FreeBSD setrlimit stack clash proof of concept exploit.
55fb8566c8dcae52540b3d92f7a1228604de1093d9d64e40a1cebbbe5ec1f611Linux kernel ldso_hwcap stack clash privilege escalation exploit. This affects Debian 7/8/9/10, Fedora 23/24/25, and CentOS 5.3/5.11/6.0/6.8/7.2.1511.
e3bc684fbe0cc5c683f1e0aa4b3c0294f9ee713b3f50398609a3d2677cd20406FreeBSD FGPE stack clash proof of concept exploit.
2dddaf6810e24694581a3d0559ab7f60f9bdef61855acef6f9cdc6c393b35315FreeBSD FGPU stack clash proof of concept exploit.
fa4055aa1f668bb096eafa433dace0e75f81c48fefa47f2d5271474380116c6bOracle Solaris versions 11.1 and 11.3 rsh local privilege escalation stack clash exploit.
d6fc2124ab39b596a408ba197a8da71c03b284c1dac54ac107cc4d471c892d32This Metasploit module exploits a use-after-free vulnerability in the handling of SSL NDMP connections in Veritas/Symantec Backup Exec's Remote Agent for Windows. When SSL is re-established on a NDMP connection that previously has had SSL established, the BIO struct for the connection's previous SSL session is reused, even though it has previously been freed. This Metasploit module supports 3 specific versions of the Backup Exec agent in the 14, 15 and 16 series on 64-bit and 32-bit versions of Windows and has been tested from Vista to Windows 10.
18615ac29398d7f2d7f4f16eff1790cc387a69c2808a4e6bb7a5632253c7e45fThe Fileserver web application in Apache ActiveMQ 5.x before 5.14.0 allows remote attackers to upload and execute arbitrary files via an HTTP PUT followed by an HTTP MOVE request.
0bc2dbf6d87b6049a30cf872cd58cbce1c72539afcf4cc3fcb3c44514b701ed1Kaspersky Anti-Virus for Linux File Server version 8.0.3.297 suffers from remote code execution, cross site request forgery, cross site scripting, security bypass, information disclosure, and path traversal vulnerabilities.
1011f2188afe2cfa015134b365c225eb892ed298b59a2beb4cc63a8e09cdc1b0VASA Provider Virtual Appliance versions prior to 8.3.x may potentially be vulnerable to an unauthenticated remote code execution vulnerability. An unauthenticated remote attacker could upload a malicious file to run arbitrary code on the system with root privileges.
a4d0a8672e720b49dae2fef3ee2fa48acda55214ead9237b46537b91eade0b32Ubuntu Security Notice 3345-1 - USN 3324-1 fixed a vulnerability in the Linux kernel. However, that fix introduced regressions for some Java applications. This update addresses the issue. Roee Hay discovered that the parallel port printer driver in the Linux kernel did not properly bounds check passed arguments. A local attacker with write access to the kernel command line arguments could use this to execute arbitrary code. Various other issues were also addressed.
4fad8a2d68a376e72996bff518accee987d6531fbdbaade3e1a8aafe24ebd666Ubuntu Security Notice 3344-2 - USN-3344-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. USN 3334-1 fixed a vulnerability in the Linux kernel. However, that fix introduced regressions for some Java applications. This update addresses the issue. Various other issues were also addressed.
ec10468c5bcc0374a009d044a4736922434eb7ade1b26c45c16cecb020b07cafUbuntu Security Notice 3344-1 - USN 3328-1 fixed a vulnerability in the Linux kernel. However, that fix introduced regressions for some Java applications. This update addresses the issue. Roee Hay discovered that the parallel port printer driver in the Linux kernel did not properly bounds check passed arguments. A local attacker with write access to the kernel command line arguments could use this to execute arbitrary code. Various other issues were also addressed.
a4f0efc2b95ce1da0e5cacbafafb82858ba2e9f6956f158428863e22f80ea6d3Ubuntu Security Notice 3342-1 - USN 3326-1 fixed a vulnerability in the Linux kernel. However, that fix introduced regressions for some Java applications. This update addresses the issue. It was discovered that a use-after-free flaw existed in the filesystem encryption subsystem in the Linux kernel. A local attacker could use this to cause a denial of service. Roee Hay discovered that the parallel port printer driver in the Linux kernel did not properly bounds check passed arguments. A local attacker with write access to the kernel command line arguments could use this to execute arbitrary code. Various other issues were also addressed.
02f110dbf3f133d2c7e542623023dfb8fc8045b5c5147b836e889becc448b849Ubuntu Security Notice 3343-1 - USN 3335-1 fixed a vulnerability in the Linux kernel. However, that fix introduced regressions for some Java applications. This update addresses the issue. It was discovered that a use-after-free vulnerability in the core voltage regulator driver of the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.
9ea59fe7184daae4dabc3d41854293f31717e8ced346b9507f46908a71b2ba14Ubuntu Security Notice 3343-2 - USN 3343-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM. USN 3335-2 fixed a vulnerability in the Linux kernel. However, that fix introduced regressions for some Java applications. This update addresses the issue. Various other issues were also addressed.
f56a67ded25cba5991da6e27ed05f27e72923a50d6768bc40e175e9410f6a869Ubuntu Security Notice 3338-2 - USN-3338-1 fixed vulnerabilities in the Linux kernel. However, the fix for CVE-2017-1000364 introduced regressions for some Java applications. This update addresses the issue. It was discovered that the stack guard page for processes in the Linux kernel was not sufficiently large enough to prevent overlapping with the heap. An attacker could leverage this with another vulnerability to execute arbitrary code and gain administrative privileges Various other issues were also addressed.
5a99af3894c4fc090fac2baaecc7fd883c01e2ad021d13522a1c7fa248f1aaf7NetBSD stack clash proof of concept exploit.
79d2a60bd57d2106ec864e90aa5a2a7fafd9984de7938980ff4f491b72819769
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed