Twenty Year Anniversary
Showing 1 - 25 of 13,213 RSS Feed

Arbitrary Files

Microsoft Windows ALPC Task Scheduler Local Privilege Elevation
Posted Sep 22, 2018
Authored by Jacob Robles, bwatters-r7, SandboxEscaper, asoto-r7 | Site metasploit.com

On vulnerable versions of Windows the alpc endpoint method SchRpcSetSecurity implemented by the task scheduler service can be used to write arbitrary DACLs to .job files located in c:\windows\tasks because the scheduler does not use impersonation when checking this location. Since users can create files in the c:\windows\tasks folder, a hardlink can be created to a file the user has read access to. After creating a hardlink, the vulnerability can be triggered to set the DACL on the linked file. WARNING: The PrintConfig.dll (%windir%\system32\driverstor\filerepository\prnms003*) on the target host will be overwritten when the exploit runs. This Metasploit module has been tested against Windows 10 Pro x64.

tags | exploit, arbitrary
systems | windows
advisories | CVE-2018-8440
MD5 | 75182edcb972e293d73fef17dd332fcc
Debian Security Advisory 4298-1
Posted Sep 21, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4298-1 - Luis Merino, Markus Vervier and Eric Sesterhenn discovered that missing input sanitising in the Hylafax fax software could potentially result in the execution of arbitrary code via a malformed fax message.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2018-17141
MD5 | 16d9fa9dc1088373f349597c035aafba
HylaFAX 6.0.6 / 5.6.0 Uninitialized Pointer / Out Of Bounds Write
Posted Sep 20, 2018
Authored by Markus Vervier, Eric Sesterhenn, Luis Merino

Multiple bugs were found in the code handling fax page reception in JPEG format that allow arbitrary writes to an uninitialized pointer by remote parties dialing in. When processing an specially crafted input, the issue could lead to remote code execution. HylaFAX versions 6.0.6 and 5.6.0 are affected.

tags | advisory, remote, arbitrary, code execution
advisories | CVE-2018-17141
MD5 | b13871247b7cf82557cf72c3c2ec0aa3
Ubuntu Security Notice USN-3770-1
Posted Sep 20, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3770-1 - Ibrahim El-Sayed discovered that Little CMS incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. Quang Nguyen discovered that Little CMS incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2016-10165, CVE-2018-16435
MD5 | c76a071756a5e9c15fff292477ecef48
Ubuntu Security Notice USN-3767-2
Posted Sep 19, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3767-2 - USN-3767-1 fixed a vulnerability in GLib. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that GLib incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-16428, CVE-2018-16429
MD5 | 90c9bc38504d7257dd3e7d6c1aca7d16
Ubuntu Security Notice USN-3768-1
Posted Sep 19, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3768-1 - Tavis Ormandy discovered multiple security issues in Ghostscript. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use these issues to access arbitrary files, execute arbitrary code, or cause a denial of service.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-11645, CVE-2018-15911, CVE-2018-16513, CVE-2018-16542
MD5 | d71aa36db910f03a65299778962f6b01
Ubuntu Security Notice USN-3767-1
Posted Sep 19, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3767-1 - It was discovered that GLib incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. It was discovered that GLib incorrectly handled certain files. An attacker could possibly use this issue to access sensitive information.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-16428, CVE-2018-16429
MD5 | af34edfe66cf46cf1905ec01f33cfcf5
Solaris libnspr NSPR_LOG_FILE Privilege Escalation
Posted Sep 18, 2018
Authored by Marco Ivaldi, Brendan Coles | Site metasploit.com

This Metasploit module exploits an arbitrary file write vulnerability in the Netscape Portable Runtime library (libnspr) on unpatched Solaris systems prior to Solaris 10u3 which allows users to gain root privileges. libnspr versions prior to 4.6.3 allow users to specify a log file with the `NSPR_LOG_FILE` environment variable. The log file is created with the privileges of the running process, resulting in privilege escalation when used in combination with a SUID executable. This Metasploit module writes a shared object to the trusted library directory `/usr/lib/secure` and runs the specified SUID binary with the shared object loaded using the `LD_LIBRARY_PATH` environment variable. This Metasploit module has been tested successfully with libnspr version 4.5.1 on Solaris 10u1 (01/06) (x86) and Solaris 10u2 (06/06) (x86).

tags | exploit, arbitrary, x86, root
systems | solaris
advisories | CVE-2006-4842
MD5 | 0f80a93992c7fdfbc617a2b680a3059e
Ubuntu Security Notice USN-3765-2
Posted Sep 17, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3765-2 - USN-3765-1 fixed a vulnerability in curl. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that curl incorrectly handled certain inputs. An attacker could possibly use this to execute arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-14618
MD5 | 046498323331b3221476fc8637909661
Ubuntu Security Notice USN-3765-1
Posted Sep 17, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3765-1 - It was discovered that curl incorrectly handled certain inputs. An attacker could possibly use this to execute arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-14618
MD5 | a456fd55f32a80ce8985878450202aa9
Debian Security Advisory 4295-1
Posted Sep 17, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4295-1 - safety errors and use-after-frees may lead to the execution of arbitrary code or denial of service.

tags | advisory, denial of service, arbitrary
systems | linux, debian
advisories | CVE-2018-12361, CVE-2018-12367, CVE-2018-12371, CVE-2018-5156, CVE-2018-5187
MD5 | c01b31084c3ffcfaf809a853f36ca1f8
Ubuntu Security Notice USN-3761-3
Posted Sep 17, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3761-3 - USN-3761-1 fixed vulnerabilities in Firefox. The update caused several regressions affecting spellchecker dictionaries and search engines, which were partially fixed by USN-3761-2. This update contains the remaining fix. Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, or execute arbitrary code. It was discovered that if a user saved passwords before Firefox 58 and then later set a master password, an unencrypted copy of these passwords would still be accessible. A local user could exploit this to obtain sensitive information. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-12378, CVE-2018-12383
MD5 | 6d86615e6427f6c484cd9030a34da1d7
Debian Security Advisory 4294-1
Posted Sep 17, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4294-1 - Tavis Ormandy discovered multiple vulnerabilites in Ghostscript, an interpreter for the PostScript language, which could result in the execution of arbitrary code if a malformed Postscript file is processed (despite the dSAFER sandbox being enabled).

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2018-16509, CVE-2018-16802
MD5 | 5536e1e864054d6f82660441d74f9e19
Linux dmesg Arbitrary Kernel Read
Posted Sep 13, 2018
Authored by Jann Horn, Google Security Research

Linux suffers from an arbitrary kernel read into dmesg via a missing address check in the segfault handler.

tags | advisory, arbitrary, kernel
systems | linux
MD5 | 06e9283f3dd8c10929847de0f7b403d2
Ubuntu Security Notice USN-3764-1
Posted Sep 13, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3764-1 - It was discovered that Zsh incorrectly handled certain scripts. An attacker could possibly use this issue to execute arbitrary code. Richard Maciel Costa discovered that Zsh incorrectly handled certain scripts. An attacker could possibly use this issue to execute arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-0502, CVE-2018-1100
MD5 | 96d2efb770040fbb9f4157fad27c0c2e
Kernel Live Patch Security Notice LSN-0043-1
Posted Sep 11, 2018
Authored by Benjamin M. Romer

Piotr Gabriel Kosinski and Daniel Shapira discovered a stack-based buffer overflow in the CDROM driver implementation of the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. Jann Horn discovered that the ext4 filesystem implementation in the Linux kernel did not properly keep xattr information consistent in some situations. An attacker could use this to construct a malicious ext4 image that, when mounted, could cause a denial of service (system crash) or possibly execute arbitrary code. Various other issues have also been addressed.

tags | advisory, denial of service, overflow, arbitrary, kernel, local
systems | linux
advisories | CVE-2018-11412, CVE-2018-11506, CVE-2018-12233, CVE-2018-13405, CVE-2018-13406
MD5 | 15d9cf4ac6ec9024e548bcb059849043
Debian Security Advisory 4290-1
Posted Sep 11, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4290-1 - Several vulnerabilities were discovered in libextractor, a library to extract arbitrary meta-data from files, which may lead to denial of service or the execution of arbitrary code if a specially crafted file is opened.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2018-14346, CVE-2018-14347, CVE-2018-16430
MD5 | 95ada67ea55021facccf6ed6bd2c100d
Avaya one-X 9.x / 10.0.x / 10.1.x Arbitrary File Disclosure / Deletion
Posted Sep 10, 2018
Authored by Pedro Andujar

Avaya one-X versions 9.x, 10.0.x, and 10.1.x suffer from arbitrary file disclosure and deletion vulnerabilities.

tags | exploit, arbitrary, vulnerability
advisories | CVE-2018-15610
MD5 | 19f5b0846706f9c5967437b6d530042e
Debian Security Advisory 4288-1
Posted Sep 8, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4288-1 - Tavis Ormandy discovered multiple vulnerabilities in Ghostscript, an interpreter for the PostScript language, which could result in denial of service, the creation of files or the execution of arbitrary code if a malformed Postscript file is processed (despite the dSAFER sandbox being enabled).

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2018-15908, CVE-2018-15910, CVE-2018-15911, CVE-2018-16511, CVE-2018-16513, CVE-2018-16539, CVE-2018-16540, CVE-2018-16541, CVE-2018-16542, CVE-2018-16543, CVE-2018-16585
MD5 | 10e2c7e46f6ca39a6c5ea6ea84540da4
Debian Security Advisory 4287-1
Posted Sep 8, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4287-1 - Several security issues have been found in the Mozilla Firefox web the execution of arbitrary code or denial of service.

tags | advisory, web, denial of service, arbitrary
systems | linux, debian
advisories | CVE-2018-12376, CVE-2018-12377, CVE-2018-12378
MD5 | 8c534446d24d294adfa45680fe616452
Ubuntu Security Notice USN-3761-1
Posted Sep 7, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3761-1 - Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, or execute arbitrary code. It was discovered that if a user saved passwords before Firefox 58 and then later set a master password, an unencrypted copy of these passwords would still be accessible. A local user could exploit this to obtain sensitive information. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2018-12375, CVE-2018-12378, CVE-2018-12383
MD5 | 06dfce46c9c583404c278a7a531ef06a
Ghostscript Failed Restore Command Execution
Posted Sep 6, 2018
Authored by Tavis Ormandy, wvu | Site metasploit.com

This Metasploit module exploits a -dSAFER bypass in Ghostscript to execute arbitrary commands by handling a failed restore (grestore) in PostScript to disable LockSafetyParams and avoid invalidaccess. This vulnerability is reachable via libraries such as ImageMagick, and this module provides the latest vector for Ghostscript.

tags | exploit, arbitrary
advisories | CVE-2018-16509
MD5 | e1336336af62bb506d362910f0cca41f
Ubuntu Security Notice USN-3760-1
Posted Sep 6, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3760-1 - It was discovered that transfig incorrectly handled certain FIG files. An attacker could possibly use this to execute arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-16140
MD5 | ca09dbf76febd01d066aa0419d9842bf
DokuWiki 2018-04-22a Greebo Arbitrary Code Execution
Posted Sep 6, 2018
Authored by Jean-Benjamin Rousseau | Site sec-consult.com

DokuWiki version 2018-04-22a Greebo suffers from a CSV formula injection vulnerability that allows for arbitrary code execution.

tags | exploit, arbitrary, code execution
advisories | CVE-2018-15474
MD5 | da11d55a03deb277ad0e944efc15402f
Debian Security Advisory 4285-1
Posted Sep 6, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4285-1 - Michael Kaczmarczik discovered a vulnerability in the web interface template editing function of Sympa, a mailing list manager. Owner and listmasters could use this flaw to create or modify arbitrary files in the server with privileges of sympa user or owner view list config files even if edit_list.conf prohibits it.

tags | advisory, web, arbitrary
systems | linux, debian
advisories | CVE-2018-1000550
MD5 | 481d44583b29fd54725773edff3d4d40
Page 1 of 529
Back12345Next

File Archive:

September 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    1 Files
  • 2
    Sep 2nd
    3 Files
  • 3
    Sep 3rd
    15 Files
  • 4
    Sep 4th
    15 Files
  • 5
    Sep 5th
    18 Files
  • 6
    Sep 6th
    18 Files
  • 7
    Sep 7th
    15 Files
  • 8
    Sep 8th
    2 Files
  • 9
    Sep 9th
    2 Files
  • 10
    Sep 10th
    16 Files
  • 11
    Sep 11th
    17 Files
  • 12
    Sep 12th
    15 Files
  • 13
    Sep 13th
    29 Files
  • 14
    Sep 14th
    21 Files
  • 15
    Sep 15th
    3 Files
  • 16
    Sep 16th
    1 Files
  • 17
    Sep 17th
    15 Files
  • 18
    Sep 18th
    16 Files
  • 19
    Sep 19th
    29 Files
  • 20
    Sep 20th
    18 Files
  • 21
    Sep 21st
    5 Files
  • 22
    Sep 22nd
    2 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close