Exploit the possiblities
Showing 1 - 25 of 100 RSS Feed

Files

Mach Race OS X Local Privilege Escalation
Posted Apr 27, 2016
Authored by reverser

This is a SUID, SIP, and binary entitlements universal OS X local privilege escalation exploit.

tags | exploit, local
systems | apple, osx
advisories | CVE-2016-1757
MD5 | 5e928a94c937ab6683178d70d0000c4e

Related Files

Zero Day Initiative Advisory 12-144
Posted Aug 17, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-144 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the EMC Autostart ftAgent, which is deployed on machines managed by EMC Autostart by default. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing routines for op-codes used by EMC Autostart ftAgent's proprietary network protocol. This ftAgent.exe service listens on TCP port 8045, and performs arithmetic for memory size calculation using values read from the network without validation. This arithmetic is susceptible to integer overflow, causing the memory allocation to be undersized, ultimately allowing for heap-based memory corruption. An attacker can exploit this condition to gain remote code execution as user SYSTEM.

tags | advisory, remote, overflow, arbitrary, tcp, code execution, protocol
advisories | CVE-2012-0409
MD5 | 7588a6892021720d23b0533b79b8b4a8
Secunia Security Advisory 50093
Posted Aug 17, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in VMware Workstation and VMware Player, which can be exploited by malicious, local users in a guest virtual machine to gain escalated privileges.

tags | advisory, local, vulnerability
MD5 | 84e4aeaad5ea0f9fed3c71f491569980
Haveged 1.5
Posted Aug 14, 2012
Site issihosts.com

haveged is a daemon that feeds the /dev/random pool on Linux using an adaptation of the HArdware Volatile Entropy Gathering and Expansion algorithm invented at IRISA. The algorithm is self-tuning on machines with cpuid support, and has been tested in both 32-bit and 64-bit environments. The tarball uses the GNU build mechanism, and includes self test targets and a spec file for those who want to build an RPM.

Changes: A run time test option has been added to haveged that enables the execution of one or both of the principle AIS-31 test suites at haveged initialization and/or continuously during subsequent output. Several other changes have also been made to make haveged work better with both the systemd and sysv init systems.
tags | tool
systems | linux, unix
MD5 | 89ea7d79c76160f13065301d952091d7
Ubuntu Security Notice USN-1529-1
Posted Aug 13, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1529-1 - A flaw was discovered in the Linux kernel's macvtap device driver, which is used in KVM (Kernel-based Virtual Machine) to create a network bridge between host and guest. A privileged user in a guest could exploit this flaw to crash the host, if the vhost_net module is loaded with the experimental_zcopytx option enabled. An error was discovered in the Linux kernel's network TUN/TAP device implementation. A local user with access to the TUN/TAP interface (which is not available to unprivileged users until granted by a root user) could exploit this flaw to crash the system or potential gain administrative privileges. Various other issues were also addressed.

tags | advisory, kernel, local, root
systems | linux, ubuntu
advisories | CVE-2012-2119, CVE-2012-2136, CVE-2012-2137, CVE-2012-2372, CVE-2012-2373, CVE-2012-3364, CVE-2012-3375, CVE-2012-3400, CVE-2012-2119, CVE-2012-2136, CVE-2012-2137, CVE-2012-2372, CVE-2012-2373, CVE-2012-3364, CVE-2012-3375, CVE-2012-3400
MD5 | af2ef686a035e339e802557747aba3df
Ubuntu Security Notice USN-1514-1
Posted Aug 13, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1514-1 - A flaw was discovered in the Linux kernel's macvtap device driver, which is used in KVM (Kernel-based Virtual Machine) to create a network bridge between host and guest. A privileged user in a guest could exploit this flaw to crash the host, if the vhost_net module is loaded with the experimental_zcopytx option enabled. An error was discovered in the Linux kernel's network TUN/TAP device implementation. A local user with access to the TUN/TAP interface (which is not available to unprivileged users until granted by a root user) could exploit this flaw to crash the system or potential gain administrative privileges. Various other issues were also addressed.

tags | advisory, kernel, local, root
systems | linux, ubuntu
advisories | CVE-2012-2119, CVE-2012-2136, CVE-2012-2137, CVE-2012-2372, CVE-2012-2373, CVE-2012-3364, CVE-2012-3375, CVE-2012-3400, CVE-2012-2119, CVE-2012-2136, CVE-2012-2137, CVE-2012-2372, CVE-2012-2373, CVE-2012-3364, CVE-2012-3375, CVE-2012-3400
MD5 | 135d74622b0eb63c6f412c8920b6b530
Secunia Security Advisory 50191
Posted Aug 13, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Xen, which can be exploited by malicious, local users in a guest virtual machine to cause a DoS (Denial of Service).

tags | advisory, denial of service, local
MD5 | dbad3801dc50fc657baf8b53b2a8ae54
Secunia Security Advisory 50096
Posted Aug 1, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for xen. This fixes a vulnerability, which can be exploited by malicious, local users in a guest virtual machine to cause a DoS (Denial of Service).

tags | advisory, denial of service, local
systems | linux, redhat
MD5 | a480bd6579055583b13a0bbd7717a1da
Secunia Security Advisory 49789
Posted Jul 29, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Xen, which can be exploited by malicious, local users in a guest virtual machine to cause a DoS (Denial of Service).

tags | advisory, denial of service, local
MD5 | 1733ffd39953d0e02c18eb2702ac9400
Secunia Security Advisory 49998
Posted Jul 20, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for xen. This fixes two vulnerabilities, which can be exploited by malicious, local users in a guest virtual machine to cause a DoS (Denial of Service) and gain escalated privileges.

tags | advisory, denial of service, local, vulnerability
systems | linux, suse
MD5 | d9b38b04463866bc9b19247140185761
Ubuntu Security Notice USN-1507-1
Posted Jul 17, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1507-1 - A flaw was found in the Linux kernel's KVM (Kernel Virtual Machine) virtual cpu setup. An unprivileged local user could exploit this flaw to crash the system leading to a denial of service. An error was found in the Linux kernel's IPv6 netfilter when connection tracking is enabled. A remote attacker could exploit this flaw to crash a system if it is using IPv6 with the nf_contrack_ipv6 kernel module loaded. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2012-1601, CVE-2012-2744, CVE-2012-1601, CVE-2012-2744
MD5 | 4214caf4318fe3057bfd0b939ab98b5f
Ubuntu Security Notice USN-1505-1
Posted Jul 13, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1505-1 - It was discovered that multiple flaws existed in the CORBA (Common Object Request Broker Architecture) implementation in OpenJDK. An attacker could create a Java application or applet that used these flaws to bypass Java sandbox restrictions or modify immutable object data. It was discovered that multiple flaws existed in the OpenJDK font manager's layout lookup implementation. A attacker could specially craft a font file that could cause a denial of service through crashing the JVM (Java Virtual Machine) or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, java, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2012-1713, CVE-2012-1716, CVE-2012-1717, CVE-2012-1718, CVE-2012-1724, CVE-2012-1711, CVE-2012-1713, CVE-2012-1716, CVE-2012-1717, CVE-2012-1718, CVE-2012-1719, CVE-2012-1723, CVE-2012-1724, CVE-2012-1725
MD5 | 68cb42ee2849dcd9fc6d1c93e52da21e
Secunia Security Advisory 49861
Posted Jul 11, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - OpenVZ has issued an update for the kernel. This fixes two vulnerabilities, which can be exploited by malicious, local users in a guest virtual machine to gain escalated privileges and by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, kernel, local, vulnerability
MD5 | cbf06ee68dcce0eb42c7e00633aaec8b
AdminStudio LaunchHelp.dll ActiveX Arbitrary Code Execution
Posted Jul 9, 2012
Authored by rgod, juan | Site metasploit.com

This Metasploit module exploits a vulnerability in AdminStudio LaunchHelp.dll ActiveX control. The LaunchProcess function found in LaunchHelp.HelpLauncher.1 allows remote attackers to run arbitrary commands on the victim machine. This Metasploit module has been successfully tested with the ActiveX installed with AdminStudio 9.5, which also comes with Novell ZENworks Configuration Management 10 SP2, on IE 6 and IE 8 over Windows XP SP 3.

tags | exploit, remote, arbitrary, activex
systems | windows, xp
advisories | CVE-2011-2657, OSVDB-76700
MD5 | 66c6a3ef11bb525cd8be0342facce81f
Red Hat Security Advisory 2012-1060-01
Posted Jul 9, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1060-01 - Cobbler is a network install server. Cobbler supports PXE, virtualized installs, and re-installing existing Linux machines. A command injection flaw was found in Cobbler's power management XML-RPC method. A remote, authenticated user who is permitted to perform Cobbler configuration changes via the Cobbler XML-RPC API, could use this flaw to execute arbitrary code with root privileges on the Red Hat Network Satellite server. Note: Red Hat Network Satellite uses a special user account to configure Cobbler. By default, only this account is permitted to perform Cobbler configuration changes, and the credentials for the account are only accessible to the Satellite host's administrator. As such, this issue only affected environments where the administrator allowed other users to make Cobbler configuration changes.

tags | advisory, remote, arbitrary, root
systems | linux, redhat
advisories | CVE-2012-2395
MD5 | fe9045b8f0d6abd85965decfc6a0906c
Secunia Security Advisory 49774
Posted Jul 3, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - OpenVZ has issued an update for the kernel. This fixes multiple vulnerabilities, which can be exploited by malicious, local users in a guest virtual machine to cause a DoS (Denial of Service), by malicious, local users to cause a DoS (Denial of Service), potentially gain escalated privileges, and compromise a vulnerable system.

tags | advisory, denial of service, kernel, local, vulnerability
MD5 | 52b1dfd63b98203f9c944dcf74ae934a
Secunia Security Advisory 49736
Posted Jun 28, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for the kernel. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to disclose certain system information, manipulate certain data, cause a DoS (Denial of Service), gain escalated privileges, by malicious, local users in a guest virtual machine to cause a DoS (Denial of Service), and by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system.

tags | advisory, denial of service, kernel, local, vulnerability
systems | linux, suse
MD5 | 456bf228743c2e6c6af6e5131a5310eb
Secunia Security Advisory 49733
Posted Jun 27, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for the kernel. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to potentially gain escalated privileges and cause a DoS (Denial of Service), by malicious, local users in a guest virtual machine to cause a DoS (Denial of Service), and by malicious people to compromise a vulnerable system.

tags | advisory, denial of service, kernel, local, vulnerability
systems | linux, redhat
MD5 | f35255787b738d34c67ab030ae870051
Secunia Security Advisory 49570
Posted Jun 25, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for xen. This fixes two vulnerabilities, which can be exploited by malicious, local users in a guest virtual machine to cause a DoS (Denial of Service) and gain escalated privileges.

tags | advisory, denial of service, local, vulnerability
systems | linux, debian
MD5 | e843347a4ea2e2d18382b34de41b5e16
Red Hat Security Advisory 2012-1009-01
Posted Jun 20, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1009-01 - These packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Software Development Kit. Multiple flaws were discovered in the CORBA implementation in Java. A malicious Java application or applet could use these flaws to bypass Java sandbox restrictions or modify immutable object data. It was discovered that the SynthLookAndFeel class from Swing did not properly prevent access to certain UI elements from outside the current application context. A malicious Java application or applet could use this flaw to crash the Java Virtual Machine, or bypass Java sandbox restrictions.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2012-1711, CVE-2012-1713, CVE-2012-1716, CVE-2012-1717, CVE-2012-1718, CVE-2012-1719, CVE-2012-1723, CVE-2012-1724, CVE-2012-1725, CVE-2012-1726
MD5 | 49fc678c6fae24406018000297c6ee38
Secunia Security Advisory 49625
Posted Jun 19, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for the kernel. This fixes multiple which can be exploited by malicious, local users in a guest virtual machine to cause a DoS (Denial of Service), by malicious, local users to cause a DoS (Denial of Service), potentially gain escalated privileges, and compromise a vulnerable system.

tags | advisory, denial of service, kernel, local
systems | linux, redhat
MD5 | 53f13140b9ca861f7cbe8972cc724d55
Secunia Security Advisory 49633
Posted Jun 18, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for linux-ti-omap4. This fixes multiple vulnerabilities, which can be exploited by malicious, local users in a guest virtual machine to cause a DoS (Denial of Service), by malicious, local users to gain escalated privileges, and by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, local, vulnerability
systems | linux, ubuntu
MD5 | 8d01cfe302ccb5b0e2728fdd1b5ae68d
Ubuntu Security Notice USN-1476-1
Posted Jun 16, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1476-1 - Andy Adamson discovered a flaw in the Linux kernel's NFSv4 implementation. A remote NFS server (attacker) could exploit this flaw to cause a denial of service. A flaw was discovered in the Linux kernel's KVM (kernel virtual machine). An administrative user in the guest OS could leverage this flaw to cause a denial of service in the host OS. Schacher Raindel discovered a flaw in the Linux kernel's memory handling when hugetlb is enabled. An unprivileged local attacker could exploit this flaw to cause a denial of service and potentially gain higher privileges. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2011-4131, CVE-2012-2121, CVE-2012-2133, CVE-2012-2313, CVE-2012-2319, CVE-2012-2383, CVE-2012-2384, CVE-2011-4131, CVE-2012-2121, CVE-2012-2133, CVE-2012-2313, CVE-2012-2319, CVE-2012-2383, CVE-2012-2384
MD5 | 2237ceeb150d9e69b8ce5bc1021f91cb
Secunia Security Advisory 49556
Posted Jun 15, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for linux and linux-ti-omap4. This fixes two vulnerabilities, which can be exploited by malicious, local users in a guest virtual machine to cause a DoS (Denial of Service) and by malicious, local users to cause a DoS (Denial of Service) and potentially gain escalated privileges.

tags | advisory, denial of service, local, vulnerability
systems | linux, ubuntu
MD5 | 037248f769fb4fcf00f4944b6d10883e
Secunia Security Advisory 49548
Posted Jun 14, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for the kernel. This fixes multiple vulnerabilities, which can be exploited by malicious, local users in a guest virtual machine to cause a DoS (Denial of Service), by malicious, local users to gain escalated privileges, and by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, kernel, local, vulnerability
systems | linux, ubuntu
MD5 | 668c80053a843bb14634d3157cf342b5
Secunia Security Advisory 49547
Posted Jun 14, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for the kernel. This fixes two vulnerabilities, which can be exploited by malicious, local users in a guest virtual machine and by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, kernel, local, vulnerability
systems | linux, ubuntu
MD5 | 065fd4869b7759dd6e9cb150d1e55cc1
Page 1 of 4
Back1234Next

File Archive:

December 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    15 Files
  • 2
    Dec 2nd
    2 Files
  • 3
    Dec 3rd
    1 Files
  • 4
    Dec 4th
    15 Files
  • 5
    Dec 5th
    15 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    17 Files
  • 8
    Dec 8th
    15 Files
  • 9
    Dec 9th
    13 Files
  • 10
    Dec 10th
    4 Files
  • 11
    Dec 11th
    41 Files
  • 12
    Dec 12th
    42 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close