252 matches found
mintinstall 7.9.9 - Code Execution Exploit
Exploit for linux platform in category web applications Exploit Title: mintinstall aka Software Manager object injection Exploit Author: Andhrimnirr Vendor Homepage: https://www.linuxmint.com/ Software Link: mintinstall aka Software Manager Version: 7.9.9 Tested on: Linux Mint CVE : CVE-2019-1708...
mintinstall 7.9.9 - Code Execution
mintinstall 7.9.9 - Code Execution Exploit Title: mintinstall aka Software Manager object injection Date: 10/02/2019 Exploit Author: Andhrimnirr Vendor Homepage: https://www.linuxmint.com/ Software Link: mintinstall aka Software Manager Version: 7.9.9 Tested on: Linux Mint CVE : CVE-2019-17080...
mintinstall 7.9.9 - Code Execution
Exploit Title: mintinstall aka Software Manager object injection Date: 10/02/2019 Exploit Author: Andhrimnirr Vendor Homepage: https://www.linuxmint.com/ Software Link: mintinstall aka Software Manager Version: 7.9.9 Tested on: Linux Mint CVE : CVE-2019-17080 import os import sys def...
CVE-2019-17080
mintinstall aka Software Manager 7.9.9 for Linux Mint allows code execution if a REVIEWSCACHE file is controlled by an attacker, because an unpickle occurs. This is resolved in 8.0.0 and backports...
CVE-2019-17080
mintinstall aka Software Manager 7.9.9 for Linux Mint allows code execution if a REVIEWSCACHE file is controlled by an attacker, because an unpickle occurs. This is resolved in 8.0.0 and backports...
Code injection
mintinstall aka Software Manager 7.9.9 for Linux Mint allows code execution if a REVIEWSCACHE file is controlled by an attacker, because an unpickle occurs. This is resolved in 8.0.0 and backports...
CVE-2019-17080
mintinstall aka Software Manager 7.9.9 for Linux Mint allows code execution if a REVIEWSCACHE file is controlled by an attacker, because an unpickle occurs. This is resolved in 8.0.0 and backports...
CVE-2019-17080
CVE-2019-17080 affects mintinstall (Software Manager) on Linux Mint. A crafted REVIEWS_CACHE file enables code execution via an unpickle during startup, due to object-injection in the mintinstall 7.9.9 series. The issue is resolved in version 8.0.0 and via backports; symptoms are local code execu...
mintinstall 7.9.9 Code Execution
Exploit Title: mintinstall aka Software Manager object injection Date: 10/02/2019 Exploit Author: Andhrimnirr Vendor Homepage: https://www.linuxmint.com/ Software Link: mintinstall aka Software Manager Version: 7.9.9 Tested on: Linux Mint CVE : CVE-2019-17080 import os import sys def...
Linux Kernel 4.8.0-34 < 4.8.0-45 (Ubuntu / Linux Mint) - Packet Socket Local Privilege Escalation
Exploit for linux platform in category local exploits // A proof-of-concept local root exploit for CVE-2017-7308. // Includes a SMEP & SMAP bypass. // Tested on Ubuntu / Linux Mint: // - 4.8.0-34-generic // - 4.8.0-36-generic // - 4.8.0-39-generic // - 4.8.0-41-generic // - 4.8.0-42-generic // -...
Linux Kernel < 4.4.0/ < 4.8.0 (Ubuntu 14.04/16.04 / Linux Mint 17/18 / Zorin) Local Privilege
Exploit for linux platform in category local exploits // A proof-of-concept local root exploit for CVE-2017-1000112. // Includes KASLR and SMEP bypasses. No SMAP bypass. // Tested on: // - Ubuntu trusty 4.4.0 kernels // - Ubuntu xenial 4.4.0 and 4.8.0 kernels // - Linux Mint rosa 4.4.0 kernels //...
Linux Kernel 4.10 < 5.1.17 - 'PTRACE_TRACEME' pkexec Local Privilege Escalation
// Linux 4.10 // - added known helper paths // - added search for suitable helpers // - added automatic targeting // - changed target suid exectuable from passwd to pkexec // https://github.com/bcoles/kernel-exploits/tree/master/CVE-2019-13272 // --- // Tested on: // - Ubuntu 16.04.5 kernel...
Linux Mint 18.3-19.1 - yelp Command Injection Exploit
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework Exploit from github repro: https://github.com/b1ack0wl/linuxmintpoc class MetasploitModule "Linux Mint 'yelp' URI handler command injection vulnerability", 'Description'...
Linux Mint 18.3-19.1 - 'yelp' Command Injection (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework Exploit from github repro: https://github.com/b1ack0wl/linuxmintpoc class MetasploitModule "Linux Mint 'yelp' URI handler command injection vulnerability", 'Description'...
Linux Mint 18.3-19.1 - yelp Command Injection (Metasploit)
Linux Mint 18.3-19.1 - yelp Command Injection Metasploit This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework Exploit from github repro: https://github.com/b1ack0wl/linuxmintpoc class MetasploitModule "Linux Mint 'yelp' UR...
Linux Mint 19.1 yelp Command Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework Exploit from github repro: https://github.com/b1ack0wl/linuxmintpoc class MetasploitModule "Linux Mint 'yelp' URI handler command injection vulnerability", 'Description'...
Node.js third-party modules: [domokeeper] Unintended Require
I would like to report Unintended Require vulnerability in domokeeper It allows reading arbitary json files and load non-production code. Module module name: domokeeper version: 0.2.0 npm page: https://www.npmjs.com/package/domokeeper Module Description domokeeper server: a pluggable domotic...
Linux Kernel 4.4.0 4.8.0 (Ubuntu 14.0416.04 Linux Mint 1718 Zorin) - Local Privilege Escalation (KASLR SMEP)
Linux Kernel 4.4.0 4.8.0 Ubuntu 14.0416.04 Linux Mint 1718 Zorin - Local Privilege Escalation KASLR SMEP // A proof-of-concept local root exploit for CVE-2017-1000112. // Includes KASLR and SMEP bypasses. No SMAP bypass. // Tested on: // - Ubuntu trusty 4.4.0 kernels // - Ubuntu xenial 4.4.0 and...
Linux Kernel < 4.4.0/ < 4.8.0 (Ubuntu 14.04/16.04 / Linux Mint 17/18 / Zorin) - Local Privilege Escalation (KASLR / SMEP)
// A proof-of-concept local root exploit for CVE-2017-1000112. // Includes KASLR and SMEP bypasses. No SMAP bypass. // Tested on: // - Ubuntu trusty 4.4.0 kernels // - Ubuntu xenial 4.4.0 and 4.8.0 kernels // - Linux Mint rosa 4.4.0 kernels // - Linux Mint sarah 4.8.0 kernels // - Zorin OS 12.1...
Linux Kernel 4.8.0-34 < 4.8.0-45 (Ubuntu / Linux Mint) - Packet Socket Local Privilege Escalation
// A proof-of-concept local root exploit for CVE-2017-7308. // Includes a SMEP & SMAP bypass. // Tested on Ubuntu / Linux Mint: // - 4.8.0-34-generic // - 4.8.0-36-generic // - 4.8.0-39-generic // - 4.8.0-41-generic // - 4.8.0-42-generic // - 4.8.0-44-generic // - 4.8.0-45-generic //...