Разработка эксплоитов для Linux. Часть 4 – обход ASCII armor и возврат в plt

Автор: sickness Блог автора: Перевод: Gh0St 07.04.2012 Разработка эксплоитов для Linux. Часть 4 – обход ASCII armor и возврат в plt. ПРИМЕЧАНИЕ: Перед чтением данного документа, рекомендуется ознакомиться со следующими работами: Руководство по написанию эксплоитов для Linux. Часть I – переполнени...

Analyzing ASLR in Android Ice Cream Sandwich 4.0

When I first saw the release notes for the new Android Ice Cream Sandwich ICS platform, I was excited to see that Google mentioned that “Android 4.0 now provides address space layout randomization”. For the uninitiated, ASLR randomizes where various areas of memory eg. stack, heap, libs, etc are...

Critical: Red Hat Security Advisory: xulrunner security update

Updated xulrunner packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having critical security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating...

Microsoft Internet Explorer 9 页面布局处理远程代码执行漏洞(MS12-010)

BUGTRAQ ID: 51933 CVE ID: CVE-2012-0011 Microsoft Internet Explorer是微软公司推出的一款网页浏览器。 Microsoft Internet Explorer在页面布局的处理上存在远程代码执行漏洞，攻击者可利用此漏洞执行任意代码，控制应用和计算机。 0 Microsoft Internet Explorer 9 厂商补丁： Microsoft --------- Microsoft已经为此发布了一个安全公告（MS12-010）以及相应补丁: MS12-010：Cumulative Security Update for...

CVE-2012-0154

Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers...

Design/Logic Flaw

Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers...

CVE-2012-0154

Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers...

Internet Explorer HtmlLayout Remote Code Execution (MS12-010; CVE-2012-0011)

A remote code execution vulnerability has been reported in Internet Explorer...

Microsoft Windows Kernel 'Win32k.sys' Keyboard Layout Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of affected computers. Failed exploit attempts may cause...

PT-2012-2354 · Microsoft · Windows Server 2003 +5

Name of the Vulnerable Software and Affected Versions: Microsoft Windows XP versions SP2 and SP3 Microsoft Windows Server 2003 version SP2 Microsoft Windows Vista version SP2 Microsoft Windows Server 2008 versions SP2, R2, and R2 SP1 Microsoft Windows 7 versions Gold and SP1 Description: The issu...

linux/x86 sys_execve("/sbin/sysctl") 121 bytes polymorphic shellcode

/ sysexecve"/sbin/sysctl", "/sbin/sysctl", "-w", "kernel.randomizevaspace=0" , NULL; 121 bytes polymorphic shellcode Programmer : Paulus Gandung Prakosa syn-attack Thanks to : mywisdom, gunslinger, nofia fitri, chaer.newbie, wenkhairu, ketek, xtr0nic, supermen ganteng, and all devilzc0de members ...

Mozilla Firefox v8.x - URL & SSL Spoofing Vulnerability

Document Title: =============== Mozilla Firefox v8.x - URL & SSL Spoofing Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=330 Release Date: ============= 2011-12-21 Vulnerability Laboratory ID VL-ID: ==================================== 330...

Mozilla Products Multiple Information Disclosure Vulnerabilities - MAC OS X

The host is installed with Mozilla firefox/seamonkey/thunderbird and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbmozillaprdtsmultinfodiscvulnmacosx.nasl 7024 2017-08-30 11:51:43Z teissa $ Mozilla Products Multiple Information Disclosure Vulnerabilities - MAC OS X...

Mozilla Products Multiple Information Disclosure Vulnerabilities - (Windows)

The host is installed with Mozilla firefox/seamonkey/thunderbird and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbmozillaprdtsmultinfodiscvulnwin.nasl 7029 2017-08-31 11:51:40Z teissa $ Mozilla Products Multiple Information Disclosure Vulnerabilities - Windows Authors:...

CVE-2010-5074

The layout engine in Mozilla Firefox before 4.0, Thunderbird before 3.3, and SeaMonkey before 2.1 executes different code for visited and unvisited links during the processing of Cascading Style Sheets CSS token sequences, which makes it easier for remote attackers to obtain sensitive information...

CVE-2010-5074

The layout engine in Mozilla Firefox before 4.0, Thunderbird before 3.3, and SeaMonkey before 2.1 executes different code for visited and unvisited links during the processing of Cascading Style Sheets CSS token sequences, which makes it easier for remote attackers to obtain sensitive information...

Directory traversal

Multiple directory traversal vulnerabilities in osCommerce 3.0.2 allow remote attackers to include and execute arbitrary local files via a .. dot dot in the 1 set or 2 module parameter to a OM/Core/Site/Admin/Application/templatesmodules/pages/info.php, b...

The keyboard layout 0day vulnerability analysis-vulnerability warning-the black bar safety net

Recent tune up instruder hair 0day vulnerabilities: http://www.exploit-db.com/exploits/18140/ The Debug analysis of the situation written here. the dump file analysis results are as follows: EXCEPTIONCODE: NTSTATUS 0xc0000005 - "0x%08lx" FAULTINGIP: win32k! ReadLayoutFile+8 8 bf89ed23 0fb75006...

Microsoft Windows Kernel "Win32k.sys"键盘布局本地权限提升漏洞

BUGTRAQ ID: 50763 Microsoft Windows是流行的计算机操作系统。 Win32k.sys在实现上存在索引错误，在加载键盘布局文件时，本地攻击者可通过访问无效内存位置，利用此漏洞以内核权限执行任意代码，完全控制受影响计算机 Microsoft Windows XP Microsoft Windows 7 厂商补丁： Microsoft --------- 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本： http://www.microsoft.com/windowsxp/default.asp instruder...

Microsoft Windows XP7 Kernel - win32k.sys Keyboard Layout Privilege Escalation (MS10-073)

Microsoft Windows XP7 Kernel - win32k.sys Keyboard Layout Privilege Escalation MS10-073 source: https://www.securityfocus.com/bid/50763/info Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with kernel-leve...