CVE-2015-4526

EMC RecoverPoint for Virtual Machines VMs 4.2 allows local users to obtain root-shell access by bypassing the Installation Manager Boxmgmt CLI interface...

Ubuntu aeration local elevation of privilege vulnerability, CVE-2 0 1 5-1 3 2 8）, The impact of multiple versions-vulnerability warning-the black bar safety net

Due to the particular case when the file is created the permissions check bug, the Ubuntu operating system exposure to local privilege escalation vulnerabilities affect Ubuntu 12.04 and 14.04, and 14.10, and 15.04 version. The current Ubuntu official has been fixed the vulnerability. The...

Fuse 2.9.3-15 - Local Privilege Escalation

Fuse 2.9.3-15 - Local Privilege Escalation Source: https://gist.github.com/taviso/ecb70eb12d461dd85cba Tweet: https://twitter.com/taviso/status/601370527437967360 Recommend Reading: http://seclists.org/oss-sec/2015/q2/520 YouTube: https://www.youtube.com/watch?v=V0i3uJJPJ88 Making a demo exploit...

GoAutoDial CE 3.3-1406088000 - Authentication Bypass Arbitrary File Upload Command Injection

GoAutoDial CE 3.3-1406088000 - Authentication Bypass Arbitrary File Upload Command Injection Affected software: GoAutoDial Affected version: 3.3-1406088000 GoAdmin and previous releases of GoAutodial 3.3 Associated CVEs: CVE-2015-2842, CVE-2015-2843, CVE-2015-2844, CVE-2015-2845 Vendor advisory:...

Apport/Abrt (Ubuntu / Fedora) - Local Privilege Escalation

define GNUSOURCE include include include include include include include include include include include include include include warning this file must be compiled with -static // // Apport/Abrt Vulnerability Demo Exploit. // // Apport: CVE-2015-1318 // Abrt: CVE-2015-1862 // // --...

WeCenter SQL注射（ROOT SHELL）

简要描述： WeCenter SQL注射（ROOT SHELL） 详细说明： ajax.php： public function questionlistaction if $GET'featureid' if $topicids = $this-model'feature'-gettopicsbyfeatureid$GET'featureid' $GET'topicid' = implode',', $topicids; switch $GET'type' case 'best': $actionlist =...

Airties Air5650v3TT Remote Stack Overflow

!/usr/bin/env python Exploit for the AIRTIES Air5650v3TT Spawns a reverse root shell Author: Batuhan Burakcin Contact: [email protected] Twitter: @batuhanburakcin Web: http://www.bmicrosystems.com import sys import time import string import socket, struct import urllib, urllib2, httplib i...

ASUS-RT-AC66U-acsd-Param

TitleASUS RT-AC66U Remote Root Shell Exploit - acsd param command Discovered and ReportedJune 2013 Discovered/Exploited ByJacob Holcomb/Gimppy and Jacob Thompson Security Analsyts @ Independent Security Evaluators Software Vendorhttp://asus.com Exploit/Advisoryhttp://securityevaluators.com,...

Sniffit Root Shell

CVE-2014-5439 - Root shell on Sniffit Authors: Ismael Ripoll & Hector Marco CVE: CVE-2014-5439 Dates: July 2014 - Discovered the vulnerability Description Sniffit is a packet sniffer and monitoring tool. A bug in sniffit prior to 0.3.7 has been found. The bug is caused by an incorrect...

Bosch Security Systems DVR 630/650/670 Series - Multiple Vulnerabilities

No description provided by source. :::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ "Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP" "YmmMMMM"" MMM YM Discovered by dun \ posdubatgmail.com 2014-10-01 Bosch Security Systems DVR 630/650/670 Series Multiple Vulnerabilities Device: "Th...

Cisco IOS XE Software Challenge/Response Bypass Vulnerability

A vulnerability in the request system shell command supported by specific Cisco IOS XE platforms WS-C3850, WS-C3650, AIR-CT5760, and WS-C4500X could allow an authenticated, local attacker with administrative privilege 15 to access the underlying Linux root shell. The vulnerability is due to...

Bosch Security Systems DVR 630/650/670 Series - Multiple Vulnerabilities

Bosch Security Systems DVR 630/650/670 series systems suffer from remote command execution as root and administrative password disclosure vulnerabilities. :::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ "Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP" "YmmMMMM"" MMM YM Discovered ...

Bosch Security Systems DVR 630/650/670 Series - Multiple Vulnerabilities

:::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ "Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP" "YmmMMMM"" MMM YM Discovered by dun \ posdubatgmail.com 2014-10-01 Bosch Security Systems DVR 630/650/670 Series Multiple Vulnerabilities Device: "The Bosch Video Recorder 630/650 Seri...

Bosch Security Systems DVR 630/650/670 Root Shell / Password Disclosure

:::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ "Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP" "YmmMMMM"" MMM YM Discovered by dun \ posdubatgmail.com 2014-10-01 Bosch Security Systems DVR 630/650/670 Series Multiple Vulnerabilities Device: "The Bosch Video Recorder 630/650 Seri...

ALCASAR 2.8.1 - Remote Code Execution

ALCASAR 2.8.1 - Remote Code Execution !/usr/bin/env python -- coding: utf-8 -- ALCASAR = 2.8.1 Remote Root Code Execution Vulnerability Author: eF Date : 2014-09-12 URL : http://www.alcasar.net/ This is not a responsible disclosure coz' I have no sense of ethics and I don't give a fck. db 88...

RedHat Linux 6.0 Single User Mode Authentication Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1005/info A vulnerability exists in the manner in which RedHat Linux 6.0 protects the obtaining of a shell by booting single user mode. RedHat will prompt for the root password upon entering single user mode. Pressing ^C...

libvirt_proxy <= 0.5.1 - Local Privilege Escalation Exploit

No description provided by source. / cve-2009-0036.c libvirtproxy = 0.5.1 Local Privilege Escalation Exploit Jon Oberheide [email protected] http://jon.oberheide.org Information: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0036 Buffer overflow in the proxyReadClientSocket function in...

QNX RTOS 4.25/6.1 phgrafx-startup Privilege Escalation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/4916/info The QNX phgrafx-startup utility is prone to an issue which may make it possible for local attackers to escalate privileges. This issue is due to unsafe use of the system function to invoke other programs. This...

Mandrake 7.0/7.1,RedHat Kon2 0.3.9 fld Input File Overflow

No description provided by source. source: http://www.securityfocus.com/bid/1371/info KON Kanji On Console is a package for displaying Kanji text under Linux and comes with two suid binaries which are vulnerable to buffer overflows. fld, one of the vulnerable programs, accepts options input from ...

FreeBSD 3.3,Linux Mandrake 7.0 'xsoldier' Buffer Overflow Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/871/info Certain versions of FreeBSD 3.3 Confirmed and Linux Mandrake confirmed ship with a vulnerable binary in their X11 games package. The binary/game in question, xsoldier, is a setuid root binary meant to be run via ...