2083 matches found
CVE-2021-47086 phonet/pep: refuse to enable an unbound pipe
In the Linux kernel, the following vulnerability has been resolved: phonet/pep: refuse to enable an unbound pipe This ioctl implicitly assumed that the socket was already bound to a valid local socket name, i.e. Phonet object. If the socket was not bound, two separate problems would occur: 1 We'd...
CentOS 9 : ghostscript-9.54.0-4.el9
The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ghostscript-9.54.0-4.el9 build changelog. - A trivial sandbox enabled with the -dSAFER option escape flaw was found in the ghostscript interpreter by injecting a specially crafted pipe...
swaggerHole - A Python3 Script Searching For Secret On Swaggerhub
Introduction This tool is made to automate the process of retrieving secrets in the public APIs on swaggerHub. This tool is multithreaded and pipe mode is available : Requirements - python3 sudo apt install python3 - pip3 sudo apt install python3-pip Installation pip3 install swaggerhole or...
SMB Fetch, Windows x64 Bind Named Pipe Stager
Fetch and execute an x64 payload from an SMB server. Listen for a pipe connection Windows x64 Module Options msf use payload/cmd/windows/smb/x64/vncinject/bindnamedpipe msf payloadbindnamedpipe show actions ...actions... msf payloadbindnamedpipe set ACTION msf payloadbindnamedpipe show options...
SMB Fetch, Windows x64 Bind Named Pipe Stager
Fetch and execute an x64 payload from an SMB server. Listen for a pipe connection Windows x64 Module Options msf use payload/cmd/windows/smb/x64/peinject/bindnamedpipe msf payloadbindnamedpipe show actions ...actions... msf payloadbindnamedpipe set ACTION msf payloadbindnamedpipe show options...
SMB Fetch, Windows shellcode stage, Windows x64 Bind Named Pipe Stager
Fetch and execute an x64 payload from an SMB server. Custom shellcode stage. Listen for a pipe connection Windows x64 Module Options msf use payload/cmd/windows/smb/x64/custom/bindnamedpipe msf payloadbindnamedpipe show actions ...actions... msf payloadbindnamedpipe set ACTION msf...
SMB Fetch, Windows x64 Command Shell, Windows x64 Bind Named Pipe Stager
Fetch and execute an x64 payload from an SMB server. Spawn a piped command shell Windows x64 staged. Listen for a pipe connection Windows x64 Module Options msf use payload/cmd/windows/smb/x64/shell/bindnamedpipe msf payloadbindnamedpipe show actions ...actions... msf payloadbindnamedpipe set...
SMB Fetch, Windows Meterpreter Shell, Bind Named Pipe Inline (x64)
Fetch and execute an x64 payload from an SMB server. Connect to victim and spawn a Meterpreter shell. Requires Windows XP SP2 or newer. Module Options msf use payload/cmd/windows/smb/x64/meterpreterbindnamedpipe msf payloadmeterpreterbindnamedpipe show actions ...actions... msf...
SMB Fetch, Windows shellcode stage, Windows x64 Reverse Named Pipe (SMB) Stager
Fetch and execute an x64 payload from an SMB server. Custom shellcode stage. Connect back to the attacker via a named pipe pivot Module Options msf use payload/cmd/windows/smb/x64/custom/reversenamedpipe msf payloadreversenamedpipe show actions ...actions... msf payloadreversenamedpipe set ACTION...
CVE-2024-23769
Improper privilege control for the named pipe in Samsung Magician PC Software 8.0.0 for Windows allows a local attacker to read privileged data...
CVE-2024-23769
Improper privilege control for the named pipe in Samsung Magician PC Software 8.0.0 for Windows allows a local attacker to read privileged data...
Input validation
Improper privilege control for the named pipe in Samsung Magician PC Software 8.0.0 for Windows allows a local attacker to read privileged data...
PT-2024-20072 · Samsung · Samsung Magician
Name of the Vulnerable Software and Affected Versions: Samsung Magician PC Software version 8.0.0 Description: The issue is related to improper privilege control for a named pipe, allowing a local attacker to read privileged data. This could potentially lead to unauthorized access to sensitive...
CVE-2024-23769
CVE-2024-23769 affects Samsung Magician PC Software for Windows (version 8.0.0). The issue is improper privilege control for a named pipe, enabling a local attacker to read privileged data. Relevant details: impact is confidentiality (high) with local access and low attack complexity, user intera...
PT-2024-3400 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a missing odm calculation for pipe split policy determination in the Linux kernel's drm/amd/display module, specifically affecting the dcn35 8k30. This missing...
Backdoor.Win32 Carbanak (Anunak) MVID-2024-0667 Named Pipe NULL DACL
Discovery / credits: Malvuln John Page aka hyp3rlinx c 2024 Original source: https://malvuln.com/advisory/b8e1e5b832e5947f41fd6ae6ef6d09a1.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32 Carbanak Anunak Vulnerability: Named Pipe Null DACL Family: Carbanak Type:...
Exploit for Improper Initialization in Linux Linux_Kernel
DirtyPipevirus Dirty Pipe is a kind of Linux exploit. Its C...
Exploit for Improper Initialization in Linux Linux_Kernel
DirtyPipevirus Dirty Pipe is a kind of Linux exploit. Its C...
samba: smbd allows client access to unix domain sockets on the file system as root
A path traversal vulnerability was identified in Samba when processing client pipe names connecting to Unix domain sockets within a private directory. Samba typically uses this mechanism to connect SMB clients to remote procedure call RPC services like SAMR LSA or SPOOLSS, which Samba initiates o...
Node.js: Permissions can be bypassed via arbitrary code execution through abusing libuv signal pipes
Vulnerability description not provided...