CVE-2015-9190

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear IPQ4019, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 600, SD 615/16/SD 415, SD 808, and SD 810, if startaddr + size is too large i...

CVE-2015-9190

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear IPQ4019, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 600, SD 615/16/SD 415, SD 808, and SD 810, if startaddr + size is too large i...

Cisco AnyConnect SBL 4.3.04027 Local Privilege Escalation (CVE-2017-3813)

Run CMD.EXE with system privileges 1. Start Cisco anyconnect from logon screen. 2. Once the Cisco app comes up where you can select a profile and hit connect hold CTRL and hit B. 3. When the Cisco about window appears then select the URL at the bottom. This will open Internet Explorer or you can...

Cisco AnyConnect SBL 4.3.04027 Local Privilege Escalation

Exploit Title: Cisco AnyConnect Start Before Logon SBL local privilege escalation. CVE-2017-3813 Date: 02/27/2017 Exploit Author: @Pcchillin Software Link: http://www.cisco.com/c/en/us/support/security/anyconnect-secure-mobility-client/tsd-products-support-series-home.html Version: 4.3.04027 and...

Cisco AnyConnect Secure Mobility Client 4.3.04027 - Local Privilege Escalation

Cisco AnyConnect Secure Mobility Client 4.3.04027 - Local Privilege Escalation Exploit Title: Cisco AnyConnect Start Before Logon SBL local privilege escalation. CVE-2017-3813 Date: 02/27/2017 Exploit Author: @Pcchillin Software Link:...

Cisco AnyConnect Secure Mobility Client 4.0.x < 4.3.05017 / 4.4.x < 4.4.00243 SBL Module Privilege Escalation

The version of Cisco AnyConnect Secure Mobility Client installed on the remote Windows host is 4.0.x prior to 4.3.05017 or 4.4.x prior to 4.4.00243. It is, therefore, affected by a privilege escalation vulnerability in the Start Before Logon SBL module due to insufficient access controls. A local...

CVE-2017-3813

CVE-2017-3813 | Cisco AnyConnect Secure Mobility Client for Windows contains a Start Before Logon (SBL) privilege-escalation vulnerability. The issue arises from insufficient access controls in the SBL module, allowing an unauthenticated, local attacker to start Internet Explorer with SYSTEM priv...

Cisco AnyConnect Secure Mobility Client for Windows SBL Privileges Escalation Vulnerability

A vulnerability in the Start Before Logon SBL module of Cisco AnyConnect Secure Mobility Client Software for Windows could allow an unauthenticated, local attacker to open Internet Explorer with the privileges of the SYSTEM user. The vulnerability is due to insufficient implementation of the acce...

CVE-2011-2041

The Start Before Logon SBL functionality in Cisco AnyConnect Secure Mobility Client formerly AnyConnect VPN Client before 2.3.254 on Windows, and on Windows Mobile, allows local users to gain privileges via unspecified user-interface interaction, aka Bug ID CSCta40556...

Code injection

The Start Before Logon SBL functionality in Cisco AnyConnect Secure Mobility Client formerly AnyConnect VPN Client before 2.3.254 on Windows, and on Windows Mobile, allows local users to gain privileges via unspecified user-interface interaction, aka Bug ID CSCta40556...

CVE-2011-2041

The Start Before Logon SBL functionality in Cisco AnyConnect Secure Mobility Client formerly AnyConnect VPN Client before 2.3.254 on Windows, and on Windows Mobile, allows local users to gain privileges via unspecified user-interface interaction, aka Bug ID CSCta40556...

CVE-2011-2041

CVE-2011-2041 describes a Local Privilege Escalation in Cisco AnyConnect Secure Mobility Client on Windows (and Windows Mobile) via the Start Before Logon (SBL) UI. Unprivileged users can elevate to LocalSystem by interacting with the GUI at the Windows logon screen. The issue is restricted to Wi...

openSUSE Security Update : sbl (sbl-515)

A buffer overflow in the sbl package has been fixed. Incoming data and authentication-strings have not been checked properly. CVE-2009-0310 has been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted...

openSUSE 10 Security Update : sbl (sbl-5992)

A buffer overflow in the sbl package has been fixed. Incoming data and authentication-strings have not been checked properly. CVE-2009-0310 has been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted...

Windows平台的Cisco VPN客户端多个本地权限提升漏洞

BUGTRAQ ID: 25332 Cisco VPN客户端允许用户创建到支持Cisco VPN设备的IPSec VPN隧道。 Microsoft Windows的Cisco VPN客户端中存在两个漏洞，允许本地非特权用户提升权限。 1. 通过Microsoft Windows拨号网络接口的本地权限提升 非特权用户可以通过启用Start Before Logon（SBL）功能并配置VPN配置使用Microsoft拨号网络接口将权限提升到LocalSystem帐号用户的权限。如果同时启用并配置了这两个设置，就可以在Windows登录窗口中使用Cisco...

CVE-2007-4414

Cisco VPN Client on Windows before 4.8.02.0010 allows local users to gain privileges by enabling the "Start Before Logon" SBL and Microsoft Dial-Up Networking options, and then interacting with the dial-up networking dialog box...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in 4print.asp in WmsCMS 2.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 sbl, 2 sbr, or 3 search parameter. NOTE: the original disclosure claims the pageid parameter in index.php is affected, but this is...

CVE-2007-3137

Multiple cross-site scripting XSS vulnerabilities in 4print.asp in WmsCMS 2.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 sbl, 2 sbr, or 3 search parameter. NOTE: the original disclosure claims the pageid parameter in index.php is affected, but this is...