29 matches found
CVE-2018-12562
An issue was discovered in the cantata-mounter D-Bus service in Cantata through 2.3.1. The wrapper script 'mount.cifs.wrapper' uses the shell to forward the arguments to the actual mount.cifs binary. The shell evaluates wildcards such as in an injected string:/home/../tmp/ string...
CVE-2018-12562
An issue was discovered in the cantata-mounter D-Bus service in Cantata through 2.3.1. The wrapper script 'mount.cifs.wrapper' uses the shell to forward the arguments to the actual mount.cifs binary. The shell evaluates wildcards such as in an injected string:/home/../tmp/ string...
CVE-2018-12560
An issue was discovered in the cantata-mounter D-Bus service in Cantata through 2.3.1. Arbitrary unmounts can be performed by regular users via directory traversal sequences such as a home/../sys/kernel substring...
CVE-2018-12559
CVE-2018-12559 affects Cantata up to version 2.3.1, where the cantata-mounter D-Bus service fails to validate target paths in mounter.cpp mpOk(), allowing a regular user to mount a CIFS filesystem outside the /home tree by directory traversal (e.g., home/../usr). The Mageia advisory MGASA-2018-03...
iOS 8.1.2 jailbreak process in detail and the associated vulnerability analysis-vulnerability warning-the black bar safety net
This paper mainly introduces: Yourself to escape the understanding of iOS 8.1.2 jailbreak tool working process The jailbreak process using the vulnerability Each vulnerability using the method Hope through this article to let everyone know about the jailbreak process, the jailbreak required...
Calibre E-Book Reader Local Root Exploit
No description provided by source. !/bin/sh .50-Calibrer Assault Mount by zx2c4 Calibre uses a suid mount helper, and like nearly all suid mount helpers that have come before it, it's badly broken. Let's go through Calibre's faulty code available at http://pastebin.com/auz9SULi and look at the...
OSX Network Share Mounter
This module lists saved network shares and tries to connect to them using stored credentials. This does not require root privileges. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'OSX Network...
security vulnerability in VMware
vulnerable software: VMware Workstation 6.0 for Windows, possible some other VMware products as well type of vulnerability: DoS, potential privilege escalation I found a vulnerability in VMware Workstation 6.0 which allows an unprivileged user in the host OS to crash the system and potentially ru...
CVE-2007-0740
CVE-2007-0740 affects Apple Mac OS X 10.3.9 and 10.4.9. The issue lies in the Alias Manager, which fails to display files with the same name when mounted in disk images that share that name, potentially allowing a user-assisted attacker to trick the user into launching a malicious file. The avail...