11 matches found
EUVD-2011-0208
Malware in sbrugna...
CVE-2021-36710
ToaruOS 1.99.2 is affected by incorrect access control via the kernel. Improper MMU management and having a low GDT address allows it to be mapped in userland. A call gate can then be written to escalate to CPL 0...
CVE-2021-36710
ToaruOS 1.99.2 is affected by incorrect access control via the kernel. Improper MMU management and having a low GDT address allows it to be mapped in userland. A call gate can then be written to escalate to CPL 0...
Design/Logic Flaw
ToaruOS 1.99.2 is affected by incorrect access control via the kernel. Improper MMU management and having a low GDT address allows it to be mapped in userland. A call gate can then be written to escalate to CPL 0...
CVE-2021-36710
ToaruOS 1.99.2 is affected by incorrect access control via the kernel. Improper MMU management and having a low GDT address allows it to be mapped in userland. A call gate can then be written to escalate to CPL 0...
CVE-2021-36710
CVE-2021-36710 affects ToaruOS 1.99.2, with incorrect kernel access control due to improper MMU management and a low GDT address that allows userland mapping. This enables writing a call gate to escalate to CPL 0, per multiple connected sources (Red Hat, NVD, PRION/PT-PT, CNNVD, etc.). No public ...
Microsoft Windows Kernel 'Win32k.sys' Local Privilege Escalation Vulnerability(CVE-2018-8120)
作者:bigric3 作者博客: 5月15日ESET发文其在3月份捕获了一个 pdf远程代码执行(cve-2018-4990)+windows本地权限提升(cve-2018-8120)的样本。ESET发文后,我从vt上下载了这样一份样本()。初步逆向,大致明确如外界所传,该漏洞处于开发测试阶段,不慎被上传到了公网样本检测的网上,由ESET捕获并提交微软和adobe修补。测试特征字符串如下 定位样本中关键的代码并调试分析...
Apple Mac OS X 'i386_set_ldt()' Privilege Escalation Vulnerability
Mac OS X is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mac OS X Kernel Panic
/ Mac OS X include include include include include void dummyfunc void asm volatile ".byte 0xff" ; int main void int ret; union ldtentry cgate, cgate2; char dummy128 = 0x00,; cgate.callgate.offset00 = unsigned intdummyfunc & 0xffff; cgate.callgate.offset16 = unsigned intdummyfunc 16 & 0xffff; //...
Rising AntiVirus 2008/2009/2010 Local Privilege Escalation Exploit-vulnerability warning-the black bar safety net
Affected version:Rising AntiVirus 2 0 0 8 / 2 0 0 9 / 2 0 1 0 漏洞 描述 :RsNtGdi.sys not verify the Irp-UserBuffer address. The virus code will restore all of the kernel SSDT hook include "stdafx. h" include "windows. h" enum SystemModuleInformation = 1 1 ; typedef struct ULONG Unknown1; ULONG...
Rising AntiVirus 2008/2009/2010 Local Privilege Escalation Exploit
RsNtGdi.sys not verify the Irp-UserBuffer address. Exploit code will restore all of the kernel SSDT hook Rising AntiVirus 2008 / 2009 / 2010 none include "stdafx.h" include "windows.h" enum SystemModuleInformation = 11 ; typedef struct ULONG Unknown1; ULONG Unknown2; PVOID Base; ULONG Size; ULONG...