548 matches found
Abusing BITS: BITSInject
Windows’ BITS service is a middleman for your download jobs. You start a BITS job, and from that point on, BITS is responsible for the download. But what if we tell you that BITS is a careless middleman? We have uncovered the way BITS maintains its jobs queue using a state file on disk, and found...
Schneider Electric Pelco VideoXpert Privilege Escalation Vulnerability
Schneider Electric Pelco VideoXpert is vulnerable to an elevation of privileges vulnerability which can be used by a simple user that can change the executable file with a binary of choice. The vulnerability exist due to the improper permissions, with the 'F' flag full for the 'Users' group, for...
Schneider Electric Pelco VideoXpert Privilege Escalation
Schneider Electric Pelco VideoXpert Privilege Escalations Vendor: Schneider Electric SE Product web page: https://www.pelco.com Affected version: Core Software 1.12.105 Media Gateway Software 1.12.26 Exports 1.12 Summary: VideoXpert is a video management solution designed for scalability, fitting...
Another RCE Vulnerability Patched in Microsoft Malware Protection Engine
Google Project Zero continues to scrape away at the ubiquitous Microsoft Malware Protection Engine at the core of many security products embedded in Windows, and it continues to discover new critical vulnerabilities. The latest, another remote code execution flaw, was patched on Friday after it w...
Microsoft Malware Protection Engine Remote Code Execution Vulnerability
A remote code execution vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to memory corruption. An attacker who successfully exploited this vulnerability could execute arbitrary code in the security context of the LocalSyste...
Microsoft Malware Protection Engine < 1.1.13903 RCE
The version of Microsoft Malware Protection Engine MMPE installed on the remote Windows host is prior to 1.1.13903.0. It is, therefore, affected by a remote code execution vulnerability due to improper handling of files during scanning. An unauthenticated, remote attacker can exploit this, via a...
Microsoft Malware Protection Engine Remote Code Execution Vulnerability
A remote code execution vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to memory corruption. An attacker who successfully exploited this vulnerability could execute arbitrary code in the security context of the LocalSyste...
Microsoft Malware Protection Engine Remote Code Execution Vulnerability
A remote code execution vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to memory corruption. An attacker who successfully exploited this vulnerability could execute arbitrary code in the security context of the LocalSyste...
Microsoft Security Essentials RCE Vulnerability (KB4022344)
This host is missing an important security update according to Microsoft KB4022344. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescripti...
Microsoft Malware Protection Engine RCE (CVE-2017-0290)
Natalie Silvanovich and Tavis Ormandy of Google Project Zero found a pretty nasty bug in Microsoft Malware Protection Engine, allowing an attacker to execute arbitrary code as LocalSystem on any Windows computer running any Microsoft anti-malware product such as Security Essentials or Windows...
MS Security Advisory 4022344: Security Update for Microsoft Malware Protection Engine
The version of Microsoft Malware Protection Engine MMPE installed on the remote Windows host is prior to 1.1.13704.0. It is, therefore, affected by a remote code execution vulnerability in the NScript component in mpengine.dll due to a type confusion error. An unauthenticated, remote attacker can...
Microsoft Malware Protection Engine Remote Code Execution Vulnerability
A remote code execution vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to memory corruption. An attacker who successfully exploited this vulnerability could execute arbitrary code in the security context of the LocalSyste...
MS15-076 Windows: DCOM DCE/RPC Local NTLM Reflection Elevation of Privilege (CVE-2015-2370)
Windows: DCOM DCE/RPC-Local NTLM Reflection Elevation of Privilege Platform: Windows 8.1 Update not tested on Windows 7, 10 Class: Elevation of Privilege Summary: Local DCOM DCE/RPC connections can be reflected back to a listening TCP socket allowing access to an NTLM authentication challenge for...
EasyPHP Webserver 14.1b2 Privilege Escalation
Exploit Title: EasyPHP-Webserver Service - Privilege Escalation Date: date Exploit Author: Owais Mehtab, Tayeeb Rana Vendor Homepage: www.easyphp.org/ Software Link: http://www.easyphp.org/easyphp-webserver.php Version: 14.1b2 Tested on: Win7 Sp1 C:\Program Files...
HP Hotkey Support Service 6.2.17.1 Privilege Escalation
Exploit Title: HP Hotkey Support Service - Unquoted Service Path Privilege Escalation Date: date Exploit Author: Owais Mehtab, Tayeeb Rana Vendor Homepage: http://www.hp.com/ Software Link: http://h20564.www2.hp.com/hpsc/swd/public/detail?swItemId=ob1296721 Version: 6.2.17.1 Tested on: Win7 Sp1...
Apache CouchDB 2.0.0 Local Privilege Escalation
Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/APACHE-COUCHDB-LOCAL-PRIVILEGE-ESCALATION.txt + ISR: ApparitionSec Vendor: ================== couchdb.apache.org Product: ============== CouchDB v2.0.0 Apache CouchDB is open...
Apache CouchDB 2.0.0 - Local Privilege Escalation Vulnerability
Exploit for windows platform in category local exploits + Credits: John Page aka hyp3rlinx Vendor: ================== couchdb.apache.org Product: ============== CouchDB v2.0.0 Apache CouchDB is open source database software that focuses on ease of use and having an architecture. It has a...
Apache CouchDB 2.0.0 - Local Privilege Escalation
Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/APACHE-COUCHDB-LOCAL-PRIVILEGE-ESCALATION.txt + ISR: ApparitionSec Vendor: ================== couchdb.apache.org Product: ============== CouchDB v2.0.0 Apache CouchDB is open...
NO-IP DUC v4.1.1 Unquoted Service Path Privilege Escalation Exploit
Exploit Title : NO-IPprivilegescalation.rb - 'Unquoted Service Path Privilege Escalation' PDF Version : 4.1.1 vuln Discover : Ehsan Hosseini Module Author : pedr0 Ubuntu r00t-3xp10it Tested on : Windows 7 Professional Software Link : http://www.noip.com/client/DUCSetupv411.exe DESCRIPTION NO-IP D...
WampServer 3.0.6 - Insecure File Permissions Vulnerability
WampServer Formerly WAMP5 is a Web development platform WAMP type, for operating locally without connecting to an external server PHP scripts. WampServer is not in itself a software but an environment with two servers Apache and MySQL, a script interpreter PHP and phpMyAdmin for administration We...