156 matches found
Mac OS X Sudo Password Bypass Vulnerability
This Metasploit module gains a session with root permissions on versions of OS X with sudo binary vulnerable to CVE-2013-1775. Tested working on Mac OS 10.7-10.8.4, and possibly lower versions. If your session belongs to a user with Administrative Privileges the user is in the sudoers file and is...
Mac OS X Admin Group User List
Using the supplied credentials, Nessus was able to extract the member list of the 'Admin' and 'Wheel' groups. Members of these groups have administrative access to the remote system. TRUSTED...
Windows Gather Privileges Enumeration
This module will print if UAC is enabled, and if the current account is ADMIN enabled. It will also print UID, foreground SESSION ID, is SYSTEM status and current process PRIVILEGES. This module requires Metasploit: https://metasploit.com/download Current source:...
Adobe Acrobat 9.1.2 NOS - Local Privilege Escalation
!/usr/bin/env python Adobe Acrobat v9.1.2 Local Privilege Escalation Exploit Coded By: DrIDE Discovered by: Nine:Situations:Group Tested On: Windows XP SP2, Requires NOS Package Installed Usage: python DrIDE-Adobe912.py import os, subprocess Should probably have a try block around this as not eve...
XSS vulnerability can be exploited on the WebDAV Configuration page
Steps: Go to WebDAV Configuration Enter 'alert"XSS"' Click on 'Add new regex' button The script will be executed. It will continue to be executed whenever a user clicks on the 'Save' button. This can be done by users in the confluence-admin group, so it could be used by them to gain access to...
Ability to grant Import/Export privileges to a group or a user
In our JIRA environment, we have several projects where each of the project admins uploads tasks from a CSV file into their respective project. Inorder for these project admins have the upload permissions, they need to be part of the JIRA System Administration group. This is unacceptable and is a...
Mercur Messaging 2005 IMAP (SUBSCRIBE) Remote Exploit (win2k SP4)
No description provided by source. !/usr/bin/python Remote exploit for the stack overflow vulnerability in Mercur Messaging 2005 SP3 IMAP service. The exploit was tested on windows 2000 server SP4 in a Vmware environment. At the time of overflow EBX points to our shellcode. However this buffer in...
Mercur Messaging 2005 IMAP (SUBSCRIBE) Remote Exploit (win2k SP4)
Exploit for unknown platform in category remote exploits ================================================================= Mercur Messaging 2005 IMAP SUBSCRIBE Remote Exploit win2k SP4 ================================================================= !/usr/bin/python Remote exploit for the stack...
CVE-2007-0467
crashdump in Apple Mac OS X 10.4.8 allows local users in the admin group to modify arbitrary files or gain privileges via a symlink attack on application logs in /Library/Logs/CrashReporter/...
Mac OS X crashdump symbolic links security vulnerability
Symbolic links problem on creating dump file in user's home. Allows admin group user to escalate privileges to root...
Code injection
The 1 Activity Monitor.app/Contents/Resources/pmTool, 2 Keychain Access.app/Contents/Resources/kcproxy, and 3 ODBC Administrator.app/Contents/Resources/iodbcadmintool programs in /Applications/Utilities/ in Mac OS X 10.4.8 have weak permissions writable by admin group, which allows local admin...
MOAB-15-01-2007: Multiple Mac OS X Local Privilege Escalation Vulnerabilities
Summary Multiple binaries inside the /Applications directory tree are setuid root, but remain writable by users in the admin group ex. first user by default in a non-server Mac OS X installation, allowing privilege escalation. A malicious user can overwrite the binaries and perform a disk...
Kerio WebStar本地权限提升漏洞
Kerio WebSTAR是运行在Mac OS X平台上的WEB服务器。 Kerio WebSTAR在不安全的权限安装程序文件,本地攻击者可能利用此提升自己的权限。 在安装Kerio WebSTAR时/Applications中继承了两个setuid二进制程序: kevin-finisterres-computer:/Desktop kf$ find /Applications/Kerio\ WebSTAR -perm -4000 -ls 978790 3016 -rwsrwx--x 1 root admin 1542556 Apr 10 2006 /Applications/Kerio...
Kerio WebSTAR 5.4.2 (libucache.dylib) Privilege Escalation Exploit (OSX)
Exploit for macOS platform in category local exploits ======================================================================== Kerio WebSTAR 5.4.2 libucache.dylib Privilege Escalation Exploit OSX ======================================================================== !/usr/bin/perl...
Kerio WebSTAR 5.4.2 (OSX) - 'libucache.dylib' Local Privilege Escalation
!/usr/bin/perl http://www.digitalmunition.com written by kf kflistsatdigitalmunitiondotcom you must have access to the webstar user or be in the admin group This is currently not patched... chmod -s your kerio binaries foreach $key keys %ENV delete $ENV$key; $tgts"0" = "kerio-webstar-5.4.2-mac.bi...
CVE-2001-1240
The default configuration of sudo in Engarde Secure Linux 1.0.1 allows any user in the admin group to run certain commands that could be leveraged to gain full root access...