Usermin 1.750 - Remote Command Execution (Metasploit)

Usermin 1.750 - Remote Command Execution Metasploit This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'uri' class MetasploitModule 'Usermin 1.750 - Remote Command Execution', 'Description' = %q...

Android Kernel < 4.8 - ptrace seccomp Filter Bypass Exploit

/ The seccomp.2 manpage http://man7.org/linux/man-pages/man2/seccomp.2.html documents: Before kernel 4.8, the seccomp check will not be run again after the tracer is notified. This means that, on older ker‐ nels, seccomp-based sandboxes must not allow use of ptrace2—even of other sandboxed...

Android Kernel &lt; 4.8 - ptrace seccomp Filter Bypass

/ The seccomp.2 manpage http://man7.org/linux/man-pages/man2/seccomp.2.html documents: Before kernel 4.8, the seccomp check will not be run again after the tracer is notified. This means that, on older ker‐ nels, seccomp-based sandboxes must not allow use of ptrace2—even of other sandboxed...

BBC Inside Out. Consumer advice for the ‘smart’ homeowner

We were recently asked to demonstrate security flaws in a smart home for the BBC Inside Out TV show. We’ve done this before, so what was different? This home was by far the most connected we had looked at. Typically, homes have a few smart devices; a smart thermostat, CCTV, maybe a doorbell and...

Oracle Linux 7 : polkit (ELSA-2019-0230)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2019-0230 advisory. - Fix of CVE-2019-6133, PID reuse via slow fork Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note tha...

polkit security update

0.112-18.0.1 - Increase timeout to avoid defunct processes bug26930744 0.112-18.el76.1 - Fix of CVE-2019-6133, PID reuse via slow fork - Resolves: rhbz1667311...

How To Improve Your Online Processes

By Carolina In today’s internet-driven world, every business relies very heavily on the internet for their operation. There will be various online processes that a company uses no matter what industry they are in and you may find that there are ways that you can improve these processes. While thi...

[SECURITY] Fedora 28 Update: polkit-0.115-2.1.fc28

polkit is a toolkit for defining and handling authorizations. It is used for allowing unprivileged processes to speak to privileged processes...

LAquis SCADA LGX Report ShellExecute Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of LAquis SCADA Software. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Webmin 1.900 Remote Command Execution

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'uri' class MetasploitModule 'Webmin 1.900 - Remote Command Execution', 'Description' = %q This module exploits an arbitrary command execution...

Webmin 1.900 - Remote Command Execution (Metasploit)

Webmin 1.900 - Remote Command Execution Metasploit This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'uri' class MetasploitModule 'Webmin 1.900 - Remote Command Execution', 'Description' = %q...

Webmin 1.900 - Remote Command Execution (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'uri' class MetasploitModule 'Webmin 1.900 - Remote Command Execution', 'Description' = %q This module exploits an arbitrary command execution...

Information Disclosure

Systems with microprocessors utilizing speculative execution and address translations are vulnerable to information disclosure. An L1TF issue allows an unprivileged attacker to read privileged memory of the kernel or other processes by conducting targeted cache side-channel attacks...

Authorization Bypass

Linux kernel is vulnerable to authorization bypass. When creating audit records for parameters to executed children processes, an attacker can convince the Linux kernel audit subsystem can create corrupt records which may allow an attacker to misrepresent or evade logging of executing commands...

Information Disclosure

rhevm-log-collector is vulnerable to information disclosure attacks. The vulnerability exists as the rhevm-log-collector package in Red Hat Enterprise Virtualization 3.4 uses the PostgreSQL database password on the command line when calling sosreport, which allows local users to obtain sensitive...

Denial Of Service (DoS)

openipmi is vulnerable to denial of service DoS attacks. The vulnerability exists as ipmievd aka the IPMI event daemon in OpenIPMI, as used in the ipmitool package 1.8.11 in Red Hat Enterprise Linux RHEL 6, Debian GNU/Linux, Fedora 16, and other products uses 0666 permissions for its ipmievd.pid...

CVE-2018-16888

It was discovered systemd does not correctly check the content of PIDFile files before using it to kill processes. When a service is run from an unprivileged user e.g. User field set in the service file, a local attacker who is able to write to the PIDFile of the mentioned service may use this fl...

CVE-2018-16888

It was discovered systemd does not correctly check the content of PIDFile files before using it to kill processes. When a service is run from an unprivileged user e.g. User field set in the service file, a local attacker who is able to write to the PIDFile of the mentioned service may use this fl...

CVE-2018-16888

It was discovered systemd does not correctly check the content of PIDFile files before using it to kill processes. When a service is run from an unprivileged user e.g. User field set in the service file, a local attacker who is able to write to the PIDFile of the mentioned service may use this fl...

CVE-2018-16888

CVE-2018-16888 affects systemd. When a service runs as an unprivileged user, a local attacker who can write to the service’s PIDFile may trick systemd into killing other services and/or privileged processes. Vulnerable versions are those before v237. Remediation: update systemd to a fixed version...