CVE-2017-15288

The compilation daemon in Scala before 2.10.7, 2.11.x before 2.11.12, and 2.12.x before 2.12.4 uses weak permissions for private files in /tmp/scala-devel/$USER:shared/scalac-compile-server-port, which allows local users to write to arbitrary class files and consequently gain privileges...

CVE-2017-15288

The compilation daemon in Scala before 2.10.7, 2.11.x before 2.11.12, and 2.12.x before 2.12.4 uses weak permissions for private files in /tmp/scala-devel/$USER:shared/scalac-compile-server-port, which allows local users to write to arbitrary class files and consequently gain privileges...

CVE-2017-15288

CVE-2017-15288 affects the Scala compilation daemon. The root cause is weak permissions for private files in /tmp/scala-devel/${USER:shared}/scalac-compile-server-port, allowing a local user to overwrite arbitrary class files and escalate privileges. Affected branches: Scala pre-2.10.7, 2.11.x be...

CVE-2017-15288

The compilation daemon in Scala before 2.10.7, 2.11.x before 2.11.12, and 2.12.x before 2.12.4 uses weak permissions for private files in /tmp/scala-devel/$USER:shared/scalac-compile-server-port, which allows local users to write to arbitrary class files and consequently gain privileges...

CVE-2017-15288

The compilation daemon in Scala before 2.10.7, 2.11.x before 2.11.12, and 2.12.x before 2.12.4 uses weak permissions for private files in /tmp/scala-devel/$USER:shared/scalac-compile-server-port, which allows local users to write to arbitrary class files and consequently gain privileges...

Scala compilation daemon elevation of privilege vulnerability

Scala is a multi-paradigm programming language. The language has various features of object-oriented programming and functional programming. compilation daemon is one of the compilation daemons. A security vulnerability in the compilation daemon in Scala versions prior to 2.10.7, 2.11.x prior to...

Scala 2.x Privilege Escalation Vulnerability

Scala versions 2.1.6 through 2.10.6, 2.11.0 through 2.11.11, and 2.12.0 through 2.12.3 suffer from a privilege escalation vulnerability. A privilege escalation vulnerability has been identified in the Scala compilation daemon. The compile daemon is started explicitly by the fsc command, or...

ASLRay - Linux ELF x32 and x64 ASLR bypass exploit with stack-spraying

Linux ELF x32 and x64 ASLR bypass exploit with stack-spraying. Properties: ASLR bypass Cross-platform Minimalistic Simplicity Unpatchable Dependencies: Linux 2.6.12+ - will work on any x86-64 Debian-based OS BASH - the whole script Limitations: Stack needs to be executable -z execstack Binary has...

UBUNTU-CVE-2017-15022

dwarf2.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, does not validate the DWATname data type, which allows remote attackers to cause a denial of service bfdhashhash NULL pointer dereference, or out-of-bounds access, and application crash via a craft...

openSUSE Security Update : nodejs4 / nodejs6 (openSUSE-2017-948)

This update for nodejs4 and nodejs6 fixes the following issues : Security issues fixed : - CVE-2017-1000381: The c-ares function aresparsenaptrreply could be triggered to read memory outside of the given input buffer if the passed in DNS response packet was crafted in a particular way. bsc1044946...

Microsoft Edge - Out-of-Bounds Access when Fetching Source Exploit

Exploit for windows platform in category dos / poc // The attached JavaScript file causes an out-of-bounds access of the source buffer when fetching the source for one of the functions during delayed compilation. The out-of-bounds value is then treated as the pointer to the source. This is likely...

Linux x86 - /bin/sh Shellcode (24 bytes)

/ ;Title: Linux/x86 - /bin/sh Shellcode ;Author: Touhid M.Shaikh ;Contact: https://github.com/touhidshaikh ;Category: Shellcode ;Architecture: Linux x86 ;Description: This shellcode baased on stack method to Execute "/bin//sh". Length of shellcode is 24 bytes. ;Tested on : 3.2.0-23-generic-pae...

Linux x86 - /bin/sh Shellcode (24 bytes)

Linux x86 - /bin/sh Shellcode 24 bytes. Shellcode exploit for Linx86 platform / ;Title: Linux/x86 - /bin/sh Shellcode ;Author: Touhid M.Shaikh ;Contact: https://github.com/touhidshaikh ;Category: Shellcode ;Architecture: Linux x86 ;Description: This shellcode baased on stack method to Execute...

CVE-2017-9225

An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack out-of-bounds write in onigencunicodegetcasefoldcodesbystr occurs during regular expression compilation. Code point 0xFFFFFFFF is not properly handled in...

Carbon Black Threat Research Technical Analysis: Petya / NotPetya Ransomware

On June 27, public announcements were made about a large-scale campaign of ransomware attacks across Europe. The ransomware impacted notable industries such as Maersk, the world’s largest container shipping company. The initial infection vector appears to be the exploitation of a Ukrainian tax...

GNU binutils - aarch64_ext_ldst_reglist Buffer Overflow Exploit

Exploit for linux platform in category dos / poc Source: https://sourceware.org/bugzilla/showbug.cgi?id=21595 I have been fuzzing objdump with American Fuzzy Lop and AddressSanitizer. Please find attached the minimized file causing the issue "Input" and the ASAN report log "Output". Below is the...

GNU binutils - ieee_object_p Stack Buffer Overflow

GNU binutils - ieeeobjectp Stack Buffer Overflow Source: https://sourceware.org/bugzilla/showbug.cgi?id=21582 I have been fuzzing objdump with American Fuzzy Lop and AddressSanitizer. Please find attached the minimized file causing the issue "Input" and the ASAN report log "Output". Below is the...

GNU binutils - print_insn_score16 Buffer Overflow

GNU binutils - printinsnscore16 Buffer Overflow Source: https://sourceware.org/bugzilla/showbug.cgi?id=21576 I have been fuzzing objdump with American Fuzzy Lop and AddressSanitizer. Please find attached the minimized file causing the issue "Input" and the ASAN report log "Output". Below is the...

GNU binutils - 'rx_decode_opcode' Buffer Overflow

Source: https://sourceware.org/bugzilla/showbug.cgi?id=21587 I have been fuzzing objdump with American Fuzzy Lop and AddressSanitizer. Please find attached the minimized file causing the issue "Input" and the ASAN report log "Output". Below is the reduced stacktrace with links to the correspondin...

GNU binutils - 'bfd_get_string' Stack Buffer Overflow

Source: https://sourceware.org/bugzilla/showbug.cgi?id=21581 I have been fuzzing objdump with American Fuzzy Lop and AddressSanitizer. Please find attached the minimized file causing the issue "Input" and the ASAN report log "Output". Below is the reduced stacktrace with links to the correspondin...