548 matches found
Oracle MySQL for Microsoft Windows Payload Execution
This module creates and enables a custom UDF user defined function on the target host via the SELECT ... into DUMPFILE method of binary injection. On default Microsoft Windows installations of MySQL = 5.5.9, directory write permissions not enforced, and the MySQL service runs as LocalSystem. NOTE...
MS Windows Token Kidnapping local provide the right solutions-vulnerability warning-the black bar safety net
Today MS updated security Bulletin This vulnerability is due inNetworkService or LocalService the following code running, you can access the same in the NetworkService or LocalService processes that run under that certain processes allow elevation of privileges for theLocalSystem it. For IIS, the...
stunnel < 4.23 Local Privilege Escalation
The remote host is running stunnel, an application for encrypting arbitrary network connections with SSL. The version of stunnel installed on the remote host, when running as a service, allows a local user to gain LocalSystem privileges due to an unspecified error. C Tenable Network Security, Inc...
SNMPc < 7.1.1 UDP Packet Handling Buffer Overflow
The remote host is running SNMPc, a network management application for Windows from Castle Rock Computing. The version of SNMPc installed on the remote host reportedly is affected by a stack-based buffer overflow vulnerability. Using a specially crafted SNMP TRAP packet with an overly long...
Immunity Canvas: NWSPOOL_C
Name| nwspoolc ---|--- CVE| CVE-2008-0639 Exploit Pack| CANVAS Description| Novell Netware Client for Windows Notes| CVE Name: CVE-2008-0639 VENDOR: Novell Notes: Use the setthreadtoken module to revert back to LocalSystem once the exploitation is successful Platforms Tested: References:...
BitDefender Update Server HTTP Request Traversal Arbitrary File Access
The version of BitDefender Update Server running on the remote host fails to sanitize request strings of directory traversal sequences, which allows an unauthenticated attacker to read files outside the web server's document directory. Note that the server runs with LocalSystem privileges by...
Microsoft Windows LSASS LPC requests privilege escalation
It's possible to execute code with LocalSystem privileges...
Cisco Security Advisory: Local Privilege Escalation Vulnerabilities in Cisco VPN Client
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Local Privilege Escalation Vulnerabilities in Cisco VPN Client Advisory ID: cisco-sa-20070815-vpnclient http://www.cisco.com/warp/public/707/cisco-sa-20070815-vpnclient.shtml Revision 1.0 For Public Release 2007 August 15 1600...
Design/Logic Flaw
Panda Antivirus 2008 stores service executables under the product's installation directory with weak permissions, which allows local users to obtain LocalSystem privileges by modifying PAVSRV51.EXE or other unspecified files, a related issue to CVE-2006-4657...
CVE-2007-4191
Panda Antivirus 2008 stores service executables under the product's installation directory with weak permissions, which allows local users to obtain LocalSystem privileges by modifying PAVSRV51.EXE or other unspecified files, a related issue to CVE-2006-4657...
CVE-2007-4191
CVE-2007-4191 affects Panda antivirus products (e.g., Panda Platinum Internet Security 2006/2007) where service executables are stored in the installation directory with weak permissions. The vulnerability allows local users to elevate privileges to LocalSystem by modifying executable files such ...
CVE-2007-4191
Panda Antivirus 2008 stores service executables under the product's installation directory with weak permissions, which allows local users to obtain LocalSystem privileges by modifying PAVSRV51.EXE or other unspecified files, a related issue to CVE-2006-4657...
pandaav-local.txt
/ Security Advisory Severity: Medium Title: Panda Antivirus 2008 Local Privileg Escalation Date: 02.08.07 Author: tarkus tarkus at tiifp dot org URL: https://tiifp.org/tarkus Vendor: Panda http://www.pandasoftware.com/ Affected Products: Panda Antivirus 2008 Not Affected Products: - Panda...
Panda Antivirus 2008 Local Privilege Escalation Exploit
Exploit for unknown platform in category local exploits ======================================================= Panda Antivirus 2008 Local Privilege Escalation Exploit ======================================================= / Security Advisory Severity: Medium Title: Panda Antivirus 2008 Local...
Panda AntiVirus 2008 - Local Privilege Escalation
Panda AntiVirus 2008 - Local Privilege Escalation / Security Advisory Severity: Medium Title: Panda Antivirus 2008 Local Privileg Escalation Date: 02.08.07 Author: tarkus tarkus at tiifp dot org URL: https://tiifp.org/tarkus Vendor: Panda http://www.pandasoftware.com/ Affected Products: Panda...
Multiple Panda Internet Security vulnerabilities
Weak installation folder permissions allow privilege escalation to LocalSystem on any logged in user account. Spam filtering can be controlled from malcrafted Web page...
Panda Antivirus 2008 Local Privileg Escalation (UPS they did it again)
Security Advisory Severity: Medium Title: Panda Antivirus 2008 Local Privileg Escalation Date: 02.08.07 Author: tarkus tarkus at tiifp dot org URL: https://tiifp.org/tarkus Vendor: Panda http://www.pandasoftware.com/ Affected Products: Panda Antivirus 2008 Not Affected Products: - Panda...
RSA Authentication Agent for Web for IIS chunked encoding overflow
Added: 07/13/2007 CVE: CVE-2005-1471 BID: 13524 OSVDB: 16164 Background RSA Authentication Agent For Web for IIS provides access control for applications on IIS web servers. Problem A heap overflow vulnerability when using chunked transfer-encoding allows remote attackers to execute arbitrary...
RSA Authentication Agent for Web for IIS chunked encoding overflow
Added: 07/13/2007 CVE: CVE-2005-1471 BID: 13524 OSVDB: 16164 Background RSA Authentication Agent For Web for IIS provides access control for applications on IIS web servers. Problem A heap overflow vulnerability when using chunked transfer-encoding allows remote attackers to execute arbitrary...
PT-2007-1907 · Barron Mccann · Barron Mccann X-Kryptor Driver
Name of the Vulnerable Software and Affected Versions: Barron McCann X-Kryptor Driver Description: The issue allows local users to gain LocalSystem privileges via interactive use of Explorer, due to the failure of the Barron McCann X-Kryptor Driver to drop privileges when launching an Explorer...