138 matches found
ios-resources
PoC exploit for iOS device. The primary CVE ID is not explicitly mentioned, but the repository contains resources for iOS hacking, including ARMv8 instruction set documentation and assembly language crash course. The target product/service is the iOS operating system, and the vulnerability...
glibc security, bug fix, and enhancement update
2.28-101.0.1 - add Ampere emag to tunable cpu list Patrick McGehearty - add optimized memset for emag - add an ASIMD variant of strlen for falkor - Orabug: 2700101. - Modify glibc-ora28849085.patch so it works with RHCK kernels. - Orabug: 28849085. - Make IOfunlockfile match funlockfile and...
Denial Of Service (DoS)
glibc is vulnerable to privilege escalation. It was discovered that the glibc dynamic linker/loader did not handle the $ORIGIN dynamic string token set in the LDAUDIT environment variable securely. A local attacker with write access to a file system containing setuid or setgid binaries could use...
Privilege Escalation
glibc is vulnerable to privilege escalation. The vulnerability exists as it was discovered that the glibc dynamic linker/loader did not perform sufficient safety checks when loading dynamic shared objects DSOs to provide callbacks for its auditing API during the execution of privileged programs. ...
PT-2020-19976 · Nextcloud · Nextcloud Desktop Client
Name of the Vulnerable Software and Affected Versions: Nextcloud Desktop Client version 2.6.2 Description: A code injection issue allows loading arbitrary code when starting the client with DYLD INSERT LIBRARIES set in the environment. Recommendations: For Nextcloud Desktop Client version 2.6.2, ...
CVE-2019-19726
OpenBSD through 6.6 allows local users to escalate to root because a check for LDLIBRARYPATH in setuid programs can be defeated by setting a very small RLIMITDATA resource limit. When executing chpass or passwd which are setuid root, dlsetupenv in ld.so tries to strip LDLIBRARYPATH from the...
Goblin - An Impish, Cross-Platform Binary Parsing Crate, Written In Rust
Documentation https://docs.rs/goblin/ changelog Usage Goblin requires rustc 1.31.1. Add to your Cargo.toml dependencies goblin = "0.1" Features awesome crate name zero-copy, cross-platform, endian-aware, ELF64/32 implementation - wow! zero-copy, cross-platform, endian-aware, 32/64 bit Mach-o pars...
glibc security and bug fix update
2.12-1.212.0.1 - backport rh patch 1047983 from OL7, Orabug 25407655 2.12-1.212 - CVE-2017-15670: glob: Fix one-byte overflow with GLOBTILDE 1504810 - CVE-2017-15804: glob: Fix buffer overflow in GLOBTILDE unescaping 1504810 2.12-1.211 - Avoid large allocas in the dynamic linker 1452717 2.12-1.21...
glibc LD_AUDIT libmemusage.so RHEL-Based Arbitrary DSO Load Privilege Escalation Exploit
Exploit for linux platform in category local exploits require 'msf/core/exploit/local/linux' require 'msf/core/exploit/exe' class MetasploitModule 'glibc LDAUDIT libmemusage.so RHEL-Based Arbitrary DSO Load Privilege Escalation', 'Description' = %q This module attempts to gain root privileges on...
glibc LD_AUDIT Arbitrary DSO Load Privilege Escalation Exploit
This Metasploit module attempts to gain root privileges on Linux systems by abusing a vulnerability in the GNU C Library glibc dynamic linker. glibc ld.so in versions before 2.11.3, and 2.12.x before 2.12.2 does not properly restrict use of the LDAUDIT environment variable when loading setuid...
glibc LD_AUDIT Arbitrary DSO Load Privilege Escalation
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core/exploit/local/linux' require 'msf/core/exploit/exe' class MetasploitModule 'glibc LDAUDIT Arbitrary DSO Load Privilege Escalation', 'Description' = %q...
glibc '$ORIGIN' Expansion Privilege Escalation
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core/exploit/local/linux' require 'msf/core/exploit/exe' class MetasploitModule "glibc '$ORIGIN' Expansion Privilege Escalation", 'Description' = %q This...
glibc '$ORIGIN' Expansion Privilege Escalation
This module attempts to gain root privileges on Linux systems by abusing a vulnerability in the GNU C Library glibc dynamic linker. glibc ld.so versions before 2.11.3, and 2.12.x before 2.12.2 does not properly restrict use of the LDAUDIT environment variable when loading setuid executables which...
glibc LD_AUDIT Arbitrary DSO Load Privilege Escalation
This module attempts to gain root privileges on Linux systems by abusing a vulnerability in the GNU C Library glibc dynamic linker. glibc ld.so in versions before 2.11.3, and 2.12.x before 2.12.2 does not properly restrict use of the LDAUDIT environment variable when loading setuid executables...
Fedora 27 : glibc (2018-7714b514e2)
This update addresses two security vulnerabilities : - CVE-2017-16997: Check for empty tokens before dynamic string token expansion in the dynamic linker, so that pre-existing privileged programs with $ORIGIN rpaths/runpaths do not cause the dynamic linker to search the current directory,...
Fedora 26 : glibc (2018-8e27ad96ed)
This update addresses two security vulnerabilities : - CVE-2017-15670, CVE-2017-15671, CVE-2017-15804: Various vulnerabilities could lead to memory corruption in the glob and glob64 function. RHBZ1505298, RHBZ1504807 - CVE-2017-16997: Check for empty tokens before dynamic string token expansion i...
Fedora 27 : glibc (2017-828f8a8fc6)
This update addresses RHBZ1468837, which caused bash to lack job control in mock chroots. Note that glibc inside the chroot needs to be upgraded for the fix to be effective. In additon, two dynamic linker issues where fixed which are not security bugs, but received CVE IDs nevertheless RHBZ152486...
Remote code execution
Embedthis GoAhead before 3.6.5 allows remote code execution if CGI is enabled and a CGI program is dynamically linked. This is a result of initializing the environment of forked CGI scripts using untrusted HTTP request parameters in the cgiHandler function in cgi.c. When combined with the glibc...
CVE-2017-17562
Embedthis GoAhead before 3.6.5 allows remote code execution if CGI is enabled and a CGI program is dynamically linked. This is a result of initializing the environment of forked CGI scripts using untrusted HTTP request parameters in the cgiHandler function in cgi.c. When combined with the glibc...
CVE-2017-17562
Embedthis GoAhead before 3.6.5 allows remote code execution if CGI is enabled and a CGI program is dynamically linked. This is a result of initializing the environment of forked CGI scripts using untrusted HTTP request parameters in the cgiHandler function in cgi.c. When combined with the glibc...