Twenty Year Anniversary
Showing 1 - 25 of 3,082 RSS Feed

Root Files

Ubuntu Security Notice USN-3716-1
Posted Jul 12, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3716-1 - This update adds the latest DNSSEC validation trust anchor required for the upcoming Root Zone KSK Rollover.

tags | advisory, root
systems | linux, ubuntu
MD5 | 313171cab8d2270f41c28916b6501e47
Ubuntu Security Notice USN-3715-1
Posted Jul 12, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3715-1 - This update adds the latest DNSSEC validation trust anchor required for the upcoming Root Zone KSK Rollover and refreshes the list of root hints.

tags | advisory, root
systems | linux, ubuntu
MD5 | 7b2a6c35406bb911afd0cff37bc8cfda
IBM QRadar SIEM Unauthenticated Remote Code Execution
Posted Jul 11, 2018
Authored by Pedro Ribeiro | Site metasploit.com

IBM QRadar SIEM has three vulnerabilities in the Forensics web application that when chained together allow an attacker to achieve unauthenticated remote code execution. The first stage bypasses authentication by fixating session cookies. The second stage uses those authenticated sessions cookies to write a file to disk and execute that file as the "nobody" user. The third and final stage occurs when the file executed as "nobody" writes an entry into the database that causes QRadar to execute a shell script controlled by the attacker as root within the next minute. Details about these vulnerabilities can be found in the advisories listed in References. The Forensics web application is disabled in QRadar Community Edition, but the code still works, so these vulnerabilities can be exploited in all flavors of QRadar. This Metasploit module was tested with IBM QRadar CE 7.3.0 and 7.3.1. IBM has confirmed versions up to 7.2.8 patch 12 and 7.3.1 patch 3 are vulnerable. Due to payload constraints, this module only runs a generic/shell_reverse_tcp payload.

tags | exploit, remote, web, shell, root, vulnerability, code execution
advisories | CVE-2016-9722, CVE-2018-1418, CVE-2018-1612
MD5 | 221b05c8f4d9bb44521c8ebfe10f771d
Debian Security Advisory 4242-1
Posted Jul 9, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4242-1 - Orange Tsai discovered a path traversal flaw in ruby-sprockets, a Rack-based asset packaging system. A remote attacker can take advantage of this flaw to read arbitrary files outside an application's root directory via specially crafted requests, when the Sprockets server is used in production.

tags | advisory, remote, arbitrary, root, ruby
systems | linux, debian
advisories | CVE-2018-3760
MD5 | 106d6b21a5ae2a721cddf96019f8467d
HP VAN SDN Controller Root Command Injection
Posted Jul 7, 2018
Authored by Matthew Bergin, wvu | Site metasploit.com

This Metasploit module exploits a hardcoded service token or default credentials in HPE VAN SDN Controller versions 2.7.18.0503 and below to execute a payload as root. A root command injection was discovered in the uninstall action's name parameter, obviating the need to use sudo for privilege escalation. If the service token option TOKEN is blank, USERNAME and PASSWORD will be used for authentication. An additional login request will be sent.

tags | exploit, root
MD5 | eec355d89388bd58e1fea9ab22452024
RSA Identity Governance And Lifecycle Uncontrolled Search Path
Posted Jul 5, 2018
Site emc.com

RSA Identity Governance and Lifecycle, RSA Via Lifecycle and Governance, and RSA IMG releases have an uncontrolled search vulnerability. The installation scripts set an environment variable in an unintended manner. A local authenticated malicious user could trick the root user to run malicious code on the targeted system. Many versions are affected and are listed in this advisory.

tags | advisory, local, root
advisories | CVE-2018-11049
MD5 | c9abebdfa165d45d25739fa25d9e128c
ADB Local Root Jailbreak
Posted Jul 4, 2018
Authored by Johannes Greil | Site sec-consult.com

ADB broadband gateways and routers suffer from a local root jailbreak vulnerability via a network file sharing flaw. Versions affected include ADB P.RG AV4202N, DV2210, VV2220, and VV5522.

tags | exploit, local, root
advisories | CVE-2018-13108
MD5 | e1b1a79ae21d1cb9f872306500296cf4
Geutebruck simple_loglistjs.cgi Remote Command Execution
Posted Jul 2, 2018
Authored by Davy Douhine, Nicolas Mattiocco | Site metasploit.com

This Metasploit module exploits a an arbitrary command execution vulnerability. The vulnerability exists in the /uapi-cgi/viewer/simple_loglistjs.cgi page and allows an anonymous user to execute arbitrary commands with root privileges. Firmware <= 1.12.0.19 are concerned. Tested on 5.02024 G-Cam/EFD-2250 running 1.12.0.4 firmware.

tags | exploit, arbitrary, cgi, root
advisories | CVE-2018-7520
MD5 | 3c493d70dda3e9875442ed78bc1db5d8
Nagios XI Chained Remote Code Execution
Posted Jun 29, 2018
Authored by Benny Husted, Cale Smith, Jared Arave | Site metasploit.com

This Metasploit module exploits a few different vulnerabilities in Nagios XI 5.2.6-5.4.12 to gain remote root access. The steps are: 1. Issue a POST request to /nagiosql/admin/settings.php which sets the database user to root. 2. SQLi on /nagiosql/admin/helpedit.php allows us to enumerate API keys. 3. The API keys are then used to add an administrative user. 4. An authenticated session is established with the newly added user 5. Command Injection on /nagiosxi/backend/index.php allows us to execute the payload with nopasswd sudo, giving us a root shell. 6. Remove the added admin user and reset the database user.

tags | exploit, remote, shell, root, php, vulnerability
advisories | CVE-2018-8733, CVE-2018-8734, CVE-2018-8735, CVE-2018-8736
MD5 | f275b1da0c15a7e7e5fae8036578d5d8
Red Hat Security Advisory 2018-2037-01
Posted Jun 26, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2037-01 - The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Issues addressed include a problem where containers run as non-root users do not drop capabilities.

tags | advisory, root
systems | linux, redhat
advisories | CVE-2018-10856
MD5 | b1bb3b2cd5ec1058b29768f09ba69af0
HP Enterprise VAN SDN Controller 2.7.18.0503 Remote Root
Posted Jun 26, 2018
Authored by Matthew Bergin | Site korelogic.com

HP Enterprise VAN SDN Controller version 2.7.18.0503 suffers from an unauthenticated remote root vulnerability. A hard-coded service token can be used to bypass authentication. Built-in functionality can be exploited to deploy and execute a malicious deb file containing a backdoor. A weak sudoers configuration can then be abused to escalate privileges to root. A second issue can be used to deny use of the appliance by continually rebooting it.

tags | exploit, remote, root
MD5 | bf9904ea89edad3e901e6b2663316e90
Gentoo Linux Security Advisory 201806-09
Posted Jun 23, 2018
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201806-9 - A vulnerability in PNP4Nagios which may allow local attackers to gain root privileges. Versions less than 0.6.26-r9 are affected.

tags | advisory, local, root
systems | linux, gentoo
advisories | CVE-2017-16834
MD5 | 5313641138cc0714f5ac0073d7137402
Dell EMC RecoverPoint Local Root Command Execution
Posted Jun 21, 2018
Authored by Paul Taylor

Dell EMC RecoverPoint versions prior to 5.1.2 suffer from a local root command execution vulnerability.

tags | exploit, local, root
advisories | CVE-2018-1235
MD5 | 644beef393e8a481559e2ac1d14d98e8
Dell EMC RecoverPoint Remote Root
Posted Jun 21, 2018
Authored by Paul Taylor

Dell EMC RecoverPoint versions prior to 5.1.2 suffer from a remote root command execution vulnerability.

tags | exploit, remote, root
advisories | CVE-2018-1235
MD5 | 6c11f1bc9ab032ba45ef40d9bb694a6f
Gentoo Linux Security Advisory 201806-03
Posted Jun 13, 2018
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201806-3 - Multiple vulnerabilities were discovered in BURP's Gentoo ebuild, the worst of which could lead to root privilege escalation. Versions less than 2.1.32 are affected.

tags | advisory, root, vulnerability
systems | linux, gentoo
advisories | CVE-2017-18284, CVE-2017-18285
MD5 | 34f3d723a1b598e50cf92fbe98bfad58
glibc 'realpath()' Privilege Escalation
Posted Jun 12, 2018
Authored by halfdog, Brendan Coles | Site metasploit.com

This Metasploit module attempts to gain root privileges on Linux systems by abusing a vulnerability in GNU C Library (glibc) version 2.26 and prior. This Metasploit module uses halfdog's RationalLove exploit to exploit a buffer underflow in glibc realpath() and create a SUID root shell. The exploit has offsets for glibc versions 2.23-0ubuntu9 and 2.24-11+deb9u1. The target system must have unprivileged user namespaces enabled. This Metasploit module has been tested successfully on Ubuntu Linux 16.04.3 (x86_64) with glibc version 2.23-0ubuntu9; and Debian 9.0 (x86_64) with glibc version 2.24-11+deb9u1.

tags | exploit, shell, root
systems | linux, debian, ubuntu
advisories | CVE-2018-1000001
MD5 | fdde72feb2388aee3f2e93395c3c6363
DHCP Client Command Injection (DynoRoot)
Posted Jun 12, 2018
Authored by Felix Wilhelm | Site metasploit.com

This Metasploit module exploits the DynoRoot vulnerability, a flaw in how the NetworkManager integration script included in the DHCP client in Red Hat Enterprise Linux 6 and 7, Fedora 28, and earlier processes DHCP options. A malicious DHCP server, or an attacker on the local network able to spoof DHCP responses, could use this flaw to execute arbitrary commands with root privileges on systems using NetworkManager and configured to obtain network configuration using the DHCP protocol.

tags | exploit, arbitrary, local, root, spoof, protocol
systems | linux, redhat, fedora
advisories | CVE-2018-1111
MD5 | 5260d2ef5bb8f8bbc5edbc0ec7cb7c67
Ubuntu Security Notice USN-3664-2
Posted Jun 5, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3664-2 - USN-3664-1 fixed a vulnerability in Apport. Sander Bos reported that Ubuntu 14.04 LTS was also vulnerable to this issue, but was incorrectly omitted from the previous updates. This update provides the corresponding update for Ubuntu 14.04 LTS. Sander Bos discovered that Apport incorrectly handled core dumps when certain files are missing from /proc. A local attacker could possibly use this issue to cause a denial of service, gain root privileges, or escape from containers. Various other issues were also addressed.

tags | advisory, denial of service, local, root
systems | linux, ubuntu
advisories | CVE-2018-6552
MD5 | 67273d8fdf19a09dbdc393e426a31d0c
Ubuntu Security Notice USN-3664-1
Posted May 31, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3664-1 - Sander Bos discovered that Apport incorrectly handled core dumps when certain files are missing from /proc. A local attacker could possibly use this issue to cause a denial of service, gain root privileges, or escape from containers.

tags | advisory, denial of service, local, root
systems | linux, ubuntu
advisories | CVE-2018-6552
MD5 | 0c542d9aa0e59f4f0b5dae590c06df0b
Kernel Live Patch Security Notice LSN-0039-1
Posted May 28, 2018
Authored by Benjamin M. Romer

Alexei Starovoitov discovered that the Berkeley Packet Filter (BPF) implementation in the Linux kernel contained a branch-pruning logic issue around unreachable code. A local attacker could use this to cause a denial of service. The ext4_iget function in fs/ext4/inode.c in the Linux kernel through 4.15.15 mishandles the case of a root directory with a zero i_links_count, which allows attackers to cause a denial of service (ext4_process_freed_data NULL pointer dereference and OOPS) via a crafted ext4 image. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, root
systems | linux
advisories | CVE-2017-17862, CVE-2018-1000004, CVE-2018-1092, CVE-2018-1093, CVE-2018-8087
MD5 | b00a0d7a8bfca8dc02b44351db6c3dcc
Red Hat Security Advisory 2018-1688-01
Posted May 23, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1688-01 - The org.ovirt.engine-root is a core component of oVirt. Issues addressed include backup related and bypass vulnerabilities.

tags | advisory, root, vulnerability
systems | linux, redhat
advisories | CVE-2018-3639
MD5 | 8ea7de7e43f680b24746676fb6e604ca
Red Hat Security Advisory 2018-1676-01
Posted May 23, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1676-01 - The org.ovirt.engine-root is a core component of oVirt. Issues addressed include backup related and bypass vulnerabilities.

tags | advisory, root, vulnerability
systems | linux, redhat
advisories | CVE-2018-3639
MD5 | 1bbf1347bcec57ada52d3f83a7782856
AF_PACKET chocobo_root Privilege Escalation
Posted May 22, 2018
Authored by rebel, Brendan Coles | Site metasploit.com

This Metasploit module exploits a race condition and use-after-free in the packet_set_ring function in net/packet/af_packet.c (AF_PACKET) in the Linux kernel to execute code as root (CVE-2016-8655). The bug was initially introduced in 2011 and patched in 2016 in version 4.4.0-53.74, potentially affecting a large number of kernels; however this exploit targets only systems using Ubuntu (Trusty / Xenial) kernels 4.4.0 < 4.4.0-53, including Linux distros based on Ubuntu, such as Linux Mint. The target system must have unprivileged user namespaces enabled and two or more CPU cores. Bypasses for SMEP, SMAP and KASLR are included. Failed exploitation may crash the kernel. This Metasploit module has been tested successfully on Linux Mint 17.3 (x86_64); Linux Mint 18 (x86_64); and Ubuntu 16.04.2 (x86_64) with kernel versions 4.4.0-45-generic and 4.4.0-51-generic.

tags | exploit, kernel, root
systems | linux, ubuntu
advisories | CVE-2016-8655
MD5 | 4e74e49fb99838182c2b1099fc25b230
Reliable Datagram Sockets (RDS) Privilege Escalation
Posted May 19, 2018
Authored by Dan Rosenberg, Brendan Coles | Site metasploit.com

This Metasploit module exploits a vulnerability in the rds_page_copy_user function in net/rds/page.c (RDS) in Linux kernel versions 2.6.30 to 2.6.36-rc8 to execute code as root (CVE-2010-3904). This Metasploit module has been tested successfully on Fedora 13 (i686) with kernel version 2.6.33.3-85.fc13.i686.PAE and Ubuntu 10.04 (x86_64) with kernel version 2.6.32-21-generic.

tags | exploit, kernel, root
systems | linux, fedora, ubuntu
advisories | CVE-2010-3904
MD5 | ca0aaa65162c3d2e20a520b81415f4ae
AF_PACKET packet_set_ring Privilege Escalation
Posted May 17, 2018
Authored by Brendan Coles, Andrey Konovalov | Site metasploit.com

This Metasploit module exploits a heap-out-of-bounds write in the packet_set_ring function in net/packet/af_packet.c (AF_PACKET) in the Linux kernel to execute code as root (CVE-2017-7308). The bug was initially introduced in 2011 and patched in version 4.10.6, potentially affecting a large number of kernels; however this exploit targets only systems using Ubuntu Xenial kernels 4.8.0 < 4.8.0-46, including Linux distros based on Ubuntu Xenial, such as Linux Mint. The target system must have unprivileged user namespaces enabled and two or more CPU cores. Bypasses for SMEP, SMAP and KASLR are included. Failed exploitation may crash the kernel. This Metasploit module has been tested successfully on Linux Mint 18 (x86_64) with kernel versions: 4.8.0-34-generic; 4.8.0-36-generic; 4.8.0-39-generic; 4.8.0-41-generic; 4.8.0-42-generic; 4.8.0-44-generic; 4.8.0-45-generic.

tags | exploit, kernel, root
systems | linux, ubuntu
advisories | CVE-2017-7308
MD5 | 619464075778b62a92b3753066e120ba
Page 1 of 124
Back12345Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

July 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    1 Files
  • 2
    Jul 2nd
    26 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    11 Files
  • 5
    Jul 5th
    13 Files
  • 6
    Jul 6th
    4 Files
  • 7
    Jul 7th
    4 Files
  • 8
    Jul 8th
    1 Files
  • 9
    Jul 9th
    16 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    32 Files
  • 12
    Jul 12th
    22 Files
  • 13
    Jul 13th
    15 Files
  • 14
    Jul 14th
    1 Files
  • 15
    Jul 15th
    1 Files
  • 16
    Jul 16th
    3 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close