PT-2022-4133 · Linux +9 · Linux Kernel +9

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the insecure management of privileges when loading the KGDB and KDB debugging tools in Linux kernel's Lockdown Mode. This could allow an attacker to bypass...

Finding Evil in Windows 10 Compressed Memory, Part Two: Virtual Store Deep Dive

Introduction This blog post is the second in a three-part series covering our Windows 10 memory forensics research and it coincides with our BlackHat USA 2019 presentation. In Part One of the series, we covered the integration of the research in both Volatily and Rekall memory forensics tools. We...

Microsoft Windows - nt!NtQueryInformationJobObject (BasicLimitInformation_ ExtendedLimitInformation) Kernel Stack Memory Disclosure

Microsoft Windows - nt!NtQueryInformationJobObject BasicLimitInformation ExtendedLimitInformation Kernel Stack Memory Disclosure / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1189&desc=2 We have discovered that the nt!NtQueryInformationJobObject system call corresponding to...

Android kernel FIQ debugger elevation of privilege vulnerability

Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA. kernel FIQ debugger is one of the kernel debugger components. An elevation of privilege vulnerability exists in the kernel FIQ debugger in Android. An attacker can exploit this...

Windows Kernel stack memory disclosure in win32kfull!SfnINLPUAHDRAWMENUITEM (CVE-2017-0167)

We have discovered that it is possible to disclose portions of uninitialized kernel stack memory to user-mode applications in Windows 10 indirectly through the win32k! NtUserPaintMenuBar system call, or more specifically, through the user32! fnINLPUAHDRAWMENUITEM user-mode callback 107 on Windows...

A Shadow of our Former Self

Posted by James Forshaw of Google Project Zero “Necessity is the Mother of Invention” as it’s said, and this is no more true than when looking for and exploiting security vulnerabilities. When new exploit mitigations are introduced, either a way of bypassing the mitigation is needed or an...

[Windbgshark] Windbg extension for VM traffic manipulation and analysis

This project includes an extension for the windbg debugger as well as a driver code, which allow you to manipulate the virtual machine network traffic and to integrate the wireshark protocol analyzer with the windbg commands. The motivation of this work came from the intention to find a handy...

Look n stop 0day Local Dos

Exploit for windows platform in category dos / poc include include include include include / Program : Look 'n' Stop 2.06p4 / 2.07 6.0.2900.5512 Homepage : http://www.looknstop.com Discovery : 2009/11/08 Author Contacted : 2010/07/15 ... no reply Found by : Heurs This Advisory : Heurs Contact :...

Look N Stop 2.06p4 / 2.07 Denial Of Service

include include include include include / Program : Look 'n' Stop 2.06p4 / 2.07 6.0.2900.5512 Homepage : http://www.looknstop.com Discovery : 2009/11/08 Author Contacted : 2010/07/15 ... no reply Found by : Heurs This Advisory : Heurs Contact : [email protected] //----- Application descripti...

Look n stop - Local Denial of Service

Look n stop - Local Denial of Service include include include include include / Program : Look 'n' Stop 2.06p4 / 2.07 6.0.2900.5512 Homepage : http://www.looknstop.com Discovery : 2009/11/08 Author Contacted : 2010/07/15 ... no reply Found by : Heurs This Advisory : Heurs Contact :...

Plan 9 Kernel - 'devenv.c OTRUNC/pwrite' Local Privilege Escalation

/ !!! DO NOT DISTRIBUTE !!! / / identity theft this exploit uses my devenv.c OTRUNC/pwrite vulnerability to overwrite specific kernel addresses to help elevate our privileges. this exploit is very picky, so you must understand the plan9 kernel and know what you are doing, though a best-practice...

CVE-2006-3782

The CVE-2006-3782 entry describes an unspecified vulnerability in the Solaris 10 kernel debugger (kmdb) when running on x86, enabling local users to cause a denial of service (system hang). Vulnerable component: kmdb in Solaris 10 on x86. Impact is DoS with local access; no remote access required...

CVE-2006-3782

Unspecified vulnerability in the kernel debugger kmdb in Sun Solaris 10, when running on x86, allows local users to cause a denial of service system hang via unspecified vectors...