Oracle: Security Advisory (ELSA-2014-3047)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Hacking Team attack code analysis Part5 Adobe Font Driver kernel privilege elevation vulnerability the second bomb+Win32k KALSR bypass vulnerability-vulnerability warning-the black bar safety net

0x01 vulnerability principle analysis: By simply browsing attack code, we know the attack code used a Win32k. sys in the KASLR bypass vulnerability get the Win32k base, and organize the ROP chain, at the same time, load a font filefont-data. binto use the font driver vulnerability, trigger the RO...

CVE-2014-9710

The Btrfs implementation in the Linux kernel before 3.19 does not ensure that the visible xattr state is consistent with a requested replacement, which allows local users to bypass intended ACL settings and gain privileges via standard filesystem operations 1 during an xattr-replacement time...

Ubuntu: Security Advisory (USN-2588-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

DRAM Rowhammer vulnerability Leads to Kernel Privilege Escalation

Security researchers have find out ways to hijack the Intel-compatible PCs running Linux by exploiting the physical weaknesses in certain varieties of DDR DRAM double data rate dynamic random-access memory chips and gaining higher kernel privileges on the system. The technique, dubbed "rowhammer"...

Linux Kernel (x86-64) - Rowhammer Privilege Escalation

Linux Kernel x86-64 - Rowhammer Privilege Escalation Sources: http://googleprojectzero.blogspot.ca/2015/03/exploiting-dram-rowhammer-bug-to-gain.html https://code.google.com/p/google-security-research/issues/detail?id=283 Full PoC:...

Microsoft Windows multiple security vulnerabilities

Multiple Internet Explorer memory corruptions, kernel privilege escalation, group policies code execution and restrictions bypass, process creation privilege escalation, TIFF parsing information leakage...

Oracle Linux 5 / 6 : unbreakable enterprise kernel (ELSA-2014-3047)

The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-3047 advisory. - l2tp: fix an unprivileged user to kernel privilege escalation Sasha Levin Orabug: 19229505 CVE-2014-4943 CVE-2014-4943 Tenable has extracted the...

Oracle Linux 5 / 6 : unbreakable enterprise kernel (ELSA-2014-3048)

The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-3048 advisory. - l2tp: fix an unprivileged user to kernel privilege escalation Sasha Levin Orabug: 19229529 CVE-2014-4943 CVE-2014-4943 Tenable has extracted the...

Computer Associates Personal Firewall 9.0 HIPS Driver (kmxfw.sys) Local Privilege Escalation

No description provided by source. source: http://www.securityfocus.com/bid/21140/info Multiple Computer Associates security-related products are prone to multiple local privilege-escalation vulnerabilities. An attacker can leverage these issues to execute arbitrary code with SYSTEM-level...

FreeBSD 9.0 - Intel SYSRET Kernel Privilege Escalation Exploit

No description provided by source. / FreeBSD 9.0 Intel SYSRET Kernel Privilege Escalation exploit Author by CurcolHekerLink This exploit based on open source project, I can make it open source too. Right? If you blaming me for open sourcing this exploit, you can fuck your mom. Free of charge :...

Debian Security Advisory DSA 2917-1 (super - security update)

John Lightsey of the Debian Security Audit project discovered that the super package did not check for setuid failures, allowing local users to increase the privileges on kernel versions which do not guard against RLIMITNPROC attacks. OpenVAS Vulnerability Test $Id: deb2917.nasl 6715 2017-07-13...

Microsoft Windows Kernel Privilege Escalation Vulnerabilities (2930275)

This host is missing an important security update according to Microsoft Bulletin MS14-015 OpenVAS Vulnerability Test $Id: gbms14-015.nasl 6724 2017-07-14 09:57:17Z teissa $ Microsoft Windows Kernel Privilege Escalation Vulnerabilities 2930275 Authors: Antu Sanadi Copyright: Copyright C 2014...

Microsoft Windows Kernel Privilege Escalation Vulnerability (2914368)

This host is missing an important security update according to Microsoft Bulletin MS14-002 SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

FreeBSD 9.0 - Intel SYSRET Kernel Privilege Escalation

FreeBSD 9.0 - Intel SYSRET Kernel Privilege Escalation / FreeBSD 9.0 Intel SYSRET Kernel Privilege Escalation exploit Author by CurcolHekerLink This exploit based on open source project, I can make it open source too. Right? If you blaming me for open sourcing this exploit, you can fuck your mom...

FreeBSD 9.0 - Intel SYSRET Kernel Privilege Escalation

/ FreeBSD 9.0 Intel SYSRET Kernel Privilege Escalation exploit Author by CurcolHekerLink This exploit based on open source project, I can make it open source too. Right? If you blaming me for open sourcing this exploit, you can fuck your mom. Free of charge : Credits to KEPEDEAN Corp, Barisan Sak...

USN-1932-1: Linux kernel vulnerabilities

Chanam Park reported a Null pointer flaw in the Linux kernel's Ceph client. A remote attacker could exploit this flaw to cause a denial of service system crash. CVE-2013-1059 An information leak was discovered in the Linux kernel's fanotify interface. A local user could exploit this flaw to obtai...

Microsoft Windows Kernel Privilege Elevation Vulnerabilities (2859537)

This host is missing an important security update according to Microsoft Bulletin MS13-063. OpenVAS Vulnerability Test $Id: secpodms13-063.nasl 5346 2017-02-19 08:43:11Z cfi $ Microsoft Windows Kernel Privilege Elevation Vulnerabilities 2859537 Authors: Antu Sanadi Copyright: Copyright c 2013...

Microsoft Windows Kernel Privilege Elevation Vulnerabilities (2859537)

This host is missing an important security update according to Microsoft Bulletin MS13-063. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Microsoft to patch Six critical Remote Code Execution vulnerabilities this Tuesday

Microsoft has announced Patch Tuesday for this July Month, with seven bulletins. Out of that, one is important kernel privilege escalation flaw and six critical Remote Code Execution vulnerabilities. Patch will address vulnerabilities in Microsoft Windows, .Net Framework, Silverlight and will app...