40 matches found
Arbitrary Command Injection
Overview kill-process-by-name is a Kills all processes by a certain program Affected versions of this package are vulnerable to Arbitrary Command Injection. If attacker-controlled user input is given, it is possible for an attacker to execute arbitrary commands. This is due to use of the...
CVE-2020-28426 Command Injection
All versions of package kill-process-on-port are vulnerable to Command Injection via a.getProcessPortId...
CVE-2020-28426
Summary: CVE-2020-28426 affects the npm package kill-process-on-port. All versions are vulnerable to Command Injection through the a.getProcessPortId function. Concrete details across sources include exploit scenario via getProcessPortId and the fact that input can be unsafely processed, enabling...
kill-process-on-port Command Injection Vulnerability
Radarsu kill-process-on-port is an Npm codebase that can be used to support aborting application processes by Radarsu individual developers. kill-process-on-port suffers from a command injection vulnerability that stems from packets being vulnerable to injection via the a.getProcessPortId command...
Command Injection
Overview Affected versions of this package are vulnerable to Command Injection via a.getProcessPortId. PoC var a = require"kill-process-occupying-port"; a.getProcessPortId"& touch JHU "; Remediation There is no fixed version for kill-process-on-port. Credit: JHU System Security Lab...
CVE-2019-17549
ESET Cyber Security before 6.8.1.0 is vulnerable to a denial-of-service allowing any user to stop kill ESET processes. An attacker can abuse this bug to stop the protection from ESET and launch his attack...
Linux/x86 - Kill Process Shellcode (20 bytes)
/ Exploit Title: Kill PID shellcode Date: 07/09/2018 Exploit Author: Nathu Nandwani Platform: Linux/x86 Size: 20 bytes Compile: gcc -fno-stack-protector -z execstack killproc.c -o killproc / include include int main unsigned short pid = 2801; char shellcode = "\x31\xc0" / xor eax, eax / "\xb0\x25...
Linux/x86 - Kill Process Shellcode (20 bytes)
Linux/x86 - Kill Process Shellcode 20 bytes. Shellcode exploit for Linuxx86 platform / Exploit Title: Kill PID shellcode Date: 07/09/2018 Exploit Author: Nathu Nandwani Platform: Linux/x86 Size: 20 bytes Compile: gcc -fno-stack-protector -z execstack killproc.c -o killproc / include include int...
UBUNTU-CVE-2018-6536
An issue was discovered in Icinga 2.x through 2.8.1. The daemon creates an icinga2.pid file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for icinga2.pid modification before a root script...
UBUNTU-CVE-2017-14681
The daemon in P3Scan 3.0rc1 and earlier creates a p3scan.pid file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for p3scan.pid modification before a root script executes a "kill cat...
UBUNTU-CVE-2017-14610
bareos-dir, bareos-fd, and bareos-sd in bareos-core in Bareos 16.2.6 and earlier create a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modification before a root scrip...
CVE-2017-12847
Nagios Core before 4.3.3 creates a nagios.lock PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for nagios.lock modification before a root script executes a "kill cat...
UBUNTU-CVE-2017-11747
main.c in Tinyproxy 1.8.4 and earlier creates a /run/tinyproxy/tinyproxy.pid file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for tinyproxy.pid modification before a root script executes a...
Advanced Desktop Locker Lock Screen Bypass Vulnerability
Advanced Desktop Locker is a desktop protection tool that bypasses screen protection by killing the Advanced Desktop Locker process. Advanced Desktop Locker suffers from a lock screen bypass vulnerability that can be exploited by attackers to bypass the lock screen...
[SECURITY] [DLA 78-1] torque security update
Package : torque Version : 2.4.8+dfsg-9squeeze5 CVE ID : CVE-2014-3684 Chad Vizino reported a vulnerability in torque, a PBS-derived batch processing queueing system. A non-root user could exploit the flaw in the tmadopt library call to kill any process, including root-owned ones on any node in a...
Mandriva Linux Security Advisory : ircd-hybrid (MDVSA-2013:093)
Updated ircd-hybrid packages fix security vulnerability : Bob Nomnomnom reported a Denial of Service vulnerability in IRCD-Hybrid, an Internet Relay Chat server. A remote attacker may use an error in the masks validation and crash the server CVE-2013-0238. Please note that due to the previously...
Windows Manage Process Migration
This module will migrate a Meterpreter session from one process to another. A given process PID to migrate to or the module can spawn one and migrate to that newly spawned process. This module requires Metasploit: https://metasploit.com/download Current source:...
freebsd/x86 kill all processes 12 bytes
Exploit for freebsd/x86 platform in category shellcode ======================================= freebsd/x86 kill all processes 12 bytes ======================================= CoDed bY suN8Hclf DaRk-CodeRs Group productions, kid FreeBSD x86 kill all procesess 12 bytes shellcode Compile: nasm -f el...
linux/x86 - kill all processes 11 bytes
linux/x86 kill all processes 11 bytes. Shellcode exploit for linx86 platform / By Kris Katterjohn 11/13/2006 11 byte shellcode to kill all processes for Linux/x86 section .text global start start: ; kill-1, SIGKILL push byte 37 pop eax push byte -1 pop ebx push byte 9 pop ecx int 0x80 / main char...
PT-1999-1109 · Netscape · Netscape
Name of the Vulnerable Software and Affected Versions: Netscape version 4.5 Description: A local user can kill an arbitrary process of another user whose Netscape crashes due to the talkback feature in Netscape. Recommendations: For Netscape version 4.5, consider disabling the talkback feature to...