Symantec Critical System Protection 5.2.9.x < 5.2.9 MP6 Multiple Vulnerabilities (SYM15-001 / SYM16-009)

The version of Symantec Critical System Protection SCSP installed on the remote Windows host is 5.2.9.x prior to 5.2.9 MP6. It is, therefore, affected by multiple vulnerabilities : - A remote code execution vulnerability exists in the Management Server Agent Control Interface due to improper...

DEBIAN-CVE-2014-8517

The fetchurl function in usr.bin/ftp/fetch.c in tnftp, as used in NetBSD 5.1 through 5.1.4, 5.2 through 5.2.2, 6.0 through 6.0.6, and 6.1 through 6.1.5 allows remote attackers to execute arbitrary commands via a | pipe character at the end of an HTTP redirect...

.NET Remoting Services Remote Command Execution Vulnerability

Exploit for windows platform in category remote exploits Source: https://github.com/tyranid/ExploitRemotingService Exploit Database Mirror: http://www.exploit-db.com/sploits/35280.zip ExploitRemotingService c 2014 James Forshaw ============================================= A tool to exploit .NET...

.NET Remoting Services - Remote Command Execution

.NET Remoting Services - Remote Command Execution Source: https://github.com/tyranid/ExploitRemotingService Exploit Database Mirror: https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/35280.zip ExploitRemotingService c 2014 James Forshaw...

.NET Remoting Services - Remote Command Execution

Source: https://github.com/tyranid/ExploitRemotingService Exploit Database Mirror: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/35280.zip ExploitRemotingService c 2014 James Forshaw ============================================= A tool to exploit .NET Remoting...

OracleVM 3.2 : bash (OVMSA-2014-0019)

The remote OracleVM system is missing necessary patches to address critical security updates : - Check for fishy environment Resolves: 1141644 - Fixed a bug that caused trap handlers to be executed recursively, corrupting internal data structures. Resolves: 964753 - Don't include backup files...

kernel security and bug fix update

2.6.32-431.29.2 - kernel futex: Fix errors in nested key ref-counting Denys Vlasenko 1094457 1094458 CVE-2014-0205 - net vxlan: fix NULL pointer dereference Jiri Benc 1114549 1096351 CVE-2014-3535 2.6.32-431.29.1 - mm hugetlb: ensure hugepage access is denied if hugepages are not supported Gustav...

Microsoft Windows 2000 CreateFile API Named Pipe Privilege Escalation Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/8128/info It has been reported that Microsoft Windows does not properly handle named pipes through the CreateFile API. Because of this, an attacker may be able to gain access to the SYSTEM account. / tac0tac0.c - pay no...

Microsoft Windows 2000 CreateFile API Named Pipe Privilege Escalation Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/8128/info It has been reported that Microsoft Windows does not properly handle named pipes through the CreateFile API. Because of this, an attacker may be able to gain access to the SYSTEM account. / tac0tac0.c - pay no...

Microsoft Windows 2000 RunAs Service Named Pipe Hijacking Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3185/info The Windows 2000 RunAs service allows an application or service to be executed as a different user. It is accessed by holding down the shift key and right mouse clicking on an icon, then selecting 'Run as...' fr...

Microsoft Services MS06-066 nwwks.dll

No description provided by source. $Id: ms06066nwwks.rb 9262 2010-05-09 17:45:00Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

Sendmail 8.12.x SMRSH Double Pipe Access Validation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5845/info Sendmail is a freely available, open source mail transport agent. It is maintained and distributed by the Sendmail Consortium. Sendmail is available for the Unix and Linux operating systems. smrsh is designed to...

Nvidia (nvsvc) Display Driver Service - Local Privilege Escalation

No description provided by source. This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'rex' require 'msf/core/post/common' require 'msf/core/post/windows/priv' require...

Novell NetIdentity Agent XTIERRPCPIPE Named Pipe Buffer Overflow

No description provided by source. $Id: netidentityxtierrpcpipe.rb 11127 2010-11-24 19:35:38Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and...

NVidia Display Driver Service (Nsvr) Exploit

No description provided by source. / NVidia Display Driver Service Nsvr Exploit - Christmas 2012 - Bypass DEP + ASLR + /GS + CoE ============================================================= @peterwintrsmith Initial release 25/12/12 Update 25/12/12 - Target for 30 Aug 2012 nvvsvc.exe Build - than...

Microsoft SQL Server 7.0/2000,MSDE Named Pipe Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8274/info Microsoft SQL Server and the Microsoft Data Engine have been reported prone to a denial of service attack. Any local or remote user, who can authenticate and is part of the Everyone Group, may trigger a denial o...

psyBNC <= 2.3 - Denial of Service Exploit

No description provided by source. / psyBNC = 2.3 DoS Information System Advancement in Penetration ISAP Labs By Lunar Fault ElectronicSouls C May 19, 2002 Legal Notice: In no way is ElectronicSouls, ISAP, or the author responsible for the actions or usage of this program. The author retains all...

Xorg 1.4 to 1.11.2 File Permission Change PoC

No description provided by source. / xchmod.c -- Xorg file permission change vulnerability PoC Author: vladz http://vladz.devzero.fr Date: 2011/12/15 Software: www.x.org Version: Xorg 1.4 to 1.11.2 in all configurations. Xorg 1.3 and earlier if built with the USECHMOD preprocessor identifier Test...

openSUSE Security Update : samba (openSUSE-SU-2014:0404-1)

"Samba was updated to 4.1.6, fixing bugs and security issues : - Password lockout not enforced for SAMR password changes, this allowed brute forcing of passwords; CVE-2013-4496; bnc849224. - smbcacls can remove a file or directory ACL by mistake; CVE-2013-6442; bnc855866. Also the following bugs...

Privilege escalation

Cisco ONS 15454 controller cards with software 9.6 and earlier allow remote attackers to cause a denial of service card reset via a TCP FIN attack that triggers file-descriptor exhaustion and a failure to open a CAL pipe, aka Bug ID CSCug97348...