228 matches found
VMWare Setuid vmware-mount Unsafe popen(3)
VMWare Workstation up to and including 9.0.2 build-1031769 and Player have a setuid executable called vmware-mount that invokes lsbrelease in the PATH with popen3. Since PATH is user-controlled, and the default system shell on Debian-derived distributions does not drop privs, we can put an...
WinRM Script Exec Remote Code Execution
This module uses valid credentials to login to the WinRM service and execute a payload. It has two available methods for payload delivery: Powershell 2 and above and VBS CmdStager. The module will check if Powershell is available, and if so uses that method. Otherwise it falls back to the VBS...
Code injection
IBM Flex System Chassis Management Module CMM and Integrated Management Module 2 IMM2 allow local users to obtain sensitive information about 1 local accounts, 2 SSH private keys, 3 SSL/TLS private keys, 4 SNMPv3 communities, and 5 LDAP credentials by leveraging unspecified side effects of servic...
ABC.go.com Cross Site Scripting
.. . . \ \ || | \ \ | | / \ | \ \ | | |\ / \ | \ | / / Y \ \ | / \ / / / |/\ /| / /| / / / /|| / / / / / / / / / abc.go.COM XSS vulnerability vendor: www.abc.go.com Author: Karthik R 3psil0nLambDa Email: [email protected] My blog: www.epsilonlambda.co.cc...
Syctel Design Local File Inclusion
=========================================================================== Syctel Design Local File Inclusion Vulnerability =========================================================================== Name: Syctel Design Local File Inclusion Vulnerability Vendor: www.Syctel.Com Date: 2011-04-21...
Multi Gather Generic Operating System Environment Settings
This module prints out the operating system environment variables. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Multi Gather Generic Operating System Environment Settings', 'Description' = %...
Kcms Profile Server
The Kodak Color Management System service is running. The KCMS service on Solaris 2.5 could allow a local user to write to arbitrary files and gain root access. This warning may be a false positive since the presence of the bug has not been tested. Patches: 107337-02 SunOS 5.7 has been released a...
CVE-2019-10912: Prevent destructors with side-effects from being unserialized
More info at https://symfony.com/cve-2019-10912...