[SE-2014-02] Google App Engine Java security sandbox bypasses (details)

Hello All, Details of our SE-2014-02 project have been released to the public. A technical writeup and accompanying Proof of Concept codes can be found at the following location: http://www.security-explorations.com/en/SE-2014-02-details.html In case of Google App Engine for Java, its first layer...

Microsoft Schannel Vulnerable to FREAK

Microsoft today issued an advisory warning Windows users that Secure Channel, or Schannel, the Windows implementation of SSL/TLS, is vulnerable to the FREAK attack. Disclosed this week, FREAK CVE-2015-1637 is the latest big Internet bug. It affects a number of SSL clients, including OpenSSL, and...

qemu: vnc: insufficient bits_per_pixel from the client sanitization

An uninitialized data structure use flaw was found in the way the setpixelformat function sanitized the value of bitsperpixel. An attacker able to access a guest's VNC console could use this flaw to crash the guest...

CVE-2015-0633

The Integrated Management Controller IMC in Cisco Unified Computing System UCS 1.47h and earlier on C-Series servers allows remote attackers to bypass intended access restrictions by sending crafted DHCP response packets on the local network, aka Bug ID CSCuf52876...

Cisco Unified Computing System C-Series DHCP Message Handling Denial of Service Vulnerability

The Cisco Unified Computing System simplifies IT management and improves agility by integrating unified computing, networking, storage access and virtualization into a single system. The centralized management controller of the Cisco Unified Computing System Standalone failed to properly validate...

Creaking Patch Tuesday's Viability Rests with Quality, Speed

Today is Patch Tuesday, the 11-year-old procession of security bulletins from Microsoft streamed out automatically to consumers of Windows Update, and pulled en masse by enterprise admins worldwide needing to test each for compatibility. This is how it’s been done since shortly after Bill Gates’...

CVE-2014-9643

K7Sentry.sys in K7 Computing Ultimate Security, Anti-Virus Plus, and Total Security before 14.2.0.253 allows local users to write to arbitrary memory locations, and consequently gain privileges, via a crafted 0x95002570, 0x95002574, 0x95002580, 0x950025a8, 0x950025ac, or 0x950025c8 IOCTL call...

Memory corruption

K7Sentry.sys in K7 Computing Ultimate Security, Anti-Virus Plus, and Total Security before 14.2.0.253 allows local users to write to arbitrary memory locations, and consequently gain privileges, via a crafted 0x95002570, 0x95002574, 0x95002580, 0x950025a8, 0x950025ac, or 0x950025c8 IOCTL call...

CVE-2014-9643

CVE-2014-9643 affects K7 Computing products (Ultimate Security, Anti-Virus Plus, Total Security) and their K7Sentry.sys driver prior to version 14.2.0.253. A local privilege-escalation exists via crafted IOCTL calls (0x95002570, 0x95002574, 0x95002580, 0x950025a8, 0x950025ac, 0x950025c8) that all...

CVE-2014-9643

K7Sentry.sys in K7 Computing Ultimate Security, Anti-Virus Plus, and Total Security before 14.2.0.253 allows local users to write to arbitrary memory locations, and consequently gain privileges, via a crafted 0x95002570, 0x95002574, 0x95002580, 0x950025a8, 0x950025ac, or 0x950025c8 IOCTL call...

Cisco Unified Computing System on C-Series Rack Servers Cross-Frame Scripting Vulnerability

The Cisco Unified Computing System is an all-in-one platform for computing, virtualization, and networking. A cross-framework scripting vulnerability in Cisco Unified Computing System on C-Series Rack Servers allows attackers to hijack an attack via crafted website behavior...

K7 Computing 14.2.0.240 Privilege Escalation

/ Exploit Title - K7 Computing Multiple Products Arbitrary Write Privilege Escalation Date - 04th February 2015 Discovered by - Parvez Anwar @parvezghh Vendor Homepage - http://www.k7computing.co.uk/ Tested Version - 14.2.0.240 Driver Version - 12.8.0.104 - K7Sentry.sys Tested on OS - 32bit Windo...

Arbitrary Write Privilege Elevation Vulnerability in Various K7 Computing Products

K7 Computing is an antivirus program. An arbitrary write elevation of privilege vulnerability exists in several K7 Computing products that allows a local user to write to arbitrary memory locations and gain elevated privileges by crafting 0x95002570, 0x95002574, 0x95002580, 0x950025a8, 0x950025ac...

K7 Computing (Multiple Products) - Arbitrary Write Privilege Escalation

K7 Computing Multiple Products - Arbitrary Write Privilege Escalation / Exploit Title - K7 Computing Multiple Products Arbitrary Write Privilege Escalation Date - 04th February 2015 Discovered by - Parvez Anwar @parvezghh Vendor Homepage - http://www.k7computing.co.uk/ Tested Version - 14.2.0.240...

K7 Computing Multiple Products Arbitrary Write Privilege Escalation Exploit

Exploit for windows platform in category local exploits / Exploit Title - K7 Computing Multiple Products Arbitrary Write Privilege Escalation Date - 04th February 2015 Discovered by - Parvez Anwar @parvezghh Vendor Homepage - http://www.k7computing.co.uk/ Tested Version - 14.2.0.240 Driver Versio...

K7 Computing (Multiple Products) - Arbitrary Write Privilege Escalation

/ Exploit Title - K7 Computing Multiple Products Arbitrary Write Privilege Escalation Date - 04th February 2015 Discovered by - Parvez Anwar @parvezghh Vendor Homepage - http://www.k7computing.co.uk/ Tested Version - 14.2.0.240 Driver Version - 12.8.0.104 - K7Sentry.sys Tested on OS - 32bit...

CVE-2015-0599

The web interface in Cisco Integrated Management Controller in Cisco Unified Computing System UCS on C-Series Rack Servers does not properly restrict use of IFRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks and unspecified other attacks via a crafted web...

libvncserver: server stacked-based buffer overflow flaws in file transfer handling

Two stack-based buffer overflow flaws were found in the way LibVNCServer handled file transfers. A remote attacker could use this flaw to crash the VNC server using a malicious VNC client...

K7 Ultimate Security Privilege Escalation Vulnerabilities (Feb 2015) - Windows

K7 Ultimate Security is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Microsoft Shuts Down Patch Tuesday Advanced Notifications

Microsoft today pulled the plug on its Advanced Notification Service ANS, offering it going forward only to paying Premier customers. ANS preceded the release of Microsoft’s monthly Patch Tuesday security bulletins; on the Thursday prior, Microsoft would provide users via its security website a...