UPX denial of service vulnerability

UPX is an executable file compressor. A security vulnerability exists in the 'PackLinuxElf64::unpack' function of the plxelf.cpp file in UPX version 3.95. A remote attacker can exploit this vulnerability to cause a denial of service double release with the help of specially crafted files...

Design/Logic Flaw

Without quotation marks, any whitespace in the file path for Rockwell Automation FactoryTalk Activation version 4.00.02 remains ambiguous, which may allow an attacker to link to or run a malicious executable. This may allow an authorized, but not privileged local user to execute arbitrary code wi...

2345 Security Guard Process Protection Bypass Vulnerability

2345 Security Guard is a set of computer security protection software from China's 2345 Corporation. A process protection bypass vulnerability exists in 2345MPCSafe.exe, 2345SafeTray.exe, and 2345Speedup.exe in 2345 Security Guard 3.7.0, which occurs because mouseevent is not properly considered...

2345 Security Guard Security Bypass Vulnerability

2345 Security Guard is a set of computer security protection software from China's 2345 Corporation. A security vulnerability exists in the 2345MPCSafe.exe, 2345SafeTray.exe, and 2345Speedup.exe files in 2345 Security Guard version 3.7.0. A local attacker can exploit this vulnerability to bypass...

kernel: Missing permission check in move_pages system call

The movepages system call in mm/migrate.c in the Linux kernel doesn't check the effective uid of the target process. This enables a local attacker to learn the memory layout of a setuid executable allowing mitigation of ASLR...

Malicious Process Detection: Authenticode Microsoft Manufacturer

Binary data wmimalwareauthenticodemanufacturermicrosoft.nbin...

glibc $ORIGIN Expansion Privilege Escalation Exploit

This Metasploit module attempts to gain root privileges on Linux systems by abusing a vulnerability in the GNU C Library glibc dynamic linker. glibc ld.so in versions before 2.11.3, and 2.12.x before 2.12.2 does not properly restrict use of the LDAUDIT environment variable when loading setuid...

glibc LD_AUDIT Arbitrary DSO Load Privilege Escalation

This module attempts to gain root privileges on Linux systems by abusing a vulnerability in the GNU C Library glibc dynamic linker. glibc ld.so in versions before 2.11.3, and 2.12.x before 2.12.2 does not properly restrict use of the LDAUDIT environment variable when loading setuid executables...

Fedora 27 : fedpkg / rpkg (2017-9cac2b8b4a)

Update - Fixed chain-build - Remove hard dependency of bash-completion from fedpkg rpkg - Ignore TestModulesCli if openidc-client is unavailable cqi - Port mbs-build to rpkg mprahl - Add .vscode to .gitignore mprahl - Fix TestPatch.testrediff in order to run with old version of mock cqi - Allow t...

CVE-2017-1000455

GuixSD prior to Git commit 5e66574a128937e7f2fcf146d146225703ccfd5d used POSIX hard links incorrectly, leading the creation of setuid executables in "the store", violating a fundamental security assumption of GNU Guix...

CVE-2017-1000455

GuixSD prior to Git commit 5e66574a128937e7f2fcf146d146225703ccfd5d used POSIX hard links incorrectly, leading the creation of setuid executables in "the store", violating a fundamental security assumption of GNU Guix...

Design/Logic Flaw

GuixSD prior to Git commit 5e66574a128937e7f2fcf146d146225703ccfd5d used POSIX hard links incorrectly, leading the creation of setuid executables in "the store", violating a fundamental security assumption of GNU Guix...

CVE-2017-1000455

CVE-2017-1000455 affects GuixSD prior to Git commit 5e66574a128937e7f2fcf146d146225703ccfd5d. The root cause is incorrect use of POSIX hard links, which allowed creation of setuid executables in the /gnu/store, violating a core security assumption of GNU Guix. The connected records reiterate the ...

CVE-2017-1000455

GuixSD prior to Git commit 5e66574a128937e7f2fcf146d146225703ccfd5d used POSIX hard links incorrectly, leading the creation of setuid executables in "the store", violating a fundamental security assumption of GNU Guix...

PT-2017-14606 · Upx +1 · Upx +1

Name of the Vulnerable Software and Affected Versions: UPX version 3.94 Description: The issue allows remote attackers to cause a denial of service, resulting in invalid memory access and application crash, or possibly have other unspecified impacts via a crafted Mach-O file. This is related to t...

Using ILSpy to analyze a small adware file

My curiosity was triggered when the telemetry of our heuristic scanner started showing a multitude of reports about a small file called grandfather.exe, so I went out to grab a copy and have a look at it. As you can probably tell from some of the detection names at Virustotal, this is a MSIL...

CVE-2017-12728

An Improper Privilege Management issue was discovered in SpiderControl SCADA Web Server Version 2.02.0007 and prior. Authenticated, non-administrative local users are able to alter service executables with escalated privileges, which could allow an attacker to execute arbitrary code under the...

Input validation

An Improper Privilege Management issue was discovered in SpiderControl SCADA Web Server Version 2.02.0007 and prior. Authenticated, non-administrative local users are able to alter service executables with escalated privileges, which could allow an attacker to execute arbitrary code under the...

RedHat Update for kernel RHSA-2017:2795-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2015-6971

Summary of CVE-2015-6971 : Lenovo System Update (formerly ThinkVantage System Update) before 5.07.0013 allows a local attacker to submit commands to the SUService.exe and escalate privileges by launching signed Lenovo executables. The root cause is flaws in the security token authentication proce...