileges. Various other issues were also addressed.
f93b3056d137e6f094a683c78f33de2cfc51578e2b30f5bf0580b49f3136e70eGentoo Linux Security Advisory 201706-14 - Multiple vulnerabilities have been found in FreeType, the worst of which allows remote attackers to execute arbitrary code. Versions less than 2.8 are affected.
d5896fe968f276e9777c40ceb6bb2ecf8c61938a3d77fd2a63e307b9529a3f09Gentoo Linux Security Advisory 201706-13 - An out-of-bounds data access in minicom might allow remote attackers to execute arbitrary code. Versions less than 2.7.1 are affected.
af20739aac62fa0e19e3433e95656fbff15e7579d60feb7aaf7cddcd2478abb5Gentoo Linux Security Advisory 201706-12 - Multiple vulnerabilities have been found in Wireshark, the worst of which allows remote attackers to cause a Denial of Service condition. Versions less than 2.2.6 are affected.
77739c806886f874d250eb638f6d93c94224d845afd46bdcc291ffc971ad5ddeGentoo Linux Security Advisory 201706-15 - Multiple vulnerabilities have been found in WebKitGTK+, the worst of which allows remote attackers to execute arbitrary code. Versions less than 2.16.3 are affected.
0f0105d96fbcea6b9b76a7f79a96aabbf255ca8d1f252a50706a3a60ce70ec80Ubuntu Security Notice 3314-1 - It was discovered that the keyring implementation in the Linux kernel in some situations did not prevent special internal keyrings from being joined by userspace keyrings. A privileged local attacker could use this to bypass module verification. It was discovered that a buffer overflow existed in the trace subsystem in the Linux kernel. A privileged local attacker could use this to execute arbitrary code. Various other issues were also addressed.
97b6224fb0c1440e3c27196c751fe7e85e5f5e540f680453e3395eb740d8b882
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed