all things security
Showing 51 - 75 of 100 RSS Feed

Files

Mach Race OS X Local Privilege Escalation
Posted Apr 27, 2016
Authored by reverser

This is a SUID, SIP, and binary entitlements universal OS X local privilege escalation exploit.

tags | exploit, local
systems | apple, osx
advisories | CVE-2016-1757
MD5 | 5e928a94c937ab6683178d70d0000c4e

Related Files

VMware Backdoor ghi.guest.trashFolder.state Uninitialized Memory
Posted May 8, 2012
Authored by Derek Soeder

The vulnerability described in this document could hypothetically be exploited by unprivileged code running in a VMware virtual machine (guest) in order to execute code in the host VMX process, thereby breaking out of the virtual machine; however, such exploitation has not been proven.

tags | advisory
advisories | CVE-2012-1517
MD5 | 23a15e8e5f4e8c749191a128067b6a74
Secunia Security Advisory 49069
Posted May 8, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for linux-lts-backport-natty. This fixes multiple vulnerabilities, which can be exploited by malicious, local users in a guest virtual machine and malicious, local users to cause a DoS (Denial of Service).

tags | advisory, denial of service, local, vulnerability
systems | linux, ubuntu
MD5 | 2f8be294feed83220700df9efe876b7e
VMware Backdoor Response Uninitialized Memory Potential VM Break
Posted May 6, 2012
Authored by Derek Soeder

The vulnerability described in this document could hypothetically be exploited by unprivileged code running in a VMware virtual machine (guest) in order to execute code in the host VMX process, thereby breaking out of the virtual machine; however, such exploitation has not been proven. In the event that arbitrary code execution in the VMX process is possible, kernel privileges can be obtained on a Windows host by abusing the VMX process's special access to a VMware driver, meaning the maximum possible impact of this vulnerability is elevation from unprivileged guest code execution to host kernel code execution.

tags | exploit, arbitrary, kernel, code execution
systems | windows
advisories | CVE-2012-1516
MD5 | 2ef8f66ab0e238a9620ce20fe03c5f8f
Secunia Security Advisory 49032
Posted May 5, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in VMware Workstation, VMware Player, and VMware Fusion, which can be exploited by malicious, local users in a guest virtual machine to gain escalated privileges.

tags | advisory, local, vulnerability
MD5 | b7ea7f110a9181297fe022fe4234ec97
Secunia Security Advisory 49019
Posted May 5, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in VMware ESX Server and VMware ESXi, which can be exploited by malicious, local users in a guest virtual machine to gain escalated privileges and by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.

tags | advisory, denial of service, local, vulnerability
MD5 | 518bf33aea6aa5a2a0e5ce08e965445b
Red Hat Security Advisory 2012-0533-01
Posted May 1, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0533-01 - Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. A flaw was found in the way Samba handled certain Local Security Authority Remote Procedure Calls. An authenticated user could use this flaw to issue an RPC call that would modify the privileges database on the Samba server, allowing them to steal the ownership of files and directories that are being shared by the Samba server, and create, delete, and modify user accounts, as well as other Samba server administration tasks.

tags | advisory, remote, local, protocol
systems | linux, redhat
advisories | CVE-2012-2111
MD5 | bb9a5704371e720d42b963106ef75117
Red Hat Security Advisory 2012-0531-01
Posted May 1, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0531-01 - The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine hypervisor. It includes everything necessary to run and manage virtual machines: A subset of the Red Hat Enterprise Linux operating environment and the Red Hat Enterprise Virtualization Agent. Note: Red Hat Enterprise Virtualization Hypervisor is only available for the Intel 64 and AMD64 architectures with virtualization extensions. A flaw was found in the way libtasn1 decoded DER data. An attacker could create carefully-crafted DER encoded input that, when parsed by an application that uses libtasn1, could cause the application to crash.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2012-0864, CVE-2012-1569, CVE-2012-1573
MD5 | 49fa800e9d557cdd668681bb30c7bdf2
Secunia Security Advisory 49027
Posted May 1, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for the kernel. This fixes multiple vulnerabilities, which can be exploited by malicious, local users and malicious, local users in a guest virtual machine to cause a DoS (Denial of Service).

tags | advisory, denial of service, kernel, local, vulnerability
systems | linux, ubuntu
MD5 | 7e139f515d275bb7cf68f7637f55749d
Secunia Security Advisory 48987
Posted May 1, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for linux-lts-backport-oneiric. This fixes multiple vulnerabilities, which can be exploited by malicious, local users and malicious, local users in a guest virtual machine to cause a DoS (Denial of Service).

tags | advisory, denial of service, local, vulnerability
systems | linux, ubuntu
MD5 | 60c0139f3936327d80e638800092469b
Secunia Security Advisory 48959
Posted Apr 27, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - VMware has acknowledged some vulnerabilities in VMware ESX Server, which can be exploited by malicious, local users in a guest virtual machine to gain escalated privileges and by malicious people to cause a DoS (Denial of Service) and potentially compromise the vulnerable system.

tags | advisory, denial of service, local, vulnerability
MD5 | ed68028d1665d790c24cb4bda7a039da
Ubuntu Security Notice USN-1425-1
Posted Apr 25, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1425-1 - Sasha Levin discovered a flaw in the permission checking for device assignments requested via the kvm ioctl in the Linux kernel. A local user could use this flaw to crash the system causing a denial of service. Stephan discovered a flaw in the KVM (kernel-based virtual machine) subsystem of the Linux kernel. A local unprivileged user can crash use this flaw to crash VMs causing a deny of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2011-4347, CVE-2012-0045, CVE-2012-1090, CVE-2012-1097, CVE-2011-4347, CVE-2012-0045, CVE-2012-1090, CVE-2012-1097
MD5 | 95271c9f24991bd512ccaf6738d4f8da
Ubuntu Security Notice USN-1426-1
Posted Apr 25, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1426-1 - Sasha Levin discovered a flaw in the permission checking for device assignments requested via the kvm ioctl in the Linux kernel. A local user could use this flaw to crash the system causing a denial of service. Stephan discovered a flaw in the KVM (kernel-based virtual machine) subsystem of the Linux kernel. A local unprivileged user can crash use this flaw to crash VMs causing a deny of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2011-4347, CVE-2012-0045, CVE-2012-1090, CVE-2012-1097, CVE-2011-4347, CVE-2012-0045, CVE-2012-1090, CVE-2012-1097
MD5 | 3951314e09aedfa23a82d047ac46011a
Secunia Security Advisory 48898
Posted Apr 24, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for the kernel. This fixes multiple vulnerabilities, which can be exploited by malicious, local users and malicious, local users in a guest virtual machine to cause a DoS (Denial of Service) and gain escalated privileges and by malicious people to cause a DoS.

tags | advisory, denial of service, kernel, local, vulnerability
systems | linux, suse
MD5 | 13be216706215cec3e7b0c1b04206e93
Secunia Security Advisory 48914
Posted Apr 24, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for linux-ec2 and linux. This fixes some vulnerabilities, which can can be exploited by malicious, local users and malicious, local users in a guest virtual machine to cause a DoS (Denial of Service).

tags | advisory, denial of service, local, vulnerability
systems | linux, ubuntu
MD5 | 0a62a8ad5d43b4bbda2e26eb752dc8b6
TFTP Server for Windows 1.4 ST WRQ Buffer Overflow
Posted Apr 20, 2012
Authored by Mati Aharoni, Datacut | Site metasploit.com

This Metasploit module exploits a vulnerability found in TFTP Server 1.4 ST. The flaw is due to the way TFTP handles the filename parameter extracted from a WRQ request. The server will append the user-supplied filename to TFTP server binary's path without any bounds checking, and then attempt to open this with a fopen(). Since this isn't a valid file path, fopen() returns null, which allows the corrupted data to be used in a strcmp() function, causing an access violation. Since the offset is sensitive to how the TFTP server is launched, you must know in advance if your victim machine launched the TFTP as a 'Service' or 'Standalone' , and then manually select your target accordingly. A successful attempt will lead to remote code execution under the context of SYSTEM if run as a service, or the user if run as a standalone. A failed attempt will result a denial-of-service.

tags | exploit, remote, code execution
advisories | CVE-2008-1611, OSVDB-43785
MD5 | 8f2ae73e98b6641dd64a489e75f5ee4c
Secunia Security Advisory 48852
Posted Apr 19, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in KVM, which can be exploited by malicious, local users in a guest virtual machine to cause a DoS (Denial of Service).

tags | advisory, denial of service, local
MD5 | e0a76250f176e54c209de9cc7aad4e9f
Secunia Security Advisory 48820
Posted Apr 16, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for the kernel. This fixes two vulnerabilities, which can be exploited by malicious, local users and malicious, local users in a guest virtual machine to cause a DoS (Denial of Service).

tags | advisory, denial of service, kernel, local, vulnerability
systems | linux, ubuntu
MD5 | 00d6a169b47da96177714274f48893ad
Total Quality Machines SQL Injection
Posted Apr 14, 2012
Authored by CrAzY CrAcKeR

Total Quality Machines suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 657ab0ecb0d107b27dca2e275dd2accb
Red Hat Security Advisory 2012-0478-01
Posted Apr 13, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0478-01 - Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. A flaw in the Samba suite's Perl-based DCE/RPC IDL compiler, used to generate code to handle RPC calls, resulted in multiple buffer overflows in Samba. A remote, unauthenticated attacker could send a specially-crafted RPC request that would cause the Samba daemon to crash or, possibly, execute arbitrary code with the privileges of the root user.

tags | advisory, remote, overflow, arbitrary, root, perl, protocol
systems | linux, redhat
advisories | CVE-2012-1182
MD5 | 4de037de21a7b4ca59a2da53dfa2ecee
Secunia Security Advisory 48799
Posted Apr 13, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for linux-lts-backport-maverick. This fixes two vulnerabilities, which can be exploited by malicious, local users and malicious, local users in a guest virtual machine to cause a DoS (Denial of Service).

tags | advisory, denial of service, local, vulnerability
systems | linux, ubuntu
MD5 | fc8438f691058c780c138e7a52abcd91
Ubuntu Security Notice USN-1422-1
Posted Apr 12, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1422-1 - Sasha Levin discovered a flaw in the permission checking for device assignments requested via the kvm ioctl in the Linux kernel. A local user could use this flaw to crash the system causing a denial of service. Stephan discovered a flaw in the KVM (kernel-based virtual machine) subsystem of the Linux kernel. A local unprivileged user can crash use this flaw to crash VMs causing a deny of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2011-4347, CVE-2012-0045, CVE-2012-1097, CVE-2012-1146, CVE-2011-4347, CVE-2012-0045, CVE-2012-1097, CVE-2012-1146
MD5 | 80a625bd61690065e71da1f38dee391b
Ubuntu Security Notice USN-1421-1
Posted Apr 12, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1421-1 - Sasha Levin discovered a flaw in the permission checking for device assignments requested via the kvm ioctl in the Linux kernel. A local user could use this flaw to crash the system causing a denial of service. Stephan discovered a flaw in the KVM (kernel-based virtual machine) subsystem of the Linux kernel. A local unprivileged user can crash use this flaw to crash VMs causing a deny of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2011-4347, CVE-2012-0045, CVE-2012-1097, CVE-2012-1146, CVE-2011-4347, CVE-2012-0045, CVE-2012-1097, CVE-2012-1146
MD5 | 092b4b3c453c5618f99a5620594fb119
Red Hat Security Advisory 2012-0466-01
Posted Apr 11, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0466-01 - Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. A flaw in the Samba suite's Perl-based DCE/RPC IDL compiler, used to generate code to handle RPC calls, resulted in multiple buffer overflows in Samba. A remote, unauthenticated attacker could send a specially-crafted RPC request that would cause the Samba daemon to crash or, possibly, execute arbitrary code with the privileges of the root user.

tags | advisory, remote, overflow, arbitrary, root, perl, protocol
systems | linux, redhat
advisories | CVE-2012-1182
MD5 | f439d60b3b34f702a51295d84ff3ff80
Red Hat Security Advisory 2012-0465-01
Posted Apr 11, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0465-01 - Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. A flaw in the Samba suite's Perl-based DCE/RPC IDL compiler, used to generate code to handle RPC calls, resulted in multiple buffer overflows in Samba. A remote, unauthenticated attacker could send a specially-crafted RPC request that would cause the Samba daemon to crash or, possibly, execute arbitrary code with the privileges of the root user.

tags | advisory, remote, overflow, arbitrary, root, perl, protocol
systems | linux, redhat
advisories | CVE-2012-1182
MD5 | 64fedab336fe0cd2aa370314bed7c0b1
Secunia Security Advisory 48645
Posted Apr 9, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in KVM qemu-kvm, which can be exploited by malicious, local users in a guest virtual machine to cause a DoS (Denial of Service).

tags | advisory, denial of service, local
MD5 | 5f631a0962c8d8d206fd0d11caaaddd5
Page 3 of 4
Back1234Next

File Archive:

October 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    15 Files
  • 2
    Oct 2nd
    16 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    11 Files
  • 6
    Oct 6th
    6 Files
  • 7
    Oct 7th
    2 Files
  • 8
    Oct 8th
    1 Files
  • 9
    Oct 9th
    13 Files
  • 10
    Oct 10th
    16 Files
  • 11
    Oct 11th
    15 Files
  • 12
    Oct 12th
    23 Files
  • 13
    Oct 13th
    13 Files
  • 14
    Oct 14th
    12 Files
  • 15
    Oct 15th
    2 Files
  • 16
    Oct 16th
    16 Files
  • 17
    Oct 17th
    16 Files
  • 18
    Oct 18th
    14 Files
  • 19
    Oct 19th
    8 Files
  • 20
    Oct 20th
    7 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close