459 matches found
Common Desktop Environment 1.6 Local Privilege Escalation
@Mediaservice.net Security Advisory 2020-05 last updated on 2020-04-15 Title: Local privilege escalation via CDE sdtcmconvert Application: Common Desktop Environment 1.6 and earlier Platforms: Oracle Solaris 10 1/13 Update 11 and earlier Other platforms are potentially affected see below...
Solaris 10 (x86) : 125280-09
CDE 1.6x86: dtsession patch. Date this patch was last updated by Sun : Apr/13/20 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'compat.inc'; if description scriptid135441; scriptversion"1.5";...
Solaris 10 (sparc) : 125279-09
CDE 1.6: dtsession patch. Date this patch was last updated by Sun : Apr/13/20 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'compat.inc'; if description scriptid135435; scriptversion"1.5";...
Common Desktop Environment 2.3.1 Buffer Overflow Exploit
A buffer overflow in the CheckMonitor function in the Common Desktop Environment 2.3.1 and earlier and 1.6 and earlier, as distributed with Oracle Solaris 10 1/13 Update 11 and earlier, allows local users to gain root privileges via a long palette name passed to dtsession in a malicious .Xdefault...
Common Desktop Environment 2.3.1 Buffer Overflow
@Mediaservice.net Security Advisory 2020-02 last updated on 2020-01-15 Title: Local privilege escalation via CDE dtsession Application: Common Desktop Environment 2.3.1 and earlier Common Desktop Environment 1.6 and earlier Platforms: Oracle Solaris 10 1/13 Update 11 and earlier Other platforms a...
Solaris 10 (x86) : 125280-07
CDE 1.6x86: dtsession patch. Date this patch was last updated by Sun : Jan/13/20 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include"compat.inc"; if description scriptid132898; scriptversion"1.2"; scriptcvsdate"Date:...
Solaris 10 (sparc) : 125279-07
CDE 1.6: dtsession patch. Date this patch was last updated by Sun : Jan/13/20 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include"compat.inc"; if description scriptid132891; scriptversion"1.2"; scriptcvsdate"Date:...
x11/cde -- Local privilege escalation via CDE dtsession
Marco Ivaldi marco.ivaldi mediaservice net reports: A buffer overflow in the CheckMonitor function in the Common Desktop Environment 2.3.1 and earlier and 1.6 and earlier, as distributed with Oracle Solaris 10 1/13 Update 11 and earlier, allows local users to gain root privileges via a long palet...
Solaris 10 (sparc) : 124393-13
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: CDE Calendar. Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows unauthenticated attacker with network access via TCP to compromise Solaris. Successful attacks of thi...
Solaris 789 (SPARC) - dtprintinfo Local Privilege Escalation (2)
Solaris 789 SPARC - dtprintinfo Local Privilege Escalation 2 / raptordtprintnamesparc2.c - dtprintinfo 0day, Solaris/SPARC Copyright c 2004-2019 Marco Ivaldi 0day buffer overflow in the dtprintinfo1 CDE Print Viewer, leading to local root. Many thanks to Dave Aitel for discovering this...
Solaris 10 113 (Intel) - dtprintinfo Local Privilege Escalation
Solaris 10 113 Intel - dtprintinfo Local Privilege Escalation / raptordtprintnameintel.c - dtprintinfo 0day, Solaris/Intel Copyright c 2004-2019 Marco Ivaldi 0day buffer overflow in the dtprintinfo1 CDE Print Viewer, leading to local root. Many thanks to Dave Aitel for discovering this...
Solaris 10 1/13 (Intel) - 'dtprintinfo' Local Privilege Escalation (1)
/ raptordtprintnameintel.c - dtprintinfo 0day, Solaris/Intel Copyright c 2004-2019 Marco Ivaldi 0day buffer overflow in the dtprintinfo1 CDE Print Viewer, leading to local root. Many thanks to Dave Aitel for discovering this vulnerability and for his interesting research activities on...
Solaris 7/8/9 (#SPARC) - (dtprintinfo) Local Privilege Escalation (1) Exploit
Exploit for solaris platform in category local exploits / raptordtprintnamesparc.c - dtprintinfo 0day, Solaris/SPARC Copyright c 2004-2019 Marco Ivaldi 0day buffer overflow in the dtprintinfo1 CDE Print Viewer, leading to local root. Many thanks to Dave Aitel for discovering this vulnerability an...
Solaris 7/8/9 (SPARC) - 'dtprintinfo' Local Privilege Escalation (2)
/ raptordtprintnamesparc2.c - dtprintinfo 0day, Solaris/SPARC Copyright c 2004-2019 Marco Ivaldi 0day buffer overflow in the dtprintinfo1 CDE Print Viewer, leading to local root. Many thanks to Dave Aitel for discovering this vulnerability and for his interesting research activities on...
Solaris - 'EXTREMEPARR' dtappgather Privilege Escalation (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Solaris 'EXTREMEPARR' dtappgather Privilege Escalation", 'Description' = %q This module exploits a directory traversal vulnerability in the...
Solaris EXTREMEPARR dtappgather Privilege Escalation Exploit
This Metasploit module exploits a directory traversal vulnerability in the dtappgather executable included with Common Desktop Environment CDE on unpatched Solaris systems prior to Solaris 10u11 which allows users to gain root privileges. dtappgather allows users to create a user-owned directory ...
Solaris EXTREMEPARR dtappgather Privilege Escalation
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Solaris 'EXTREMEPARR' dtappgather Privilege Escalation", 'Description' = %q This module exploits a directory traversal vulnerability in the...
Solaris 'EXTREMEPARR' dtappgather Privilege Escalation
This module exploits a directory traversal vulnerability in the dtappgather executable included with Common Desktop Environment CDE on unpatched Solaris systems prior to Solaris 10u11 which allows users to gain root privileges. dtappgather allows users to create a user-owned directory at any...
cde-saare.de XSS vulnerability
Open Bug Bounty ID: OBB-637794 Description| Value ---|--- Affected Website:| cde-saare.de Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Other Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
Security Bulletin: Unauthorized Access to user data vulnerability in DB2 during certain LOAD operations (CVE-2014-4805)
Summary During certain LOAD operations into Columnar Data Engine CDE tables, a temporary file containing user data may be created at the DB2 server. As the file only exists for the duration of the LOAD operation and is automatically removed on completion both success and error, the vulnerability...