Lucene search
K

792 matches found

Packet Storm
Packet Storm
added 2014/07/25 12:0 a.m.38 views

MQAC.sys Arbitrary Write Privilege Escalation

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'rex' class Metasploit3 'MQAC.sys Arbitrary Write Privilege Escalation', 'Description' = %q A vulnerability within the MQAC.sys module allows an...

7.2CVSS0.6AI score0.23046EPSS
Exploits21
Exploit DB
Exploit DB
added 2014/07/25 12:0 a.m.36 views

Microsoft Windows XP SP3 - 'MQAC.sys' Arbitrary Write Privilege Escalation (Metasploit)

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'rex' class Metasploit3 'MQAC.sys Arbitrary Write Privilege Escalation', 'Description' = %q A vulnerability within the MQAC.sys module allows an...

7.2CVSS7.4AI score0.23046EPSS
Exploits21
seebug.org
seebug.org
added 2014/07/24 12:0 a.m.60 views

Microsoft XP SP3 MQAC.sys - Arbitrary Write Privilege Escalation

No description provided by source. Title: Microsoft XP SP3 MQAC.sys Arbitrary Write Privilege Escalation Advisory ID: KL-001-2014-003 Publication Date: 2014.07.18 Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2014-003.txt 1. Vulnerability Details Affected Vendor: Microsof...

7.2CVSS6.5AI score0.23046EPSS
Exploits21
Metasploit
Metasploit
added 2014/07/22 2:4 p.m.53 views

MQAC.sys Arbitrary Write Privilege Escalation

A vulnerability within the MQAC.sys module allows an attacker to overwrite an arbitrary location in kernel memory. This module will elevate itself to SYSTEM, then inject the payload into another SYSTEM process. This module requires Metasploit: https://metasploit.com/download Current source:...

7.2CVSS6.9AI score0.23046EPSS
Exploits21
securityvulns
securityvulns
added 2014/07/22 12:0 a.m.78 views

KL-001-2014-003 : Microsoft XP SP3 MQAC.sys Arbitrary Write Privilege Escalation

Title: Microsoft XP SP3 MQAC.sys Arbitrary Write Privilege Escalation Advisory ID: KL-001-2014-003 Publication Date: 2014.07.18 Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2014-003.txt 1. Vulnerability Details Affected Vendor: Microsoft Affected Product: MQ Access Contr...

7.2CVSS0.1AI score0.23046EPSS
Exploits21
securityvulns
securityvulns
added 2014/07/22 12:0 a.m.71 views

KL-001-2014-002 : Microsoft XP SP3 BthPan.sys Arbitrary Write Privilege Escalation

Title: Microsoft XP SP3 BthPan.sys Arbitrary Write Privilege Escalation Advisory ID: KL-001-2014-002 Publication Date: 2014-07-18 Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2014-002.txt 1. Vulnerability Details Affected Vendor: Microsoft Affected Product: Bluetooth...

7.2CVSS0.1AI score0.23046EPSS
Exploits21
exploitpack
exploitpack
added 2014/07/21 12:0 a.m.47 views

Microsoft Windows XP SP3 - BthPan.sys Arbitrary Write Privilege Escalation

Microsoft Windows XP SP3 - BthPan.sys Arbitrary Write Privilege Escalation """ Title: Microsoft XP SP3 BthPan.sys Arbitrary Write Privilege Escalation Advisory ID: KL-001-2014-002 Publication Date: 2014-07-18 Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2014-002.txt 1...

7.2CVSS0.2AI score0.23046EPSS
Exploits21
Exploit DB
Exploit DB
added 2014/07/21 12:0 a.m.60 views

Microsoft Windows XP SP3 - 'BthPan.sys' Arbitrary Write Privilege Escalation

""" Title: Microsoft XP SP3 BthPan.sys Arbitrary Write Privilege Escalation Advisory ID: KL-001-2014-002 Publication Date: 2014-07-18 Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2014-002.txt 1. Vulnerability Details Affected Vendor: Microsoft Affected Product: Bluetooth...

7.2CVSS8.7AI score0.23046EPSS
Exploits21
Exploit DB
Exploit DB
added 2014/07/19 12:0 a.m.63 views

Microsoft Windows XP SP3 - 'MQAC.sys' Arbitrary Write Privilege Escalation

Title: Microsoft XP SP3 MQAC.sys Arbitrary Write Privilege Escalation Advisory ID: KL-001-2014-003 Publication Date: 2014.07.18 Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2014-003.txt 1. Vulnerability Details Affected Vendor: Microsoft Affected Product: MQ Access Contr...

7.2CVSS7.4AI score0.23046EPSS
Exploits21
Packet Storm
Packet Storm
added 2014/07/15 12:0 a.m.51 views

Oracle VirtualBox Guest Additions Arbitrary Write Privilege Escalation

Title: Oracle VirtualBox Guest Additions Arbitrary Write Privilege Escalation Advisory ID: KL-001-2014-001 Publication Date: 07.15.2014 Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2014-001.txt 1. Vulnerability Details Affected Vendor: Oracle Affected Product: VirtualBox...

3.6CVSS0.6AI score0.07197EPSS
Exploits7
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.13 views

MW6 Technologies MaxiCode ActiveX (Data param) - Buffer Overflow

No description provided by source. !-- =========================================================================== Problem: The Data parameter is subject to a buffer overflow DEFINITELY leading to arbitrary code execution. COM Object - 2355C601-37D1-42B4-BEB1-03C773298DC8 MW6MaxiCode Class File...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.12 views

Novell GroupWise Messenger <= 2.1.0 Arbitrary Memory Corruption

No description provided by source. Luigi Auriemma Application: Novell GroupWise Messenger http://www.novell.com/products/groupwise/ Versions: = 2.1.0 Platforms: Windows, Linux, NetWare Bug: write4 Exploitation: remote, versus server Date: 16 Feb 2012 found 10 May 2011 Author: Luigi Auriemma e-mai...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.46 views

Linux 3.4+ - Arbitrary write with CONFIG_X86_X32

No description provided by source. / Local root exploit for CVE-2014-0038. https://raw.github.com/saelo/cve-2014-0038/master/timeoutpwn.c Bug: The X86X32 recvmmsg syscall does not properly sanitize the timeout pointer passed from userspace. Exploit primitive: Pass a pointer to a kernel address as...

6.9CVSS6.5AI score0.34649EPSS
Exploits16
0day.today
0day.today
added 2014/02/02 12:0 a.m.74 views

Linux kernel 3.4+ Arbitrary write with CONFIG_X86_X32

Exploit for linux platform in category local exploits / Local root exploit for CVE-2014-0038. https://raw.github.com/saelo/cve-2014-0038/master/timeoutpwn.c Bug: The X86X32 recvmmsg syscall does not properly sanitize the timeout pointer passed from userspace. Exploit primitive: Pass a pointer to ...

6.9CVSS0.2AI score0.34649EPSS
Exploits16
Exploit DB
Exploit DB
added 2014/02/02 12:0 a.m.137 views

Linux Kernel 3.4 &lt; 3.13.2 (Ubuntu 13.10) - &#039;CONFIG_X86_X32&#039; Arbitrary Write (2)

/ Local root exploit for CVE-2014-0038. https://raw.github.com/saelo/cve-2014-0038/master/timeoutpwn.c Bug: The X86X32 recvmmsg syscall does not properly sanitize the timeout pointer passed from userspace. Exploit primitive: Pass a pointer to a kernel address as timeout for recvmmsg, if the...

6.9CVSS6.8AI score0.34649EPSS
Exploits16
exploitpack
exploitpack
added 2014/02/02 12:0 a.m.53 views

Linux Kernel 3.4 3.13.2 (Ubuntu 13.10) - CONFIG_X86_X32 Arbitrary Write (2)

Linux Kernel 3.4 3.13.2 Ubuntu 13.10 - CONFIGX86X32 Arbitrary Write 2 / Local root exploit for CVE-2014-0038. https://raw.github.com/saelo/cve-2014-0038/master/timeoutpwn.c Bug: The X86X32 recvmmsg syscall does not properly sanitize the timeout pointer passed from userspace. Exploit primitive: Pa...

6.9CVSS0.5AI score0.34649EPSS
Exploits16
Hacker One
Hacker One
added 2014/01/28 11:52 p.m.50 views

Sandbox Escape: Linux 3.4+: arbitrary write with CONFIG_X86_X32

asmlinkage long compatsysrecvmmsgint fd, struct compatmmsghdr user mmsg, unsigned int vlen, unsigned int flags, struct compattimespec user timeout int datagrams; struct timespec ktspec; if flags & MSGCMSGCOMPAT return -EINVAL; if COMPATUSE64BITTIME return sysrecvmmsgfd, struct mmsghdr user mmsg,...

6.9CVSS0.2AI score0.34649EPSS
Exploits16
Exploit DB
Exploit DB
added 2014/01/24 12:0 a.m.23 views

MW6 Technologies MaxiCode - ActiveX &#039;Data&#039; Buffer Overflow (PoC)

!-- =========================================================================== Problem: The Data parameter is subject to a buffer overflow DEFINITELY leading to arbitrary code execution. COM Object - 2355C601-37D1-42B4-BEB1-03C773298DC8 MW6MaxiCode Class File Description : MaxiCode ActiveX File...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2013/05/21 12:0 a.m.31 views

Microsoft Windows - Win32k!EPATHOBJ::pprFlattenRec Uninitialized Next Pointer Testcase

Microsoft Windows - Win32k!EPATHOBJ::pprFlattenRec Uninitialized Next Pointer Testcase I'm quite proud of this list cycle trick, here's how to turn it into an arbitrary write. First, we create a watchdog thread that will patch the list atomically when we're ready. This is needed because we can't...

7.4AI score
Exploits0
0day.today
0day.today
added 2013/05/21 12:0 a.m.37 views

win32k!EPATHOBJ::pprFlattenRec Uninitialized Next Pointer Testcase

Exploit for windows platform in category dos / poc I'm quite proud of this list cycle trick, here's how to turn it into an arbitrary write. First, we create a watchdog thread that will patch the list atomically when we're ready. This is needed because we can't exploit the bug while HeavyAllocPool...

7AI score
Exploits0
Rows per page
Query Builder