290 matches found
Important: git
Issue Overview: The --export-marks option of git fast-import is exposed also via the in-stream command feature export-marks=... and it allows overwriting arbitrary paths.CVE-2019-1348 When submodules are cloned recursively, under certain circumstances Git could be fooled into using the same Git...
The compatibility subsystem for running Linux applications allows the Windows Subsystem for Linux (WSL), a operating system that enables attackers to enhance their privileges.
The vulnerability of the compatibility subsystem for running Linux applications stems from synchronization errors when using a shared resource. Exploiting this vulnerability can allow an attacker to increase their privileges through a specially created application...
Microsoft Windows Subsystem for Linux Elevation of Privilege Vulnerability
Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation.Microsoft Windows is an operating system for personal devices.Microsoft Windows Server is a server operating system. Microsoft Windows Server is a server operating system. Windows Subsystem for Linux is one ...
CVE-2019-1416
An elevation of privilege vulnerability exists due to a race condition in Windows Subsystem for Linux, aka 'Windows Subsystem for Linux Elevation of Privilege Vulnerability'...
Race condition
An elevation of privilege vulnerability exists due to a race condition in Windows Subsystem for Linux, aka 'Windows Subsystem for Linux Elevation of Privilege Vulnerability'...
CVE-2019-1416
An elevation of privilege vulnerability exists due to a race condition in Windows Subsystem for Linux, aka 'Windows Subsystem for Linux Elevation of Privilege Vulnerability'...
KB4525237: Windows 10 Version 1803 November 2019 Security Update
The remote Windows host is missing security update 4525237. It is, therefore, affected by multiple vulnerabilities : - A security feature bypass vulnerability exists when Windows Netlogon improperly handles a secure communications channel. An attacker who successfully exploited the vulnerability...
KB4523205: Windows 10 Version 1809 and Windows Server 2019 November 2019 Security Update
The remote Windows host is missing security update 4523205. It is, therefore, affected by multiple vulnerabilities : - A security feature bypass vulnerability exists when Windows Netlogon improperly handles a secure communications channel. An attacker who successfully exploited the vulnerability...
The compatibility subsystem for running Linux applications allows Windows Subsystem for Linux (WSL) operating systems. This enables attackers to elevate their privileges and execute arbitrary code.
The vulnerability of the compatibility subsystem for running Linux applications in Windows Subsystem for Linux WSL operating systems is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges and execute arbitrary code using a...
Microsoft Windows Subsystem for Linux Privilege Exploit
Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation.Microsoft Windows is an operating system for personal devices.Microsoft Windows Server is a server operating system. Microsoft Windows Server is a server operating system. Windows Subsystem for Linux is one ...
CVE-2019-1185
An elevation of privilege vulnerability exists due to a stack corruption in Windows Subsystem for Linux. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker could run a specially...
Privilege escalation
An elevation of privilege vulnerability exists due to a stack corruption in Windows Subsystem for Linux, aka 'Windows Subsystem for Linux Elevation of Privilege Vulnerability'...
CVE-2019-1185 Windows Subsystem for Linux Elevation of Privilege Vulnerability
...
CVE-2019-1185
CVE-2019-1185 affects Windows Subsystem for Linux. It is an elevation-of-privilege flaw caused by stack corruption in WSL, exploitable by a locally authenticated attacker via a crafted application to run code with elevated privileges. Mitigation is a security update that corrects how WSL handles ...
Windows Subsystem for Linux Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists due to a stack corruption in Windows Subsystem for Linux. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker could run a specially...
PT-2019-3050 · Microsoft · Windows Subsystem For Linux +1
Name of the Vulnerable Software and Affected Versions: Windows Subsystem for Linux WSL affected versions not specified Description: The issue is related to insufficient access control in the Windows Subsystem for Linux, which can be exploited to elevate privileges and execute arbitrary code using...
Commando VM 2.0: Customization, Containers, and Kali, Oh My!
The Complete Mandiant Offensive Virtual Machine “Commando VM” swept the penetration testing community by storm when it debuted in early 2019 at Black Hat Asia Arsenal. Our 1.0 release made headway featuring more than 140 tools. Well now we are back again for another spectacular release, this time...
CVE-2019-0692
An elevation of privilege vulnerability exists due to an integer overflow in Windows Subsystem for Linux, aka 'Windows Subsystem for Linux Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0682, CVE-2019-0689, CVE-2019-0693, CVE-2019-0694...
CVE-2019-0682
An elevation of privilege vulnerability exists due to an integer overflow in Windows Subsystem for Linux, aka 'Windows Subsystem for Linux Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0689, CVE-2019-0692, CVE-2019-0693, CVE-2019-0694...
CVE-2019-0689
An elevation of privilege vulnerability exists due to an integer overflow in Windows Subsystem for Linux, aka 'Windows Subsystem for Linux Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0682, CVE-2019-0692, CVE-2019-0693, CVE-2019-0694...