2082 matches found
CVE-2013-6652
Directory traversal vulnerability in sandbox/win/src/namedpipedispatcher.cc in Google Chrome before 33.0.1750.117 on Windows allows attackers to bypass intended named-pipe policy restrictions in the sandbox via vectors related to 1 lack of checks for .. dot dot sequences or 2 lack of use of the...
CVE-2013-6652
CVE-2013-6652 affects Google Chrome on Windows prior to 33.0.1750.117, describing a directory traversal in sandbox/win/src/named_pipe_dispatcher.cc that could bypass sandbox restrictions via missing checks for .. sequences and/or missing use of the \? protection. Public sources (NVD/OpenVAS/Gento...
CVE-2013-6652
Directory traversal vulnerability in sandbox/win/src/namedpipedispatcher.cc in Google Chrome before 33.0.1750.117 on Windows allows attackers to bypass intended named-pipe policy restrictions in the sandbox via vectors related to 1 lack of checks for .. dot dot sequences or 2 lack of use of the...
CVE-2013-6652
Removed by vendor...
Linux little-known security vulnerabilities: do not output the contents of the pipe to your shell-vulnerability warning-the black bar safety net
Will wget or curl to output the contents of the pipe to the bash or sh is a very stupid thing, for example something like the following: | 1 | wget-O - http://example.com/install.sh | sudo sh ---|--- Command explanation: wget-O parameter is specified the output file name, usually followed by a...
Nvidia (nvsvc) Display Driver Service Local Privilege Escalation
This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'rex' require 'msf/core/post/common' require 'msf/core/post/windows/priv' require 'msf/core/post/windows/process' require...
Nvidia (nvsvc) Display Driver Service Local Privilege Escalation
Exploit for windows platform in category local exploits require 'msf/core' require 'rex' require 'msf/core/post/common' require 'msf/core/post/windows/priv' require 'msf/core/post/windows/process' require 'msf/core/post/windows/reflectivedllinjection' require 'msf/core/post/windows/services' clas...
Nvidia (nvsvc) Display Driver Service Local Privilege Escalation
The named pipe, \pipe\nsvr, has a NULL DACL allowing any authenticated user to interact with the service. It contains a stacked based buffer overflow as a result of a memmove operation. Note the slight spelling differences: the executable is 'nvvsvc.exe', the service name is 'nvsvc', and the name...
Updated torque packages fix CVE-2013-4495
Updated torque packages fix security vulnerability: A user could submit executable shell commands on the tail of what is passed with the -M switch for qsub. This was later passed to a pipe, making it possible for these commands to be executed as root on the pbsserver CVE-2013-4495...
[SECURITY] [DSA 2796-1] torque security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2796-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso November 13, 2013 http://www.debian.org/security/faq -...
Agnitum Outpost Internet Security Local Privilege Escalation
This module exploits a directory traversal vulnerability on Agnitum Outpost Internet Security 8.1. The vulnerability exists in the acs.exe component, allowing the user to load arbitrary DLLs through the acsipcserver named pipe, and finally execute arbitrary code with SYSTEM privileges. This modul...
Design/Logic Flaw
The fillpipeinfo function in bsd/kern/syspipe.c in the XNU kernel in Apple Mac OS X 10.8.x allows local users to defeat the KASLR protection mechanism via the PROCPIDFDPIPEINFO option to the procinfo system call for a kernel pipe handle...
Dovecot with Exim sender_address Parameter - Remote Command Execution
Exploit for linux platform in category remote exploits Exim with Dovecot: Typical Misconfiguration Leads to Remote Command Execution During a penetration test a typical misconfiguration was found in the way Dovecot is used as a local delivery agent by Exim. A common use case for the Dovecot IMAP...
Exim / Dovecot Command Execution
Advisory: Exim with Dovecot: Typical Misconfiguration Leads to Remote Command Execution During a penetration test a typical misconfiguration was found in the way Dovecot is used as a local delivery agent by Exim. A common use case for the Dovecot IMAP and POP3 server is the use of Dovecot as a...
Ruby Gem Curl Command Execution
Curl Ruby Gem Remote command execution 3/12/2013 https://github.com/tg0/curl Specially crafted URLs can result in remote code execution: In ./lib/curl.rb the following lines: 131 cmd = "curl cookiesstore browsertype @setupparams ref "url" " 132 if @debug 133 puts cmd.red 134 end 135 result =...
NVidia Display Driver Service (Nsvr) Exploit
Exploit for windows platform in category local exploits / NVidia Display Driver Service Nsvr Exploit - Christmas 2012 - Bypass DEP + ASLR + /GS + CoE ============================================================= @peterwintrsmith Initial release 25/12/12 Update 25/12/12 - Target for 30 Aug 2012...
Nvidia Display Driver Service (Nsvr) - Local Buffer Overflow
Nvidia Display Driver Service Nsvr - Local Buffer Overflow / NVidia Display Driver Service Nsvr Exploit - Christmas 2012 - Bypass DEP + ASLR + /GS + CoE ============================================================= @peterwintrsmith Initial release 25/12/12 Update 25/12/12 - Target for 30 Aug 2012...
Researcher Who Found Nvidia Bug Confirms Security Update Clears Up Driver Zero Day
Nvidia has released a new driver for its graphics cards that includes a security update for a zero-day vulnerability in the Nvidia Display Driver Service that came to light on Christmas day. UK researcher Peter Winter-Smith posted vulnerability details and an exploit to Pastebin describing a stac...
NVidia Display Driver Buffer Overflow
/ NVidia Display Driver Service Nsvr Exploit - Christmas 2012 - Bypass DEP + ASLR + /GS + CoE ============================================================= @peterwintrsmith Hey all! Here is an exploit for an interesting stack buffer overflow in the NVidia Display Driver Service. The service liste...
Reaver Pro - Local Privilege Escalation
source: https://www.securityfocus.com/bid/55725/info Reaver Pro is prone to a local privilege-escalation vulnerability. A local attacker may exploit this issue to execute arbitrary code with root privileges. Successful exploits may result in the complete compromise of affected computers...