13 matches found
USN-5753-1: snapd vulnerability
The Qualys Research Team discovered that a race condition existed in the snapd snap-confine binary when preparing the private /tmp mount for a snap. A local attacker could possibly use this issue to escalate privileges and execute arbitrary code...
Exploit for Off-by-one Error in Sudo_Project Sudo
CVE-2021-3156: Heap-Based Buffer Overflow in Sudo Baron Samed...
Defending Against Scheduled Task Attacks in Windows Environments
Scheduling tasks is one of the most popular attack techniques used by threat actors to establish persistence on a victim’s machine. The Qualys Research Team investigated different ways that attackers could use to conceal scheduled tasks. In this blog, we describe three new techniques to hide and...
Exploit for Off-by-one Error in Sudo_Project Sudo
CVE-2021-3156 Root shell PoC for CVE-2021-3156 no brutef...
Catching the RAT called Agent Tesla
For the last few years, the Qualys Research Team has been observing an infamous "Malware-as-a-service" RAT Remote Access Trojan called Agent Tesla. It first appeared in 2014, and since then many variants have been deployed. This malware uses multiple techniques for evading detection as well as...
Exploit for Out-of-bounds Write in Polkit_Project Polkit
PwnKit Vulnerability - Local Privilege Escalation - Title:...
Exploit for Out-of-bounds Write in Polkit_Project Polkit
Information Exploit Title: Local Privilege Escalation i...
The Chaos Ransomware Can Be Ravaging
The Qualys Research Team has observed a new version of Chaos ransomware in development. This blog reviews the malware’s updated functionality as well as its ongoing evolution. A ransomware builder called Chaos is still actively under development. The fourth version has recently been observed bein...
CVE-2021-33910: Denial of Service (Stack Exhaustion) in systemd (PID 1)
The Qualys Research Team has discovered a stack exhaustion denial-of-service vulnerability in systemd, a near-ubiquitous utility available on major Linux operating systems. Any unprivileged user can exploit this vulnerability to crash systemd and hence the entire operating system a kernel panic...
Exploit for Off-by-one Error in Sudo_Project Sudo
CVE-2021-3156 Root shell PoC for CVE-2021-3156 no brutef...
Sudo set_cmd() is vulnerable to heap-based buffer overflow
Overview A heap-based overflow has been discovered in the setcmd function in sudo, which may allow a local attacker to execute commands with elevated administrator privileges. Description From the Sudo Main Page: Sudo su "do" allows a system administrator to delegate authority to give certain use...
Exploit for Off-by-one Error in Sudo_Project Sudo
CVE-2021-3156 Root shell PoC for CVE-2021-3156 no brutef...
CVE-2021-3156: Heap-Based Buffer Overflow in Sudo (Baron Samedit)
Update Feb 3, 2021: It has been reported that macOS, AIX, and Solaris are also vulnerable to CVE-2021-3156, and that others may also still be vulnerable. Qualys has not independently verified the exploit. Original Post: The Qualys Research Team has discovered a heap overflow vulnerability in sudo...