30 matches found
CVE-2019-2389
CVE-2019-2389 affects MongoDB Server via incorrect scoping of kill operations in packaged SysV init scripts. The flaw lets users with write access to the PID file influence kills when the root user stops MongoDB, enabling denial-of-service conditions. Affected are MongoDB Server v4.0 prior to 4.0...
CVE-2019-2389
Removed by vendor...
Low: Red Hat Security Advisory: docker security and bug fix update
An update for docker is now available for Red Hat Enterprise Linux 7 Extras. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...
DEBIAN-CVE-2017-5967
The time subsystem in the Linux kernel through 4.9.9, when CONFIGTIMERSTATS is enabled, allows local users to discover real PID values as distinguished from PID values inside a PID namespace by reading the /proc/timerlist file, related to the printtimer function in kernel/time/timerlist.c and the...
Get the Vehicle Information Such as the VIN from the Target Module
Post Module to query DTCs, Some common engine info and Vehicle Info. It returns such things as engine speed, coolant temp, Diagnostic Trouble Codes as well as All info stored by Mode $09 Vehicle Info, VIN, etc This module requires Metasploit: https://metasploit.com/download Current source:...
LXCFS Privilege Acquisition Vulnerability
LXCFS is a suite of user-space filesystem software for solving the Linux kernel's constraints. A security vulnerability exists in the 'dowritepids' function in the lxcfs.c file in versions prior to LXCFS 0.12. Due to the program failing to properly check permissions. A local attacker could exploi...
Ubuntu 14.04 LTS : ppp vulnerability (USN-2595-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-2595-1 advisory. It was discovered that ppp incorrectly handled large PIDs. When pppd is used with a RADIUS server, a remote attacker could use this issue to cause it to crash,...
Windows Gather Enumerate Domain Admin Tokens (Token Hunter)
This module enumerates Domain Admin account processes and delegation tokens. This module will first check if the session has sufficient privileges to replace process level tokens and adjust process quotas. The SeAssignPrimaryTokenPrivilege privilege will not be assigned if the session has been...
Windows Manage Inject in Memory Multiple Payloads
This module will inject in to several processes a given payload and connecting to a given list of IP Addresses. The module works with a given lists of IP Addresses and process PIDs if no PID is given it will start a the given process in the advanced options and inject the selected payload in to t...
bash security and bug fix update
3.0-27 - Dont include backup files Resolves: 657500 3.0-26 - Fixed bash-3.0-tmpfile.patch Resolves: 657500 3.0-25 - Dont include backup files Resolves: 657500 3.0-24 - Use mktemp for temporary files Resolves: 657500 3.0-23 - bash globbing sometimes ignores locale settings Resolves: 539538 - check...