This Metasploit module demonstrates how an incorrect access control for the Lenovo Diagnostics Driver allows a low-privileged user the ability to issue device IOCTLs to perform arbitrary physical/virtual memory reads and writes.
4d81e8f2ae72805082f511a1afa0427bff321c86d10fa56019672dac926e51f8Dirty Cow arbitrary file write local privilege escalation exploit for macOS.
2c735a5dbdfd48004da2df38d8a8eed0528ab5199ff9cd6dbf70e890c7786c0cUbuntu Security Notice 5841-1 - It was discovered that LibTIFF incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges. This issue was only fixed in Ubuntu 14.04 ESM. It was discovered that LibTIFF was incorrectly accessing a data structure when processing data with the tiffcrop tool, which could lead to a heap buffer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code.
cbe9c14c1c61f1e72805460a674a83621386dcffb0deacb1ce4f8bc501b7c91bUbuntu Security Notice 4781-2 - USN-4781-1 fixed several vulnerabilities in Slurm. This update provides the corresponding updates for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. It was discovered that Slurm incorrectly handled certain messages between the daemon and the user. An attacker could possibly use this issue to assume control of an arbitrary file on the system. This issue only affected Ubuntu 16.04 ESM.
59515a2b771f58c345614b48a32221dcb6959e15bd4041dfd89c08c06148282cUbuntu Security Notice 5836-1 - It was discovered that Vim was not properly performing memory management operations. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code.
695585aeade2a3c26904b99549588433713177c334b05ed806179ae8d4af1b8fSome Hikvision Hybrid SAN products were vulnerable to multiple remote code execution (command injection) vulnerabilities, including reflected cross site scripting, Ruby code injection, classic and blind SQL injection resulting in remote code execution that allows an adversary to execute arbitrary operating system commands and more. However, an adversary must be on the same network to leverage this vulnerability to execute arbitrary commands.
9ef9e4e937841d3becdae9ba498b3199c7ac7dfcaea39831e8e5a468cd2d8f10Ubuntu Security Notice 5835-3 - Guillaume Espanel, Pierre Libeau, Arnaud Morin, and Damien Rannou discovered that Nova incorrectly handled VMDK image processing. An authenticated attacker could possibly supply a specially crafted VMDK flat image and obtain arbitrary files from the server containing sensitive information.
4f0a5499385b4c636708b12bdb6f9102c53b1da14fe9a66a60cebc7215b1cfbeUbuntu Security Notice 5835-2 - Guillaume Espanel, Pierre Libeau, Arnaud Morin, and Damien Rannou discovered that OpenStack Glance incorrectly handled VMDK image processing. An authenticated attacker could possibly supply a specially crafted VMDK flat image and obtain arbitrary files from the server containing sensitive information.
3fb505612e419d1d2c3f5347e187d7b947f82bc4c448a5a408057987d90c1572Ubuntu Security Notice 5835-1 - Guillaume Espanel, Pierre Libeau, Arnaud Morin, and Damien Rannou discovered that Cinder incorrectly handled VMDK image processing. An authenticated attacker could possibly supply a specially crafted VMDK flat image and obtain arbitrary files from the server containing sensitive information.
c3b02490c9fb9598caf6f78dca5d1608afdcf55d22ee7f8ae3e403ca232a9dccUbuntu Security Notice 5832-1 - Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service or execute arbitrary code. Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.
b242d051794285ce6fb5ea0e2560337d6d70a05108712a3794e5a8724e9960afUbuntu Security Notice 5811-3 - USN-5811-1 fixed a vulnerability in Sudo. This update provides the corresponding update for Ubuntu 14.04 ESM. Matthieu Barjole and Victor Cutillas discovered that Sudo incorrectly handled user-specified editors when using the sudoedit command. A local attacker that has permission to use the sudoedit command could possibly use this issue to edit arbitrary files.
f1dcb425e05dbefdeb5273307dd7c4045c531a34effb1aeaf896da8bb14e6bc0Debian Linux Security Advisory 5332-1 - Multiple issues were found in Git, a distributed revision control system. An attacker may trigger remote code execution, cause local users into executing arbitrary commands, leak information from the local filesystem, and bypass restricted shell.
da3283ba137fd88f874430e108ec655e6a4a13b1797054b92dadf3a00e03641dUbuntu Security Notice 5831-1 - Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service or execute arbitrary code. Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.
b293ed3b171badbd869822b922ca5fe2bc5f7cdd18d474068ad2b6b97a51bc5fUbuntu Security Notice 5830-1 - It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.
6e68f50f18b8299b6053e750db628304a61fb6f1ccf4186312d8814b9ac32cfdDebian Linux Security Advisory 5328-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.
91c35b4374630099df6e3e88101b38be86922f1f9a29a741ff7a332e18ff8403Secure Web Gateway version 10.2.11 suffers from a cross site scripting vulnerability. RedTeam Pentesting identified a vulnerability which allows attackers to craft URLs to any third-party website that result in arbitrary content to be injected into the response when accessed through the Secure Web Gateway. While it is possible to inject arbitrary content types, the primary risk arises from JavaScript code allowing for cross site scripting.
f0bbf9c04ccb2873653f86035ec08f7b9388e540d28d2f705eaf53a75692bfeaUbuntu Security Notice 5829-1 - It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.
aad823e9a2aa345a90ba89b0bbadac4b45a7aad04940b487e28febdc9f15b3ffUbuntu Security Notice 5828-1 - It was discovered that Kerberos incorrectly handled certain S4U2Self requests. An attacker could possibly use this issue to cause a denial of service. This issue was only addressed in Ubuntu 16.04 ESM and Ubuntu 18.04 LTS. Greg Hudson discovered that Kerberos PAC implementation incorrectly handled certain parsing operations. A remote attacker could use this issue to cause a denial of service, or possibly execute arbitrary code.
172f865df6482a98eeb5142645b6b3d004e0fcbb18be188deb32de7ee6994283Ubuntu Security Notice 5820-1 - Lorenz Hipp discovered a flaw in exuberant-ctags handling of the tag filename command-line argument. A crafted tag filename specified in the command line or in the configuration file could result in arbitrary command execution.
83fe1f7fd58f639ff5df45480b668fb1d931fe81a5cd949993c0591fb8a70b7eUbuntu Security Notice 5818-1 - It was discovered that PHP incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash or execute arbitrary code.
5e3f991b525cb556d7f98923b6dc146a9a8e1bee769113d7ded701c12dd365aaUbuntu Security Notice 5815-1 - It was discovered that a race condition existed in the Android Binder IPC subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. David Leadbeater discovered that the netfilter IRC protocol tracking implementation in the Linux Kernel incorrectly handled certain message payloads in some situations. A remote attacker could possibly use this to cause a denial of service or bypass firewall filtering.
7f3d477e507b66b0daafcca7953d74f1ea4a8753942924b204034c093c0c71b0Ubuntu Security Notice 5814-1 - Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service or execute arbitrary code. Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.
dbfe665f3a1513799bf58ebfb34bae00253cc650f33bcb40256da98c77f5d57dOpenText Extended ECM versions 16.2.2 through 22.3 suffer from arbitrary file deletion, information disclosure, local file inclusion, and privilege escalation vulnerabilities.
878b6d4e07e3ca1216865ef2e9312235d0ef20675c4ac011f7949b86a24ac5afUbuntu Security Notice 5813-1 - It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.
c8585d9310f20472858a349154e922f465a23afb78b9d227cd2a5767b334c7eeUbuntu Security Notice 5810-2 - USN-5810-1 fixed vulnerabilities in Git. This update introduced a regression as it was missing some commit lines. This update fixes the problem. Markus Vervier and Eric Sesterhenn discovered that Git incorrectly handled certain gitattributes. An attacker could possibly use this issue to cause a crash or execute arbitrary code.
b5fab749008935221b1bf0197a160b355dbb3e8f9cdbf378963579f0d01ceb9d
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Subscribe to an RSS Feed