exploit the possibilities
Showing 1 - 25 of 13,359 RSS Feed

Local Files

Common Desktop Environment 2.3.1 Buffer Overflow
Posted Jan 17, 2020
Authored by Marco Ivaldi

A buffer overflow in the CheckMonitor() function in the Common Desktop Environment 2.3.1 and earlier and 1.6 and earlier, as distributed with Oracle Solaris 10 1/13 (Update 11) and earlier, allows local users to gain root privileges via a long palette name passed to dtsession in a malicious .Xdefaults file. Note that Oracle Solaris CDE is based on the original CDE 1.x train, which is different from the CDE 2.x codebase that was later open sourced. Most notably, the vulnerable buffer in the Oracle Solaris CDE is stack-based, while in the open source version it is heap-based.

tags | exploit, overflow, local, root
systems | solaris
advisories | CVE-2020-2696
MD5 | f61714fa339de224c3899e225d64a420
Solaris xlock Information Disclosure
Posted Jan 17, 2020
Authored by Marco Ivaldi

A low impact information disclosure vulnerability in the setuid root xlock binary distributed with Solaris may allow local users to read partial contents of sensitive files. Due to the fact that target files must be in a very specific format, exploitation of this flaw to escalate privileges in a realistic scenario is unlikely.

tags | exploit, local, root, info disclosure
systems | solaris
advisories | CVE-2020-2656
MD5 | d43954458731660f576f082539a29af3
SunOS 5.10 Generic_147148-26 Local Privilege Escalation
Posted Jan 15, 2020
Authored by Marco Ivaldi

SunOS version 5.10 Generic_147148-26 local privilege escalation exploit. A buffer overflow in the CheckMonitor() function in the Common Desktop Environment versions 2.3.1 and earlier and 1.6 and earlier, as distributed with Oracle Solaris 10 1/13 (Update 11) and earlier, allows local users to gain root privileges via a long palette name passed to dtsession in a malicious .Xdefaults file.

tags | exploit, overflow, local, root
systems | solaris
advisories | CVE-2020-2696
MD5 | 55c1e1683127ba3a3c82c35279e5e6db
Debian Security Advisory 4601-1
Posted Jan 10, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4601-1 - It was discovered that a hook script of ldm, the display manager for the Linux Terminal Server Project incorrectly parsed responses from an SSH server which could result in local root privilege escalation.

tags | advisory, local, root
systems | linux, debian
MD5 | 693cc7f45920414191581d78799f2d01
Microsoft Windows 10 Local Privilege Escalation
Posted Jan 10, 2020
Authored by Nassim Asrir

Microsoft Windows 10 UAC bypass local privilege escalation exploit.

tags | exploit, local, bypass
systems | windows
MD5 | 16db619cfe3e07e3c53b9e243f5882b4
Plantronics Hub 3.13.2 Local Privilege Escalation
Posted Jan 3, 2020
Authored by Markus Krell

Plantronics Hub version 3.13.2 suffers from a local privilege escalation vulnerability.

tags | exploit, local
MD5 | 940f917a8a972290c818f9bafe30c592
FreeBSD fd Privilege Escalation
Posted Dec 30, 2019
Authored by Karsten Konig

Local root exploit for the FreeBSD fd vulnerability as disclosed in FreeBSD-SA-19:02.fd.

tags | exploit, local, root
systems | freebsd, bsd
advisories | CVE-2019-5596
MD5 | 6426b023a6749568c0e3de1d4ba2531a
FreeBSD mqueuefs Privilege Escalation
Posted Dec 30, 2019
Authored by Karsten Konig

Local root exploit for the FreeBSD mqueuefs vulnerability as disclosed in FreeBSD-SA-19:15.mqueuefs.

tags | exploit, local, root
systems | freebsd, bsd
MD5 | fa32a042469b8505c6692ec2c13703e4
CA Client Automation 14.x Privilege Escalation
Posted Dec 25, 2019
Authored by Kevin Kotas, Andrew Hess | Site www3.ca.com

A vulnerability exists in CA Client Automation that can allow a local attacker to gain escalated privileges. CA published solutions to address the vulnerability and recommends that all affected customers implement the applicable solution. The vulnerability, CVE-2019-19231, occurs due to insecure file access by the agent services. A local attacker may exploit this vulnerability to execute arbitrary commands with escalated privileges on an installation of the Client Automation agent. The Windows agent in CA Client Automation versions 14.0, 14.1, 14.2, and 14.3 are affected.

tags | advisory, arbitrary, local
systems | windows
advisories | CVE-2019-19231
MD5 | 4c908b14b51fa900e872fe1a397e84c2
Deutsche Bahn Ticket Vending Machine Privilege Escalation
Posted Dec 19, 2019
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

The Deutsche Bahn Ticket Vending Machine suffers from a local kiosk privilege escalation vulnerability.

tags | exploit, local
MD5 | 4376153b371da66bed953baa93a097be
Microsoft UPnP Local Privilege Elevation
Posted Dec 18, 2019
Authored by bwatters-r7, hoangprod, NCC Group | Site metasploit.com

This Metasploit module exploits two vulnerabilities to execute a command as an elevated user. The first (CVE-2019-1405) uses the UPnP Device Host Service to elevate to NT AUTHORITY\LOCAL SERVICE. The second (CVE-2019-1322) leverages the Update Orchestrator Service to elevate from NT AUTHORITY\LOCAL SERVICE to NT AUTHORITY\SYSTEM.

tags | exploit, local, vulnerability
advisories | CVE-2019-1322, CVE-2019-1405
MD5 | 8771710762dc8716de0e038c77c98625
FTP Commander Pro 8.03 Local Stack Overflow
Posted Dec 13, 2019
Authored by boku, UN_NON

FTP Commander Pro version 8.03 suffers from a local stack overflow vulnerability.

tags | exploit, overflow, local
MD5 | 925505483680514fa64f204f5dad0883
Qualys Security Advisory - OpenBSD Dynamic Loader Privilege Escalation
Posted Dec 12, 2019
Authored by Qualys Security Advisory

Qualys discovered a local privilege escalation in OpenBSD's dynamic loader (ld.so). This vulnerability is exploitable in the default installation (via the set-user-ID executable chpass or passwd) and yields full root privileges. They developed a simple proof of concept and successfully tested it against OpenBSD 6.6 (the current release), 6.5, 6.2, and 6.1, on both amd64 and i386; other releases and architectures are probably also exploitable.

tags | exploit, local, root, proof of concept
systems | openbsd
advisories | CVE-2019-19726
MD5 | 5cd25d74e467c8f83e9ece30c0c6b982
TOR Virtual Network Tunneling Tool 0.4.2.5
Posted Dec 10, 2019
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).

Changes: This is the first stable release in the 0.4.2.x series. This series improves reliability and stability, and includes several stability and correctness improvements for onion services. It also fixes many smaller bugs present in previous series.
tags | tool, remote, local, peer2peer
systems | unix
MD5 | ea9e9078ff2e175332f0095c60284458
SpotAuditor 5.3.2 Local Buffer Overflow
Posted Dec 9, 2019
Authored by Kirill Nikolaev

SpotAuditor version 5.3.2 Base64 local buffer overflow SEH exploit.

tags | exploit, overflow, local
MD5 | 67c769fde0bc2d49be93a7f6690b9476
Qualys Security Advisory - OpenBSD Authentication Bypass / Privilege Escalation
Posted Dec 5, 2019
Site qualys.com

Qualys has discovered that OpenBSD suffers from multiple authentication bypass and local privilege escalation vulnerabilities.

tags | exploit, local, vulnerability
systems | openbsd
advisories | CVE-2019-19519, CVE-2019-19520, CVE-2019-19521, CVE-2019-19522
MD5 | d6969e8f9fe831e7159e05c1c9e6aa26
Ubuntu Security Notice USN-4194-2
Posted Dec 4, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4194-2 - USN-4194-1 fixed a vulnerability in postgresql-common. This update provides the corresponding update for Ubuntu 14.04 ESM. Rich Mirch discovered that the postgresql-common pg_ctlcluster script incorrectly handled directory creation. A local attacker could possibly use this issue to escalate privileges. Various other issues were also addressed.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2019-3466
MD5 | cc0a41edc0113de4656d0b2fdb8c6538
Ubuntu Security Notice USN-4210-1
Posted Dec 3, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4210-1 - It was discovered that a buffer overflow existed in the 802.11 Wi-Fi configuration interface for the Linux kernel when handling beacon settings. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Nicolas Waisman discovered that the WiFi driver stack in the Linux kernel did not properly validate SSID lengths. A physically proximate attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, overflow, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2019-16746, CVE-2019-17075, CVE-2019-17133, CVE-2019-19060, CVE-2019-19065, CVE-2019-19075
MD5 | 2dffe6f365bbfab733df27756d97d663
Ubuntu Security Notice USN-4211-1
Posted Dec 3, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4211-1 - Zhipeng Xie discovered that an infinite loop could be triggered in the CFS Linux kernel process scheduler. A local attacker could possibly use this to cause a denial of service. Nicolas Waisman discovered that the WiFi driver stack in the Linux kernel did not properly validate SSID lengths. A physically proximate attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2018-20784, CVE-2019-17075, CVE-2019-17133
MD5 | c3d12483858f3736b29e481ef759a4b9
Ubuntu Security Notice USN-4211-2
Posted Dec 3, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4211-2 - USN-4211-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 ESM. Zhipeng Xie discovered that an infinite loop could be triggered in the CFS Linux kernel process scheduler. A local attacker could possibly use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-20784, CVE-2019-17075, CVE-2019-17133
MD5 | fad8472da76f2823f7e48fc875f70f76
Ubuntu Security Notice USN-4208-1
Posted Dec 3, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4208-1 - Jann Horn discovered that the OverlayFS and ShiftFS Drivers in the Linux kernel did not properly handle reference counting during memory mapping operations when used in conjunction with AUFS. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Nicolas Waisman discovered that the WiFi driver stack in the Linux kernel did not properly validate SSID lengths. A physically proximate attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2019-15794, CVE-2019-17075, CVE-2019-17133, CVE-2019-18810, CVE-2019-19048, CVE-2019-19065, CVE-2019-19067, CVE-2019-19069, CVE-2019-19075, CVE-2019-19083
MD5 | f54701b90a79c629aed1748d3b7462c2
Ubuntu Security Notice USN-4209-1
Posted Dec 3, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4209-1 - Jann Horn discovered that the OverlayFS and ShiftFS Drivers in the Linux kernel did not properly handle reference counting during memory mapping operations when used in conjunction with AUFS. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a buffer overflow existed in the 802.11 Wi-Fi configuration interface for the Linux kernel when handling beacon settings. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, overflow, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2019-15794, CVE-2019-16746, CVE-2019-19076
MD5 | 1c2085746e123492f42ae3e8716e4219
Remote File Inclusion / Local File Inclusion Attack And Defense Techniques
Posted Nov 24, 2019
Authored by Ismail Tasdelen

Whitepaper called Remote File Inclusion / Local File Inclusion Attack and Defense Techniques. This paper focuses on PHP-based attacks.

tags | paper, remote, local, php, file inclusion
MD5 | 34f21e6ac1aa7a3653bb417dc20e8aaf
GNU Mailutils 3.7 Privilege Escalation
Posted Nov 21, 2019
Authored by Mike Gualtieri

GNU Mailutils versions 2.0 through 3.7 suffer from a local privilege escalation vulnerability.

tags | exploit, local
advisories | CVE-2019-18862
MD5 | 3cd7ca09d51964b1583d6172f508e129
Debian Security Advisory 4568-1
Posted Nov 18, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4568-1 - Rich Mirch discovered that the pg_ctlcluster script didn't drop privileges when creating socket/statistics temporary directories, which could result in local privilege escalation.

tags | advisory, local
systems | linux, debian
advisories | CVE-2019-3466
MD5 | d197437ba4eb0f0378e07f5635ab426b
Page 1 of 535
Back12345Next

File Archive:

January 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    8 Files
  • 2
    Jan 2nd
    11 Files
  • 3
    Jan 3rd
    11 Files
  • 4
    Jan 4th
    2 Files
  • 5
    Jan 5th
    2 Files
  • 6
    Jan 6th
    18 Files
  • 7
    Jan 7th
    15 Files
  • 8
    Jan 8th
    16 Files
  • 9
    Jan 9th
    10 Files
  • 10
    Jan 10th
    13 Files
  • 11
    Jan 11th
    2 Files
  • 12
    Jan 12th
    4 Files
  • 13
    Jan 13th
    21 Files
  • 14
    Jan 14th
    18 Files
  • 15
    Jan 15th
    12 Files
  • 16
    Jan 16th
    18 Files
  • 17
    Jan 17th
    11 Files
  • 18
    Jan 18th
    3 Files
  • 19
    Jan 19th
    2 Files
  • 20
    Jan 20th
    15 Files
  • 21
    Jan 21st
    22 Files
  • 22
    Jan 22nd
    19 Files
  • 23
    Jan 23rd
    4 Files
  • 24
    Jan 24th
    0 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close