exploit the possibilities
Showing 51 - 75 of 13,448 RSS Feed

Local Files

Ubuntu Security Notice USN-4171-5
Posted Mar 18, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4171-5 - USN-4171-1 fixed vulnerabilities in Apport. This caused a regression in autopkgtest and python2 compatibility. This update fixes the problem. Kevin Backhouse discovered Apport would read its user-controlled settings file as the root user. This could be used by a local attacker to possibly crash Apport or have other unspecified consequences. Sander Bos discovered a race-condition in Apport during core dump creation. This could be used by a local attacker to generate a crash report for a privileged process that is readable by an unprivileged user. Sander Bos discovered Apport mishandled crash dumps originating from containers. This could be used by a local attacker to generate a crash report for a privileged process that is readable by an unprivileged user. Sander Bos discovered Apport mishandled lock-file creation. This could be used by a local attacker to cause a denial of service against Apport. Kevin Backhouse discovered Apport read various process-specific files with elevated privileges during crash dump generation. This could could be used by a local attacker to generate a crash report for a privileged process that is readable by an unprivileged user. Various other issues were also addressed.

tags | advisory, denial of service, local, root, vulnerability
systems | linux, ubuntu
advisories | CVE-2019-11481, CVE-2019-11482, CVE-2019-11483, CVE-2019-11485, CVE-2019-15790
MD5 | b7c1da16b8ea42319c7c7dcf19894e3d
ZoneAlarm TrueVector Internet Monitor Insecure NTFS Permissions
Posted Mar 18, 2020
Authored by Yorick Koster, Securify B.V.

A vulnerability was found in the TrueVector Internet Monitor service, which is installed as part of the Check Point ZoneAlarm firewall. This vulnerability allows a local attacker to cause the affected service to change the file permissions of arbitrary local files. After the file permissions have been changed, the attacker can then overwrite its content, and ultimately gain elevated privileges on the vulnerable machine. This vulnerability was successfully verified on ZoneAlarm Free Firewall version 15.8.023.18219 and TrueVector Internet Monitor version 15.8.7.18219.

tags | exploit, arbitrary, local
MD5 | 1e8fb7ac9173e275aa2f2eb88bbbecd5
Ubuntu Security Notice USN-4302-1
Posted Mar 17, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4302-1 - Paulo Bonzini discovered that the KVM hypervisor implementation in the Linux kernel could improperly let a nested guest access the resources of a parent guest in certain situations. An attacker could use this to expose sensitive information. Gregory Herrero discovered that the fix for CVE-2019-14615 to address the Linux kernel not properly clearing data structures on context switches for certain Intel graphics processors was incomplete. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2019-15217, CVE-2019-19046, CVE-2019-19051, CVE-2019-19056, CVE-2019-19058, CVE-2019-19066, CVE-2019-19068, CVE-2020-2732, CVE-2020-8832
MD5 | 399774618ce50a03b46b4f27b7f87a67
Gentoo Linux Security Advisory 202003-32
Posted Mar 16, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202003-32 - A vulnerability in Libgcrypt could allow a local attacker to recover sensitive information. Versions less than 1.8.5 are affected.

tags | advisory, local
systems | linux, gentoo
advisories | CVE-2019-13627
MD5 | 5a0c7afb3c9e47d883848ceb6a38ade0
Microsoft Windows WizardOpium Local Privilege Escalation
Posted Mar 6, 2020
Authored by Piotr Florczyk

Microsoft Windows WizardOpium local privilege escalation exploit.

tags | exploit, local
systems | windows
advisories | CVE-2019-1458
MD5 | 5e3251b1138b2a8ad4150ecb464423f4
PHP-FPM 7.x Remote Code Execution
Posted Mar 5, 2020
Authored by cdelafuente-r7, neex | Site metasploit.com

This Metasploit module exploits an underflow vulnerability in PHP-FPM versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 of PHP-FPM on Nginx. Only servers with certain Nginx + PHP-FPM configurations are exploitable. This is a port of the original neex's exploit code (see refs). First, it detects the correct parameters (Query String Length and custom header length) needed to trigger code execution. This step determines if the target is actually vulnerable (Check method). Then, the exploit sets a series of PHP INI directives to create a file locally on the target, which enables code execution through a query string parameter. This is used to execute normal payload stagers. Finally, this module does some cleanup by killing local PHP-FPM workers (those are spawned automatically once killed) and removing the created local file.

tags | exploit, local, php, code execution
advisories | CVE-2019-11043
MD5 | bcbc7e0f55f9d8c8cc54d552dc319ffa
Ubuntu Security Notice USN-4294-1
Posted Mar 2, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4294-1 - It was discovered that OpenSMTPD mishandled certain input. A remote, unauthenticated attacker could use this vulnerability to execute arbitrary shell commands as any non-root user. It was discovered that OpenSMTPD did not properly handle hardlinks under certain conditions. An unprivileged local attacker could read the first line of any file on the filesystem.

tags | advisory, remote, arbitrary, shell, local, root
systems | linux, ubuntu
advisories | CVE-2020-8793, CVE-2020-8794
MD5 | 4dae00ef525530e6ea55476c447cd9fd
Microsoft Windows Kernel Privilege Escalation
Posted Feb 28, 2020
Authored by nu11secur1ty

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Tracing functionality used by the Routing and Remote Access service. The issue results from the lack of proper permissions on registry keys that control this functionality. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of SYSTEM.

tags | exploit, remote, local, registry
systems | windows
advisories | CVE-2020-0668
MD5 | 10f155214b43543ed6228cacf1da3f77
OpenSMTPD Local Information Disclosure
Posted Feb 25, 2020
Authored by Qualys Security Advisory

Qualys discovered a minor vulnerability in OpenSMTPD, OpenBSD's mail server. An unprivileged local attacker can read the first line of an arbitrary file (for example, root's password hash in /etc/master.passwd) or the entire contents of another user's file (if this file and /var/spool/smtpd/ are on the same filesystem). A proof of concept exploit is included in this archive.

tags | exploit, arbitrary, local, root, proof of concept
systems | openbsd
advisories | CVE-2020-8793
MD5 | 56573da09e74bf6cccffa5506e80c6d3
Red Hat Security Advisory 2020-0595-01
Posted Feb 25, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0595-01 - The procps-ng packages contain a set of system utilities that provide system information, including ps, free, skill, pkill, pgrep, snice, tload, top, uptime, vmstat, w, watch, and pwdx. A local privilege escalation vulnerability in top has been addressed.

tags | advisory, local
systems | linux, redhat
advisories | CVE-2018-1122
MD5 | a4a66cfae7b5156208030374a551ea08
Kernel Live Patch Security Notice LSN-0063-1
Posted Feb 20, 2020
Authored by Benjamin M. Romer

Mitchell Frank discovered that the Wi-Fi implementation in the Linux kernel when used as an access point would send IAPP location updates for stations before client authentication had completed. A physically proximate attacker could use this to cause a denial of service. It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux
advisories | CVE-2019-14615, CVE-2019-19050, CVE-2019-20096, CVE-2019-5108, CVE-2020-7053
MD5 | 905a4d92f08ee676e7aa0579c14131b9
Ubuntu Security Notice USN-4286-2
Posted Feb 19, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4286-2 - USN-4286-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 ESM. It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2019-14615, CVE-2019-15217, CVE-2019-15220, CVE-2019-15221, CVE-2019-17351, CVE-2019-19051, CVE-2019-19056, CVE-2019-19066, CVE-2019-19068, CVE-2019-19965, CVE-2019-20096, CVE-2019-5108
MD5 | aff5d99660a6cf45c6cd9363ec293dc7
Ubuntu Security Notice USN-4287-2
Posted Feb 19, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4287-2 - USN-4287-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux kernel for Microsoft Azure Cloud systems for Ubuntu 14.04 ESM. It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2019-14615, CVE-2019-15099, CVE-2019-15291, CVE-2019-16229, CVE-2019-16232, CVE-2019-18683, CVE-2019-18786, CVE-2019-18809, CVE-2019-18885, CVE-2019-19057, CVE-2019-19062, CVE-2019-19063, CVE-2019-19071, CVE-2019-19078, CVE-2019-19082, CVE-2019-19227, CVE-2019-19332, CVE-2019-19767, CVE-2019-19965, CVE-2019-20096, CVE-2019-5108, CVE-2020-7053
MD5 | e0a917b1318a227cbe7dcda44cca0d1a
Ubuntu Security Notice USN-4287-1
Posted Feb 19, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4287-1 - It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors. A local attacker could use this to expose sensitive information. It was discovered that the Atheros 802.11ac wireless USB device driver in the Linux kernel did not properly validate device metadata. A physically proximate attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2019-14615, CVE-2019-15099, CVE-2019-15291, CVE-2019-16229, CVE-2019-16232, CVE-2019-18683, CVE-2019-18786, CVE-2019-18809, CVE-2019-18885, CVE-2019-19057, CVE-2019-19062, CVE-2019-19063, CVE-2019-19071, CVE-2019-19078, CVE-2019-19082, CVE-2019-19227, CVE-2019-19332, CVE-2019-19767, CVE-2019-19965, CVE-2019-20096, CVE-2019-5108, CVE-2020-7053
MD5 | 8ac6c9839149435e4e444efe50c60dbc
Ubuntu Security Notice USN-4286-1
Posted Feb 19, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4286-1 - It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors. A local attacker could use this to expose sensitive information. It was discovered that a race condition existed in the Softmac USB Prism54 device driver in the Linux kernel. A physically proximate attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2019-14615, CVE-2019-15217, CVE-2019-15220, CVE-2019-15221, CVE-2019-17351, CVE-2019-19051, CVE-2019-19056, CVE-2019-19066, CVE-2019-19068, CVE-2019-19965, CVE-2019-20096, CVE-2019-5108
MD5 | 8455aecab2d4723eb33c4d08058ff1de
Ubuntu Security Notice USN-4285-1
Posted Feb 19, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4285-1 - It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors. A local attacker could use this to expose sensitive information. It was discovered that the HSA Linux kernel driver for AMD GPU devices did not properly check for errors in certain situations, leading to a NULL pointer dereference. A local attacker could possibly use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2019-14615, CVE-2019-16229, CVE-2019-16232, CVE-2019-18786, CVE-2019-18809, CVE-2019-19057, CVE-2019-19063, CVE-2019-19947, CVE-2019-19965, CVE-2019-20096, CVE-2019-5108, CVE-2020-7053
MD5 | daf9f1592f5ba45b8c8932f8eca98761
Ubuntu Security Notice USN-4284-1
Posted Feb 19, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4284-1 - It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors. A local attacker could use this to expose sensitive information. It was discovered that the Atheros 802.11ac wireless USB device driver in the Linux kernel did not properly validate device metadata. A physically proximate attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2019-14615, CVE-2019-15099, CVE-2019-15291, CVE-2019-16229, CVE-2019-16232, CVE-2019-18683, CVE-2019-18786, CVE-2019-18811, CVE-2019-19050, CVE-2019-19057, CVE-2019-19063, CVE-2019-19071, CVE-2019-19077, CVE-2019-19078, CVE-2019-19082, CVE-2019-19241, CVE-2019-19252, CVE-2019-19332, CVE-2019-19602, CVE-2019-19767, CVE-2019-19947, CVE-2019-19965
MD5 | e903243d36a1aa3e1ef54c023594f389
SmartClient 120 Information Disclosure / XML Injection / LFI / Code Execution
Posted Feb 19, 2020
Authored by Certimeter Group Red Team

SmartClient version 120 suffers from information disclosure, local file inclusion, remote file upload, and XML external entity injection vulnerabilities.

tags | exploit, remote, local, vulnerability, file inclusion, info disclosure, file upload
MD5 | 57f8471ef038330e69a08ce5bd6f84a5
SprintWork 2.3.1 Local Privilege Escalation
Posted Feb 14, 2020
Authored by boku

SprintWork version 2.3.1 suffers from a local privilege escalation vulnerability.

tags | exploit, local
MD5 | 62d77fac1c188ff07085e83d80d376bb
SuiteCRM 7.11.11 Broken Access Control / Local File Inclusion
Posted Feb 13, 2020
Authored by EgiX | Site karmainsecurity.com

SuiteCRM versions 7.11.11 and below suffer from an add_to_prospect_list broken access control that allows for local file inclusion attacks.

tags | exploit, local, file inclusion
advisories | CVE-2020-8803
MD5 | 30243acc735a0a74cd60961a8b809988
OpenTFTP 1.66 Local Privilege Escalation
Posted Feb 13, 2020
Authored by boku

OpenTFTP version 1.66 suffers from a local privilege escalation vulnerability.

tags | exploit, local
MD5 | 4c237a98f5dd3ec8ed985d7311aa35bc
NTCrackPipe 2.0
Posted Feb 12, 2020
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

NTCrackPipe is a basic local Windows account cracking tool.

Changes: This version checks for account lockouts.
tags | tool, local, cracker
systems | windows
MD5 | b1b672393c20d81e400b6bcc390614e2
Ubuntu Security Notice USN-4271-1
Posted Feb 6, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4271-1 - Tim Brown discovered that Mesa incorrectly handled shared memory permissions. A local attacker could use this issue to obtain and possibly alter sensitive information belonging to another user.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2019-5068
MD5 | 2a40e0856add83d9e7c09db82b5e2abf
Ubuntu Security Notice USN-4269-1
Posted Feb 5, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4269-1 - It was discovered that systemd incorrectly handled certain PIDFile files. A local attacker could possibly use this issue to trick systemd into killing privileged processes. This issue only affected Ubuntu 16.04 LTS. It was discovered that systemd incorrectly handled certain udevadm trigger commands. A local attacker could possibly use this issue to cause systemd to consume resources, leading to a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, local
systems | linux, ubuntu
advisories | CVE-2018-16888, CVE-2019-20386, CVE-2020-1712
MD5 | 6951e3c05cd3a48038e6bb86c6a4a112
Ubuntu Security Notice USN-4263-2
Posted Feb 5, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4263-2 - USN-4263-1 fixed a vulnerability in Sudo. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Joe Vennix discovered that Sudo incorrectly handled memory operations when the pwfeedback option is enabled. A local attacker could possibly use this issue to obtain unintended access to the administrator account. Various other issues were also addressed.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2019-18634
MD5 | 1a287ad621861a484ed5d0c8a8e0b7a3
Page 3 of 538
Back12345Next

File Archive:

May 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    14 Files
  • 2
    May 2nd
    3 Files
  • 3
    May 3rd
    1 Files
  • 4
    May 4th
    18 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    21 Files
  • 7
    May 7th
    15 Files
  • 8
    May 8th
    19 Files
  • 9
    May 9th
    1 Files
  • 10
    May 10th
    2 Files
  • 11
    May 11th
    18 Files
  • 12
    May 12th
    39 Files
  • 13
    May 13th
    15 Files
  • 14
    May 14th
    17 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    2 Files
  • 17
    May 17th
    2 Files
  • 18
    May 18th
    15 Files
  • 19
    May 19th
    21 Files
  • 20
    May 20th
    15 Files
  • 21
    May 21st
    15 Files
  • 22
    May 22nd
    6 Files
  • 23
    May 23rd
    1 Files
  • 24
    May 24th
    1 Files
  • 25
    May 25th
    2 Files
  • 26
    May 26th
    23 Files
  • 27
    May 27th
    13 Files
  • 28
    May 28th
    18 Files
  • 29
    May 29th
    17 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close