969 matches found
CryptSetup Ubuntu 16.4 CVE2016-4484 - Privilege Escalate
Document Title: =============== CryptSetup Ubuntu 16.4 CVE2016-4484 - Privilege Escalate References: =========== https://www.vulnerability-lab.com/getcontent.php?id=2014 Video: https://www.youtube.com/watch?v=81Qam91pRoE Credits:...
CryptSetup Ubuntu 16.4 CVE2016-4484 - Privilege Escalate
Document Title: =============== CryptSetup Ubuntu 16.4 CVE2016-4484 - Privilege Escalate References: =========== https://www.vulnerability-lab.com/getcontent.php?id=2014 Video: https://www.youtube.com/watch?v=81Qam91pRoE Credits:...
Cryptsetup Initrd LUKS Root Shell Elevation of Privilege Vulnerability
cryptsetup is a tool that implements the LUKS Linux Unified Key Setup specification, which is the Linux hard disk encryption specification. A local elevation of privilege vulnerability exists in Cryptsetup, which can be exploited to corrupt Linux boxes by pressing the Enter key for 70 seconds to...
This Hack Gives Linux Root Shell Just By Pressing 'ENTER' for 70 Seconds
A hacker with little more than a minute can bypass the authentication procedures on some Linux systems just by holding down the Enter key for around 70 seconds. The result? The act grants the hacker a shell with root privileges, which allows them to gain complete remote control over encrypted Lin...
Cryptsetup Vulnerability Grants Root Shell Access on Some Linux Systems
A vulnerability in cryptsetup, a utility used to set up encrypted filesystems on Linux distributions, could allow an attacker to retrieve a root rescue shell on some systems. From there, an attacker could have the ability to copy, modify, or destroy a hard disk, or use the network to exfiltrate...
IBM AIX 5.3/6.1/7.1/7.2 - 'lquerylv' Privilege Escalation Exploit
Exploit for linux platform in category local exploits !/usr/bin/sh AIX lquerylv 5.3, 6.1, 7.1, 7.2 local root exploit. Tested against latest patchset 7100-04 This exploit takes advantage of known issues with debugging functions within the AIX linker library. We are taking advantage of known...
FreePBX 10.13.66 Remote Command Execution / Privilege Escalation
!/usr/bin/env python ''' Title | FreePBX 13 Remote Command Execution and Privilege Escalation Date | 10/21/2016 Author | Christopher Davis Vendor | https://www.freepbx.org/ Version | FreePBX 13 & 14 System Recordings Module versions: 13.0.1beta1 - 13.0.26 Tested on |...
FreePBX 10.13.66 Remote Command Execution / Privilege Escalation Exploit
Exploit for php platform in category remote exploits !/usr/bin/env python ''' Title | FreePBX 13 Remote Command Execution and Privilege Escalation Date | 10/21/2016 Author | Christopher Davis Vendor | https://www.freepbx.org/ Version | FreePBX 13 & 14 System Recordings Module versions: 13.0.1beta...
FreePBX 13 - Remote Command Execution / Privilege Escalation
!/usr/bin/env python ''' Title | FreePBX 13 Remote Command Execution and Privilege Escalation Date | 10/21/2016 Author | Christopher Davis Vendor | https://www.freepbx.org/ Version | FreePBX 13 & 14 System Recordings Module versions: 13.0.1beta1 - 13.0.26 Tested on |...
Linux Kernel 2.6.22 3.9 (x86x64) - Dirty COW procselfmem Race Condition Privilege Escalation (SUID Method)
Linux Kernel 2.6.22 3.9 x86x64 - Dirty COW procselfmem Race Condition Privilege Escalation SUID Method / EDB-Note: After getting a shell, doing "echo 0 /proc/sys/vm/dirtywritebackcentisecs" may make the system more stable. uncomment correct payload first x86 or x64! $ gcc cowroot.c -o cowroot...
Leftover Factory Debugger Doubles as Android Backdoor
A leftover factory debugger in Android firmware made by Taiwanese electronics manufacturer Foxconn can be flipped into a backdoor by an attacker with physical access to a device. The situation is a dream for law enforcement or a forensics outfit wishing to gain root access to a targeted device...
Kerio Control Unified Threat Management Code Execution / XSS / Memory Corruption
SEC Consult has also released a blog post describing the attack scenarios of the vulnerabilities within this advisory in detail and a video which shows the remote attack. Exploit code has been developed as well but will not be released for now. Blog:...
Kerio Control Unified Threat Management 9.1.0 build 1087/9.1.1 build 1324 - Multiple Vulnerabilities
SEC Consult has also released a blog post describing the attack scenarios of the vulnerabilities within this advisory in detail and a video which shows the remote attack. Exploit code has been developed as well but will not be released for now. Blog:...
Actiontec T2200H Remote Reverse Root Shell
Device Details Vendor: Actiontec Telus Branded, but may work on others Model: T2200H but likely affecting other similar models of theirs Affected Firmware: T2200H-31.128L.03 Device Manual: http://static.telus.com/common/cms/files/internet/telust2200husermanual.pdf Reported: November 2015 Status:...
Axis Communications MPQTPACS 5.20.x - Server-Side Include Daemon Remote Format String
Axis Communications MPQTPACS 5.20.x - Server-Side Include Daemon Remote Format String !/usr/bin/env python2.7 SOF Remote Format String Exploit Axis Communications MPQT/PACS Server Side Include SSI Daemon Research and development by bashis 2016 This format string vulnerability has following...
Axis Communications MPQT/PACS SSI Remote Format String / Code Execution
!/usr/bin/env python2.7 SOF Remote Format String Exploit Axis Communications MPQT/PACS Server Side Include SSI Daemon Research and development by bashis 2016 This format string vulnerability has following characteristic: - Heap Based Exploiting string located on the heap - Blind Attack No output...
Nagios XI Chained - Remote Code Execution (Metasploit)
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Nagios XI Chained Remote Code Execution', 'Description' = %q This module exploits an SQL injection, auth bypass, file upload, command injection, a...
CVE-2016-0908
EMC Isilon OneFS 7.1.x before 7.1.1.9 and 7.2.x before 7.2.1.2 allows local users to obtain root shell access by leveraging administrative privileges...
CVE-2016-0908
EMC Isilon OneFS 7.1.x before 7.1.1.9 and 7.2.x before 7.2.1.2 allows local users to obtain root shell access by leveraging administrative privileges...
CVE-2016-0908
EMC Isilon OneFS 7.1.x before 7.1.1.9 and 7.2.x before 7.2.1.2 are affected by CVE-2016-0908. The vulnerability allows a local attacker with administrative privileges to obtain root shell access by exploiting privilege escalation within the Isilon OneFS environment. The description confirms local...