10 matches found
Solaris EXTREMEPARR dtappgather Privilege Escalation
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Solaris 'EXTREMEPARR' dtappgather Privilege Escalation", 'Description' = %q This module exploits a directory traversal vulnerability in the...
Solaris 'EXTREMEPARR' dtappgather Privilege Escalation
This module exploits a directory traversal vulnerability in the dtappgather executable included with Common Desktop Environment CDE on unpatched Solaris systems prior to Solaris 10u11 which allows users to gain root privileges. dtappgather allows users to create a user-owned directory at any...
CVE-2017-3622
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: Common Desktop Environment CDE. The supported version that is affected is 10. Easily "exploitable" vulnerability allows low privileged attacker with logon to the infrastructure where Solaris executes to...
CVE-2017-3622
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: Common Desktop Environment CDE. The supported version that is affected is 10. Easily "exploitable" vulnerability allows low privileged attacker with logon to the infrastructure where Solaris executes to...
CVE-2017-3622
CVE-2017-3622 originally describes a local privilege-escalation in Solaris CDE (EXTREMEPARR) affecting Solaris 10; the related exploitability details show a directory-traversal in dtappgather that allows a local user to create a user-owned directory and, via loading a shared object, gain root pri...
CVE-2017-3622
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: Common Desktop Environment CDE. The supported version that is affected is 10. Easily "exploitable" vulnerability allows low privileged attacker with logon to the infrastructure where Solaris executes to...
Record Oracle Patch Update Addresses ShadowBrokers, Struts 2 Vulnerabilities
Oracle released its biggest Critical Patch Update ever on Tuesday, and with it came added urgency in the form of patches for the Solaris vulnerabilities exposed by the ShadowBrokers last week, as well as the recent Apache Struts 2 vulnerability, also under public attack. In all, Oracle admins hav...
Solaris x86 / SPARC EXTREMEPARR dtappgather Privilege Escalation
!/bin/ksh Exploit PoC reverse engineered from EXTREMEPARR which provides local root on Solaris 7 - 11 x86 & SPARC. Uses a environment variable of setuid binary dtappgather to manipulate file permissions and create a user owned directory anywhere on the system as root. Can then add a shared object...
Solaris 7 - 11 (x86 & SPARC) - EXTREMEPARR dtappgather Privilege Escalation Exploit
Exploit for solaris platform in category local exploits !/bin/ksh Exploit PoC reverse engineered from EXTREMEPARR which provides local root on Solaris 7 - 11 x86 & SPARC. Uses a environment variable of setuid binary dtappgather to manipulate file permissions and create a user owned directory...
Solaris 7 < 11 (SPARC/x86) - 'EXTREMEPARR' dtappgather Privilege Escalation
!/bin/ksh Exploit PoC reverse engineered from EXTREMEPARR which provides local root on Solaris 7 - 11 x86 & SPARC. Uses a environment variable of setuid binary dtappgather to manipulate file permissions and create a user owned directory anywhere on the system as root. Can then add a shared object...