1575 matches found
Mercurial Custom hg-ssh Wrapper Remote Code Execution Exploit
This Metasploit module takes advantage of custom hg-ssh wrapper implementations that don't adequately validate parameters passed to the hg binary, allowing users to trigger a Python Debugger session, which allows arbitrary Python code execution. This module requires Metasploit:...
Mercurial Custom hg-ssh Wrapper Remote Code Execution
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Mercurial Custom hg-ssh Wrapper Remote Code Exec", 'Description' = %q This module takes advantage of custom hg-ssh wrapper implementations that...
Internet Bug Bounty: Mercurial can be tricked into granting authorized users access to the Python debugger
I reported this bug privately to Mercurial and they produced an out of band release to fix the bug here: https://www.mercurial-scm.org/wiki/WhatsNewMercurial4.1.3.282017-4-18.29 I produced a very detailed proof of concept with a Metasploit exploit module, which can be seen publicly here:...
Mercurial Custom hg-ssh Wrapper Remote Code Exec
This module takes advantage of custom hg-ssh wrapper implementations that don't adequately validate parameters passed to the hg binary, allowing users to trigger a Python Debugger session, which allows arbitrary Python code execution. This module requires Metasploit: https://metasploit.com/downlo...
Windows Kernel stack memory disclosure in win32kfull!SfnINLPUAHDRAWMENUITEM (CVE-2017-0167)
We have discovered that it is possible to disclose portions of uninitialized kernel stack memory to user-mode applications in Windows 10 indirectly through the win32k! NtUserPaintMenuBar system call, or more specifically, through the user32! fnINLPUAHDRAWMENUITEM user-mode callback 107 on Windows...
DEBIAN-CVE-2017-2377
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves the "WebKit Web Inspector" component. It allows attackers to cause a denial of service memory corruption and application crash by leveraging a window-close action...
CVE-2017-2377
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves the "WebKit Web Inspector" component. It allows attackers to cause a denial of service memory corruption and application crash by leveraging a window-close action...
CVE-2017-2377
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves the "WebKit Web Inspector" component. It allows attackers to cause a denial of service memory corruption and application crash by leveraging a window-close action...
UBUNTU-CVE-2017-2377
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves the "WebKit Web Inspector" component. It allows attackers to cause a denial of service memory corruption and application crash by leveraging a window-close action...
Sync Breeze Enterprise 9.5.16 - 'GET' Remote Buffer Overflow (SEH)
!/usr/bin/env python Exploit Title: Sync Breeze Enterprise v9.5.16 - Remote buffer overflow SEH Date: 2017-03-29 Exploit Author: Daniel Teixeira Vendor Homepage: http://syncbreeze.com Software Link: http://www.syncbreeze.com/setups/syncbreezeentsetupv9.5.16.exe Version: 9.5.16 Tested on: Windows ...
DEBIAN-CVE-2017-5206
Firejail before 0.9.44.4, when running on a Linux kernel before 4.8, allows context-dependent attackers to bypass a seccomp-based sandbox protection mechanism via the --allow-debuggers argument...
Disk Sorter Enterprise 9.5.12 Buffer Overflow
!/usr/bin/env python Exploit Title: DiskSorter Enterprise 9.5.12 - 'GET' Remote buffer overflow SEH Date: 2017-03-22 Exploit Author: Daniel Teixeira Author Homepage: www.danielteixeira.com Vendor Homepage: http://www.disksorter.com Software Link:...
gdbgui - A browser-based frontend/gui for GDB
A modern, browser-based frontend to gdb gnu debugger. Add breakpoints, view stack traces, and more in C, C++, Go, and Rust! Simply run gdbgui from the terminal and a new tab will open in your browser. Install sudo pip install gdbgui --upgrade Since gdbgui is under active development, consider...
Google Nexus Kernel FIQ Debugger Elevation of Privilege Vulnerability
Android on Nexus 9 is a Linux-based open source operating system for the Nexus 9 tablet developed by Google and the Open Handheld Alliance OHA. kernel FIQ debugger is one of the kernel debugger components. A security vulnerability exists in the kernel FIQ debugger in Android on Nexus 9 devices. A...
Nexus 9 With Malicious Headphones Vulnerability
Nexus 9 running Android version 7.1.1 build N4F26Q and below allows unauthorized access to the FIQ debugger via its headphones jack, which allows for information theft, weakening of ASLR, leaking of stack canaries, and more. Title: Attacking Nexus 9 with Malicious Headphones Identifier:...
Google Nexus 9 Unauthorized Access to FIQ Debugger(CVE-2017-0510)
Nexus 9 allows unauthorized access to the FIQ debugger via its headphones jack. This allows for sensitive information theft, via malicious headphones, out of any process. Moreover it allows the adversary to reboot the device into HBOOT, which may aid in further exploitation such as accessing...
CVE-2017-0510
An elevation of privilege vulnerability in the kernel FIQ debugger could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the...
Privilege escalation
An elevation of privilege vulnerability in the kernel FIQ debugger could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the...
CVE-2017-0510
CVE-2017-0510 describes an elevation-of-privilege vulnerability in the Android kernel FIQ debugger that could allow a local malicious app to execute code in kernel context. Affected: Android on Kernel-3.10 (Nexus 9 cited). Impact: potential local permanent device compromise requiring OS reflashin...
CVE-2017-0510
An elevation of privilege vulnerability in the kernel FIQ debugger could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the...