Lucene search
K

4 matches found

0day.today
0day.today
added 2020/04/03 12:0 a.m.328 views

VMware Fusion USB Arbitrator Setuid Privilege Escalation Exploit

This Metasploit module exploits an improper use of setuid binaries within VMware Fusion versions 10.1.3 through 11.5.3. The Open VMware USB Arbitrator Service can be launched outside of its standard path which allows loading of an attacker controlled binary. By creating a payload in the user home...

7.8CVSS0.3AI score0.07254EPSS
Exploits10
Packet Storm
Packet Storm
added 2020/04/03 12:0 a.m.296 views

VMware Fusion USB Arbitrator Setuid Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'VMware Fusion USB Arbitrator Setuid Privilege Escalation', 'Description' = %q This exploits an improper use of setuid binaries within VMware Fusi...

7.2CVSS1.2AI score0.07254EPSS
Exploits10
FreeBSD
FreeBSD
added 2019/08/06 12:0 a.m.30 views

mongodb -- Bump Windows package dependencies

Rich Mirch reports: An unprivileged user or program on Microsoft Windows which can create OpenSSL configuration files in a fixed location may cause utility programs shipped with MongoDB server versions less than 4.0.11, 3.6.14, and 3.4.22 to run attacker defined code as the user running the utili...

8.2CVSS4.7AI score0.01011EPSS
Exploits0References1
OpenSSL
OpenSSL
added 2019/07/30 12:0 a.m.115 views

Vulnerability in OpenSSL - Windows builds with insecure path defaults

OpenSSL has internal defaults for a directory tree where it can find a configuration file as well as certificates used for verification in TLS. This directory is most commonly referred to as OPENSSLDIR, and is configurable with the –prefix / –openssldir configuration options. For OpenSSL versions...

4.8AI score0.00678EPSS
Exploits0Affected Software1
Rows per page
Query Builder