CCH Wolters Kluwer PFX Engagement 7.1 Privilege Escalation

Exploit Title: CCH Wolters Kluwer PFX Engagement Windows 8, 2003, 2008, 2012 CVE : 2014-9113 Product Affected: CCH Wolters Kluwer PFX Engagement = v7.1 This vulnerability has been reference checked this against multiple installs. This configuration was identical across all systems and each versio...

MINIX 3.3.0 Local Denial of Service PoC

No description provided by source. Exploit Title: MINIX 3.3.0 Local Denial of Service Exploit Author: nitr0us Vendor Homepage: www.minix3.org Software Link: http://www.minix3.org/download/index.html Version: 3.3.0 Tested on: MINIX 3.3.0 x86 Attached three PoCs malformed ELFs and a screenshot of t...

FBI to Open Up Malware Investigator Portal to External Researchers

SEATTLE–The FBI has developed an internal malware-analysis tool, somewhat akin to the systems used by antimalware companies, and plans to open the system up to external security researchers, academics and others. The system is known as Malware Investigator and is designed to allow FBI agents and...

SAMHAIN v3.1.2 - File Integrity Checker / Host-Based Intrusion Detection System

The Samhain host-based intrusion detection system HIDS provides file integrity checking and log file monitoring/analysis , as well as rootkit detection, port monitoring, detection of rogue SUID executables, and hidden processes. Samhain been designed to monitor multiple hosts with potentially...

M-TECH P-Synch 6.2.5 Path Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7740/info Reportedly an attacker may make a malicious HTTP request for specific P-Synch executables passing an empty URI parameter to trigger the condition. Although unconfirmed, it is likely that the request will cause...

Oracle 8 File Access Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/170/info A number of security file access security vulnerabilities in suid programs that are part of Oracle may be exploited to obtain the privileges of the 'oracle' user and full access to the database system. Only the...

QNX PPPoEd 2.4/4.25/6.2 Path Environment Variable Local Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/11105/info QNX PPoEd is reported prone to a problem that exists in the handling of paths to external executables that are employed by PPPoEd. Because of this, an attacker may be able to gain elevated privileges on a host...

Linux 2.4 Kernel execve() System Call Race Condition Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8042/info A race condition vulnerability has been discovered in the Linux execve system call, affecting the 2.4 kernel tree. The problem lies in the atomicity of placing a target executables file descriptor within the...

openSUSE Security Update : icinga (openSUSE-SU-2014:0069-1)

imported upstream version 1.10.2 - includes fix for possible denial of service in CGI executables: CVE-2013-7108 bnc856837 - core: Add an Icinga syntax plugin for Vim 4150 - LE/MF - core: Document dropped options logexternalcommandsuser and eventprofilingenabled 4957 - BA - core: type in spec...

Xilisoft Video Converter Ultimate Dll Hijacking Exploit (quserex.dll)

Exploit for windows platform in category dos / poc / Title: Xilisoft Video Converter Ultimate Dll Hijacking Exploit quserex.dll Version: 7.8.1 build-20140505 Previous versions might be vulnerable Tested on: Windows XP SP2 en Vendor: http://www.xilisoft.com/ Software Link:...

SuSE 11.3 Security Update : file (SAT Patch Number 9066)

The command line tool file1 and its library libmagic have been updated to fix the following issues : - file1 crashed when parsing some PE executables. CVE-2014-2270, bnc866750 - file1 did not set return code on non-existing files. bnc863450 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

CVE-2011-4089

The bzexe command in bzip2 1.0.5 and earlier generates compressed executables that do not properly handle temporary files during extraction, which allows local users to execute arbitrary code by precreating a temporary directory...

Ubuntu Update for php5 USN-2163-1

Check for the Version of php5 OpenVAS Vulnerability Test $Id: gbubuntuUSN21631.nasl 7957 2017-12-01 06:40:08Z santu $ Ubuntu Update for php5 USN-2163-1 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you...

USN-2163-1: PHP vulnerability

It was discovered that PHP's embedded libmagic library incorrectly handled PE executables. An attacker could use this issue to cause PHP to crash, resulting in a denial of service...

[ODA] Online Web Based Disassembler

ODA stands for Online DisAssembler. ODA is a general purpose machine code disassembler that supports a myriad of machine architectures. Built on the shoulders of libbfd and libopcodes part of binutils, ODA allows you to explore an executable by dissecting its sections, strings, symbols, raw hex,...

Sandbox Escape: Linux 3.4+: arbitrary write with CONFIG_X86_X32

asmlinkage long compatsysrecvmmsgint fd, struct compatmmsghdr user mmsg, unsigned int vlen, unsigned int flags, struct compattimespec user timeout int datagrams; struct timespec ktspec; if flags & MSGCMSGCOMPAT return -EINVAL; if COMPATUSE64BITTIME return sysrecvmmsgfd, struct mmsghdr user mmsg,...

SuSE 11.2 Security Update : glibc (SAT Patch Number 8335)

This update for glibc contains the following fixes : - Fix integer overflows in malloc. CVE-2013-4332, bnc839870 - Fix buffer overflow in glob. bnc691365 - Fix buffer overflow in strcoll. CVE-2012-4412, bnc779320 - Update mount flags in . bnc791928 - Fix buffer overrun in regexp matcher...

Reputation of Linux Executables: Never seen process(es)

Binary data linuxneverseenprocessbefore.nbin...

Reputation of macOS Executables: Never seen process(es)

Binary data macosxneverseenprocessbefore.nbin...

Reputation of Windows Executables: Never seen process(es)

Binary data neverseenprocessbefore.nbin...