Lucene search
K

459 matches found

packetstorm
packetstorm
added 2020/04/17 12:0 a.m.142 views

Common Desktop Environment 1.6 Local Privilege Escalation

@Mediaservice.net Security Advisory 2020-05 last updated on 2020-04-15 Title: Local privilege escalation via CDE sdtcmconvert Application: Common Desktop Environment 1.6 and earlier Platforms: Oracle Solaris 10 1/13 Update 11 and earlier Other platforms are potentially affected see below...

7.2CVSS0.8AI score0.01802EPSS
Exploits5
nessus
nessus
added 2020/04/14 12:0 a.m.36 views

Solaris 10 (x86) : 125280-09

CDE 1.6x86: dtsession patch. Date this patch was last updated by Sun : Apr/13/20 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'compat.inc'; if description scriptid135441; scriptversion"1.5";...

7.8CVSS7.8AI score0.0056EPSS
Exploits3References3
nessus
nessus
added 2020/04/14 12:0 a.m.49 views

Solaris 10 (sparc) : 125279-09

CDE 1.6: dtsession patch. Date this patch was last updated by Sun : Apr/13/20 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'compat.inc'; if description scriptid135435; scriptversion"1.5";...

7.8CVSS7.8AI score0.0056EPSS
Exploits3References3
zdt
zdt
added 2020/01/19 12:0 a.m.178 views

Common Desktop Environment 2.3.1 Buffer Overflow Exploit

A buffer overflow in the CheckMonitor function in the Common Desktop Environment 2.3.1 and earlier and 1.6 and earlier, as distributed with Oracle Solaris 10 1/13 Update 11 and earlier, allows local users to gain root privileges via a long palette name passed to dtsession in a malicious .Xdefault...

8.8CVSS0.6AI score0.00643EPSS
Exploits7
packetstorm
packetstorm
added 2020/01/17 12:0 a.m.216 views

Common Desktop Environment 2.3.1 Buffer Overflow

@Mediaservice.net Security Advisory 2020-02 last updated on 2020-01-15 Title: Local privilege escalation via CDE dtsession Application: Common Desktop Environment 2.3.1 and earlier Common Desktop Environment 1.6 and earlier Platforms: Oracle Solaris 10 1/13 Update 11 and earlier Other platforms a...

0.2AI score0.00643EPSS
Exploits7
nessus
nessus
added 2020/01/15 12:0 a.m.33 views

Solaris 10 (x86) : 125280-07

CDE 1.6x86: dtsession patch. Date this patch was last updated by Sun : Jan/13/20 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include"compat.inc"; if description scriptid132898; scriptversion"1.2"; scriptcvsdate"Date:...

7.2CVSS7.6AI score0.00478EPSS
Exploits0References2
nessus
nessus
added 2020/01/15 12:0 a.m.28 views

Solaris 10 (sparc) : 125279-07

CDE 1.6: dtsession patch. Date this patch was last updated by Sun : Jan/13/20 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include"compat.inc"; if description scriptid132891; scriptversion"1.2"; scriptcvsdate"Date:...

7.2CVSS7.6AI score0.00478EPSS
Exploits0References2
freebsd
freebsd
added 2020/01/15 12:0 a.m.23 views

x11/cde -- Local privilege escalation via CDE dtsession

Marco Ivaldi marco.ivaldi mediaservice net reports: A buffer overflow in the CheckMonitor function in the Common Desktop Environment 2.3.1 and earlier and 1.6 and earlier, as distributed with Oracle Solaris 10 1/13 Update 11 and earlier, allows local users to gain root privileges via a long palet...

8.8CVSS5.8AI score0.00643EPSS
Exploits7References1
nessus
nessus
added 2020/01/15 12:0 a.m.43 views

Solaris 10 (sparc) : 124393-13

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: CDE Calendar. Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows unauthenticated attacker with network access via TCP to compromise Solaris. Successful attacks of thi...

10CVSS8.3AI score0.03682EPSS
Exploits0References2
exploitpack
exploitpack
added 2019/05/20 12:0 a.m.39 views

Solaris 789 (SPARC) - dtprintinfo Local Privilege Escalation (2)

Solaris 789 SPARC - dtprintinfo Local Privilege Escalation 2 / raptordtprintnamesparc2.c - dtprintinfo 0day, Solaris/SPARC Copyright c 2004-2019 Marco Ivaldi 0day buffer overflow in the dtprintinfo1 CDE Print Viewer, leading to local root. Many thanks to Dave Aitel for discovering this...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2019/05/20 12:0 a.m.26 views

Solaris 10 113 (Intel) - dtprintinfo Local Privilege Escalation

Solaris 10 113 Intel - dtprintinfo Local Privilege Escalation / raptordtprintnameintel.c - dtprintinfo 0day, Solaris/Intel Copyright c 2004-2019 Marco Ivaldi 0day buffer overflow in the dtprintinfo1 CDE Print Viewer, leading to local root. Many thanks to Dave Aitel for discovering this...

0.5AI score
Exploits0
exploitdb
exploitdb
added 2019/05/20 12:0 a.m.124 views

Solaris 10 1/13 (Intel) - 'dtprintinfo' Local Privilege Escalation (1)

/ raptordtprintnameintel.c - dtprintinfo 0day, Solaris/Intel Copyright c 2004-2019 Marco Ivaldi 0day buffer overflow in the dtprintinfo1 CDE Print Viewer, leading to local root. Many thanks to Dave Aitel for discovering this vulnerability and for his interesting research activities on...

7.4AI score
Exploits0
zdt
zdt
added 2019/05/20 12:0 a.m.226 views

Solaris 7/8/9 (#SPARC) - (dtprintinfo) Local Privilege Escalation (1) Exploit

Exploit for solaris platform in category local exploits / raptordtprintnamesparc.c - dtprintinfo 0day, Solaris/SPARC Copyright c 2004-2019 Marco Ivaldi 0day buffer overflow in the dtprintinfo1 CDE Print Viewer, leading to local root. Many thanks to Dave Aitel for discovering this vulnerability an...

0.4AI score
Exploits0
exploitdb
exploitdb
added 2019/05/20 12:0 a.m.224 views

Solaris 7/8/9 (SPARC) - 'dtprintinfo' Local Privilege Escalation (2)

/ raptordtprintnamesparc2.c - dtprintinfo 0day, Solaris/SPARC Copyright c 2004-2019 Marco Ivaldi 0day buffer overflow in the dtprintinfo1 CDE Print Viewer, leading to local root. Many thanks to Dave Aitel for discovering this vulnerability and for his interesting research activities on...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/09/25 12:0 a.m.35 views

Solaris - 'EXTREMEPARR' dtappgather Privilege Escalation (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Solaris 'EXTREMEPARR' dtappgather Privilege Escalation", 'Description' = %q This module exploits a directory traversal vulnerability in the...

7.8CVSS7.4AI score0.05382EPSS
Exploits4
zdt
zdt
added 2018/09/25 12:0 a.m.113 views

Solaris EXTREMEPARR dtappgather Privilege Escalation Exploit

This Metasploit module exploits a directory traversal vulnerability in the dtappgather executable included with Common Desktop Environment CDE on unpatched Solaris systems prior to Solaris 10u11 which allows users to gain root privileges. dtappgather allows users to create a user-owned directory ...

7.8CVSS0.2AI score0.05382EPSS
Exploits4
packetstorm
packetstorm
added 2018/09/25 12:0 a.m.118 views

Solaris EXTREMEPARR dtappgather Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Solaris 'EXTREMEPARR' dtappgather Privilege Escalation", 'Description' = %q This module exploits a directory traversal vulnerability in the...

7.2CVSS0.7AI score0.05382EPSS
Exploits4
metasploit
metasploit
added 2018/09/18 7:23 a.m.53 views

Solaris 'EXTREMEPARR' dtappgather Privilege Escalation

This module exploits a directory traversal vulnerability in the dtappgather executable included with Common Desktop Environment CDE on unpatched Solaris systems prior to Solaris 10u11 which allows users to gain root privileges. dtappgather allows users to create a user-owned directory at any...

7.8CVSS7AI score0.05382EPSS
Exploits4
openbugbounty
openbugbounty
added 2018/06/27 10:39 p.m.6 views

cde-saare.de XSS vulnerability

Open Bug Bounty ID: OBB-637794 Description| Value ---|--- Affected Website:| cde-saare.de Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Other Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
ibm
ibm
added 2018/06/16 1:6 p.m.21 views

Security Bulletin: Unauthorized Access to user data vulnerability in DB2 during certain LOAD operations (CVE-2014-4805)

Summary During certain LOAD operations into Columnar Data Engine CDE tables, a temporary file containing user data may be created at the DB2 server. As the file only exists for the duration of the LOAD operation and is automatically removed on completion both success and error, the vulnerability...

2.1CVSS6AI score0.00382EPSS
Exploits0Affected Software1
Rows per page
Query Builder