Exploit the possiblities
Showing 51 - 75 of 100 RSS Feed

Files

Apple Intel HD 3000 Graphics Driver 10.0.0 Privilege Escalation
Posted Apr 8, 2016
Authored by Piotr Bania, Cisco Talos

Apple Intel HD 3000 graphics driver version 10.0.0 suffers from a local privilege escalation vulnerability.

tags | exploit, local
systems | apple
advisories | CVE-2016-1743
MD5 | ad4d4766639445f4f89f542b24e09759

Related Files

Red Hat Security Advisory 2012-0168-01
Posted Feb 21, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0168-01 - The rhev-hypervisor5 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. A heap overflow flaw was found in the way QEMU-KVM emulated the e1000 network interface card. A privileged guest user in a virtual machine whose network interface is configured to use the e1000 emulated driver could use this flaw to crash the host or, possibly, escalate their privileges on the host.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2011-4109, CVE-2011-4576, CVE-2011-4619, CVE-2012-0029, CVE-2012-0207
MD5 | 74fef7fccdc4b73b3a72b2d4867c68aa
Red Hat Security Advisory 2012-0149-03
Posted Feb 21, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0149-03 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. KVM is a Linux kernel module built for the standard Red Hat Enterprise Linux kernel. It was found that the kvm_vm_ioctl_assign_device() function in the KVM subsystem of a Linux kernel did not check if the user requesting device assignment was privileged or not. A member of the kvm group on the host could assign unused PCI devices, or even devices that were in use and whose resources were not properly claimed by the respective drivers, which could result in the host crashing.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2011-4347
MD5 | 566180a1c8bcc360d09d2f78bfa91c1e
Red Hat Security Advisory 2012-0116-01
Posted Feb 15, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0116-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. The proc file system could allow a local, unprivileged user to obtain sensitive information or possibly cause integrity issues. Non-member VLAN packet handling for interfaces in promiscuous mode and also using the be2net driver could allow an attacker on the local network to cause a denial of service.

tags | advisory, denial of service, kernel, local
systems | linux, redhat
advisories | CVE-2011-1020, CVE-2011-3347, CVE-2011-3637, CVE-2011-3638, CVE-2011-4110
MD5 | 80bccdf5c509aae88bc9da2ceeac24cb
Red Hat Security Advisory 2012-0109-01
Posted Feb 15, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0109-01 - The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine hypervisor. It includes everything necessary to run and manage virtual machines: A subset of the Red Hat Enterprise Linux operating environment and the Red Hat Enterprise Virtualization Agent. A heap overflow flaw was found in the way QEMU-KVM emulated the e1000 network interface card. A privileged guest user in a virtual machine whose network interface is configured to use the e1000 emulated driver could use this flaw to crash the host or, possibly, escalate their privileges on the host.

tags | advisory, overflow, kernel
systems | linux, redhat
advisories | CVE-2011-4576, CVE-2011-4577, CVE-2011-4619, CVE-2012-0029
MD5 | a49711ee8164556645fd5fe183fa93d1
Ubuntu Security Notice USN-1339-1
Posted Jan 24, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1339-1 - Nicolae Mogoreanu discovered that QEMU did not properly verify legacy mode packets in the e1000 network driver. A remote attacker could exploit this to cause a denial of service or possibly execute code with the privileges of the user invoking the program. When using QEMU with libvirt or virtualization management software based on libvirt such as Eucalyptus and OpenStack, QEMU guests are individually isolated by an AppArmor profile by default in Ubuntu. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2012-0029
MD5 | fbc6d98e518ad4d85b2b46f045ae2a93
Red Hat Security Advisory 2012-0051-01
Posted Jan 24, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0051-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. KVM is a Linux kernel module built for the standard Red Hat Enterprise Linux kernel. A heap overflow flaw was found in the way QEMU-KVM emulated the e1000 network interface card. A privileged guest user in a virtual machine whose network interface is configured to use the e1000 emulated driver could use this flaw to crash the host or, possibly, escalate their privileges on the host. A flaw was found in the way the KVM subsystem of a Linux kernel handled PIT IRQs when there was no virtual interrupt controller set up. A malicious user in the kvm group on the host could force this situation to occur, resulting in the host crashing.

tags | advisory, overflow, kernel
systems | linux, redhat
advisories | CVE-2011-4622, CVE-2012-0029
MD5 | eb412e012fdeeec9674c1901233256b0
Red Hat Security Advisory 2012-0050-01
Posted Jan 24, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0050-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. qemu-kvm is the user-space component for running virtual machines using KVM. A heap overflow flaw was found in the way QEMU-KVM emulated the e1000 network interface card. A privileged guest user in a virtual machine whose network interface is configured to use the e1000 emulated driver could use this flaw to crash the host or, possibly, escalate their privileges on the host.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2012-0029
MD5 | 542913987630a0139eb4db8f1b835da8
Ubuntu Security Notice USN-1323-1
Posted Jan 11, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1323-1 - Peter Huewe discovered an information leak in the handling of reading security-related TPM data. A local, unprivileged user could read the results of a previous TPM command. Clement Lecigne discovered a bug in the HFS filesystem. A local attacker could exploit this to cause a kernel oops. A flaw was found in the b43 driver in the Linux kernel. An attacker could use this flaw to cause a denial of service if the system has an active wireless interface using the b43 driver. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2011-1162, CVE-2011-2203, CVE-2011-3359, CVE-2011-4110
MD5 | fdb340e96b1e846de292fced5033b322
Technitium MAC Address Changer
Posted Jan 3, 2012
Authored by Shreyas Zare | Site tmac.technitium.com

Technitium MAC Address Changer allows you to change Media Access Control (MAC) Address of your Network Interface Card (NIC) irrespective to your NIC manufacturer or its driver. It has a very simple user interface and provides ample information regarding each NIC in the machine.

MD5 | 2a51808af6f03fff9bd076730e9fe281
Secunia Security Advisory 47324
Posted Dec 21, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in NVIDIA Stereoscopic 3D Driver, which can be exploited by malicious, local users to gain escalated privileges.

tags | advisory, local
MD5 | e5f798e4f41060d276d7d5cca4e138c9
Red Hat Security Advisory 2011-1530-03
Posted Dec 6, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1530-03 - The kernel packages contain the Linux kernel, the core of any Linux operating system. The proc file system could allow a local, unprivileged user to obtain sensitive information or possibly cause integrity issues. Non-member VLAN packet handling for interfaces in promiscuous mode and also using the be2net driver could allow an attacker on the local network to cause a denial of service.

tags | advisory, denial of service, kernel, local
systems | linux, redhat
advisories | CVE-2011-1020, CVE-2011-3347, CVE-2011-3638, CVE-2011-4110
MD5 | dfc3ef314e2580c0027a786e0bf031cb
Ubuntu Security Notice USN-1265-1
Posted Nov 17, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1265-1 - Marc Deslauriers discovered that system-config-printer's cupshelpers scripts used by the Ubuntu automatic printer driver download service queried the OpenPrinting database using an insecure connection. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to install altered packages and repositories.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2011-4405
MD5 | 59f59479d1632d1a61f0acf1d05571a1
Oracle DataDirect Buffer Overflow
Posted Oct 31, 2011
Authored by rgod | Site retrogod.altervista.org

Oracle DataDirect ODBC drivers HOST attribute arsqls24.dll stack-based buffer overflow proof of concept exploit that creates a malicious .oce file.

tags | exploit, overflow, proof of concept
MD5 | 198b80a5a60c8ea162c7e3b9369d4d8a
Zero Day Initiative Advisory 11-309
Posted Oct 26, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-309 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell iPrint Client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the nipplib.dll component. When handling the exposed method GetDriverSettings the application assembles a string for logging consisting of the hostname/port provided as a parameter. When building this message the process will blindly copy user supplied data into a fixed-length buffer on the stack. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the browser.

tags | advisory, remote, arbitrary
advisories | CVE-2011-3173
MD5 | f0e1bbcab09384febb56c85ea7bc250b
Red Hat Security Advisory 2011-1408-01
Posted Oct 26, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1408-01 - An updated rhev-hypervisor package that fixes several security issues is now available. The RHBA-2011:1254 update introduced a regression in the Linux kernel's Ethernet bridge implementation. If a system had an interface in a bridge, and an attacker on the local network could send packets to that interface, they could cause a denial of service on that system. A flaw in the Linux kernel could lead to GRO (Generic Receive Offload) fields being left in an inconsistent state. An attacker on the local network could use this flaw to trigger a denial of service. GRO is enabled by default in all network drivers that support it. Various other issues have also been addressed.

tags | advisory, denial of service, kernel, local
systems | linux, redhat
advisories | CVE-2011-2723, CVE-2011-2942, CVE-2011-3188, CVE-2011-3347
MD5 | a6626ef2f7a1bc04148e8a03ff724275
Ubuntu Security Notice USN-1236-1
Posted Oct 20, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1236-1 - It was discovered that the Auerswald usb driver incorrectly handled lengths of the USB string descriptors. A local attacker with physical access could insert a specially crafted USB device and gain root privileges. It was discovered that the Stream Control Transmission Protocol (SCTP) implementation incorrectly calculated lengths. If the net.sctp.addip_enable variable was turned on, a remote attacker could send specially crafted traffic to crash the system. Various other issues were also addressed.

tags | advisory, remote, local, root, protocol
systems | linux, ubuntu
advisories | CVE-2009-4067, CVE-2011-1573, CVE-2011-2494, CVE-2011-2495, CVE-2011-3188
MD5 | ae2696646303ce38ff705e1ba28f25ad
Oracle DataDirect Multiple Native Wire Protocol ODBC Drivers Buffer Overflow
Posted Oct 20, 2011
Authored by rgod | Site retrogod.altervista.org

Oracle DataDirect multiple native wire protocol ODBC drivers HOST attribute stack based buffer overflow proof of concept exploit. Oracle Hyperion Performance Management and BI version 11.1.2.1.0 is affected.

tags | exploit, overflow, protocol, proof of concept
MD5 | b45ff9698e86a1f31ad62dc540c6f3a1
Asterisk Project Security Advisory - AST-2011-012
Posted Oct 17, 2011
Authored by Terry Wilson | Site asterisk.org

Asterisk Project Security Advisory - The SIP channel driver allows a remote authenticated user that ability to cause a crash with a malformed request due to an uninitialized variable.

tags | advisory, remote
advisories | CVE-2011-4063
MD5 | e24833b31352bf6b884b1638041d30c1
Red Hat Security Advisory 2011-1350-01
Posted Oct 6, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1350-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Flaws in the AGPGART driver implementation when handling certain IOCTL commands could allow a local user to cause a denial of service or escalate their privileges. An integer overflow flaw in agp_allocate_memory() could allow a local user to cause a denial of service or escalate their privileges.

tags | advisory, denial of service, overflow, kernel, local
systems | linux, redhat
advisories | CVE-2011-1160, CVE-2011-1745, CVE-2011-1746, CVE-2011-1833, CVE-2011-2022, CVE-2011-2484, CVE-2011-2496, CVE-2011-2521, CVE-2011-2723, CVE-2011-2898, CVE-2011-2918
MD5 | 79a99725db7b874bbfbfc554b61f3e78
Secunia Security Advisory 45875
Posted Sep 3, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has discovered two vulnerabilities in GEAR CD DVD Filter Driver, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

tags | advisory, denial of service, local, vulnerability
MD5 | a1674e363d9e1980afbd55752e0fbe31
Linux Kernel Be File System Denial Of Service
Posted Aug 20, 2011
Authored by Timo Warns | Site pre-cert.de

The Linux kernel contains a vulnerability in the driver for Be file systems that may lead to a kernel oops via a corrupted Be file system. Kernel versions 2.4, 2.6, and 3.0 are affected.

tags | advisory, kernel
systems | linux
advisories | CVE-2011-2928
MD5 | 45b3af9c97ce47144f6c3d0fa1fb2406
Red Hat Security Advisory 2011-1110-01
Posted Aug 2, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1110-01 - Foomatic is a comprehensive, spooler-independent database of printers, printer drivers, and driver descriptions. The package also includes spooler-independent command line interfaces to manipulate queues and to print files and manipulate print jobs. foomatic-rip is a print filter written in C. An input sanitization flaw was found in the foomatic-rip print filter. An attacker could submit a print job with the username, title, or job options set to appear as a command line option that caused the filter to use a specified PostScript printer description file, rather than the administrator-set one. This could lead to arbitrary code execution with the privileges of the "lp" user.

tags | advisory, arbitrary, code execution
systems | linux, redhat
advisories | CVE-2011-2964
MD5 | f699a6c30b55c384906989974c0aca0c
Red Hat Security Advisory 2011-1109-01
Posted Aug 1, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1109-01 - Foomatic is a comprehensive, spooler-independent database of printers, printer drivers, and driver descriptions. The package also includes spooler-independent command line interfaces to manipulate queues and to print files and manipulate print jobs. foomatic-rip is a print filter written in Perl. An input sanitization flaw was found in the foomatic-rip print filter. An attacker could submit a print job with the username, title, or job options set to appear as a command line option that caused the filter to use a specified PostScript printer description file, rather than the administrator-set one. This could lead to arbitrary code execution with the privileges of the "lp" user.

tags | advisory, arbitrary, perl, code execution
systems | linux, redhat
advisories | CVE-2011-2697
MD5 | 8b9f09e7b634b854e2f9185858fa35f4
Secunia Security Advisory 45260
Posted Jul 27, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in the AMD Catalyst Proprietary Display Driver (Linux), which can be exploited by malicious, local users to disclose sensitive information.

tags | advisory, local
systems | linux
MD5 | 6a4f4d703cfbc287e3221acd7b8a4d86
Ubuntu Security Notice USN-1159-1
Posted Jul 14, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1159-1 - Brad Spengler discovered that the kernel did not correctly account for userspace memory allocations during exec() calls. A local attacker could exploit this to consume all system memory, leading to a denial of service. Alexander Duyck discovered that the Intel Gigabit Ethernet driver did not correctly handle certain configurations. If such a device was configured without VLANs, a remote attacker could crash the system, leading to a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2010-4243, CVE-2010-4263, CVE-2010-4342, CVE-2010-4529, CVE-2010-4565, CVE-2011-0463, CVE-2011-0695, CVE-2011-0711, CVE-2011-0726, CVE-2011-1013, CVE-2011-1016, CVE-2011-1017, CVE-2011-1019, CVE-2011-1090, CVE-2011-1163, CVE-2011-1170, CVE-2011-1171, CVE-2011-1172, CVE-2011-1173, CVE-2011-1182, CVE-2011-1494, CVE-2011-1495, CVE-2011-1593, CVE-2011-1598, CVE-2011-1745, CVE-2011-1746, CVE-2011-1747, CVE-2011-1748
MD5 | 3d57f1386d9eb0b24e5622f779dd40f7
Page 3 of 4
Back1234Next

File Archive:

November 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    22 Files
  • 2
    Nov 2nd
    28 Files
  • 3
    Nov 3rd
    10 Files
  • 4
    Nov 4th
    1 Files
  • 5
    Nov 5th
    5 Files
  • 6
    Nov 6th
    15 Files
  • 7
    Nov 7th
    15 Files
  • 8
    Nov 8th
    13 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    9 Files
  • 11
    Nov 11th
    3 Files
  • 12
    Nov 12th
    2 Files
  • 13
    Nov 13th
    15 Files
  • 14
    Nov 14th
    17 Files
  • 15
    Nov 15th
    19 Files
  • 16
    Nov 16th
    15 Files
  • 17
    Nov 17th
    19 Files
  • 18
    Nov 18th
    4 Files
  • 19
    Nov 19th
    2 Files
  • 20
    Nov 20th
    9 Files
  • 21
    Nov 21st
    14 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close