Lucene search
K

131 matches found

Gitee
Gitee
added 2020/03/11 8:27 p.m.6 views

lua-resty-waf

This repository is an exploit module/toolkit targeting OpenResty, a high-performance web server built on the Nginx core. The primary vulnerability class/vector is not explicitly stated, but based on the code and metadata, it appears to be a remote code execution RCE vulnerability. The probable...

8AI score
Exploits0
exploitpack
exploitpack
added 2019/11/29 12:0 a.m.44 views

Bash 5.0 Patch 11 - SUID Priv Drop Exploit

Bash 5.0 Patch 11 - SUID Priv Drop Exploit Exploit Title : Bash 5.0 Patch 11 - SUID Priv Drop Exploit Date : 2019-11-29 Original Author: Ian Pudney , Chet Ramey Exploit Author : Mohin Paramasivam Shad0wQu35t Version : pwn.c cat pwn.c include...

7.2CVSS0.02608EPSS
Exploits5
Packet Storm
Packet Storm
added 2019/11/29 12:0 a.m.343 views

Bash 5.0 Patch 11 Privilege Escalation

Exploit Title : Bash 5.0 Patch 11 - SUID Priv Drop Exploit Date : 2019-11-29 Original Author: Ian Pudney , Chet Ramey Exploit Author : Mohin Paramasivam Shad0wQu35t Version : pwn.c cat E...

0.6AI score0.02608EPSS
Exploits5
Prion
Prion
added 2019/11/28 1:15 a.m.22 views

Design/Logic Flaw

An issue was discovered in disableprivmode in shell.c in GNU Bash through 5.0 patch 11. By default, if Bash is run with its effective UID not equal to its real UID, it will drop privileges by setting its effective UID to its real UID. However, it does so incorrectly. On Linux and other systems th...

7.2CVSS7.5AI score0.02608EPSS
Exploits5References7Affected Software3
CVE
CVE
added 2019/11/28 12:27 a.m.364 views

CVE-2019-18276

CVE-2019-18276 affects GNU Bash up to 5.0 patch 11, where disable_priv_mode in shell.c incorrectly drops privileges when UID real != effective, leaving the saved UID intact. An attacker with shell command execution can use enable -f to load a new builtin (shared object) that calls setuid(), regai...

7.8CVSS7.5AI score0.02608EPSS
Exploits5References7Affected Software1
Metasploit
Metasploit
added 2019/10/21 6:14 a.m.56 views

Solaris xscreensaver log Privilege Escalation

This module exploits a vulnerability in xscreensaver versions since 5.06 on unpatched Solaris 11 systems which allows users to gain root privileges. xscreensaver allows users to create a user-owned file at any location on the filesystem using the -log command line argument introduced in version...

8.8CVSS7AI score0.13506EPSS
Exploits8
Exploit DB
Exploit DB
added 2019/01/24 12:0 a.m.107 views

AddressSanitizer (ASan) - SUID Executable Privilege Escalation (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'AddressSanitizer ASan SUID Executable Privilege Escalation', 'Description' = %q This module attempts to gain root privileges on Linux systems usi...

7.4AI score
Exploits0
0day.today
0day.today
added 2019/01/24 12:0 a.m.57 views

AddressSanitizer (ASan) - SUID Executable Privilege Escalation Exploit

This Metasploit module attempts to gain root privileges on Linux systems using setuid executables compiled with AddressSanitizer ASan. ASan configuration related environment variables are permitted when executing setuid executables built with libasan. The logpath option can be set using the...

0.7AI score
Exploits0
Packet Storm
Packet Storm
added 2019/01/23 12:0 a.m.46 views

AddressSanitizer (ASan) SUID Executable Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'AddressSanitizer ASan SUID Executable Privilege Escalation', 'Description' = %q This module attempts to gain root privileges on Linux systems usi...

1.3AI score
Exploits0
Metasploit
Metasploit
added 2019/01/12 9:14 a.m.61 views

AddressSanitizer (ASan) SUID Executable Privilege Escalation

This module attempts to gain root privileges on Linux systems using setuid executables compiled with AddressSanitizer ASan. ASan configuration related environment variables are permitted when executing setuid executables built with libasan. The logpath option can be set using the ASANOPTIONS...

7.6AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/01/09 12:0 a.m.36 views

Apache 2.4.x < 2.4.2 'LD_LIBRARY_PATH' Insecure Library Loading

According to its banner, the version of Apache 2.4.x running on the remote host is prior to 2.4.2. It is, therefore, potentially affected by an insecure library loading issue. The utility 'apachectl' can receive a zero-length directory name in the LDLIBRARYPATH via the 'envvars' file. A local...

6.9CVSS7AI score0.00946EPSS
Exploits4References4
Packet Storm
Packet Storm
added 2018/09/25 12:0 a.m.118 views

Solaris EXTREMEPARR dtappgather Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Solaris 'EXTREMEPARR' dtappgather Privilege Escalation", 'Description' = %q This module exploits a directory traversal vulnerability in the...

7.2CVSS0.7AI score0.05339EPSS
Exploits4
Exploit DB
Exploit DB
added 2018/09/25 12:0 a.m.34 views

Solaris - &#039;EXTREMEPARR&#039; dtappgather Privilege Escalation (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Solaris 'EXTREMEPARR' dtappgather Privilege Escalation", 'Description' = %q This module exploits a directory traversal vulnerability in the...

7.8CVSS7.4AI score0.05339EPSS
Exploits4
0day.today
0day.today
added 2018/09/25 12:0 a.m.113 views

Solaris EXTREMEPARR dtappgather Privilege Escalation Exploit

This Metasploit module exploits a directory traversal vulnerability in the dtappgather executable included with Common Desktop Environment CDE on unpatched Solaris systems prior to Solaris 10u11 which allows users to gain root privileges. dtappgather allows users to create a user-owned directory ...

7.8CVSS0.2AI score0.05339EPSS
Exploits4
Metasploit
Metasploit
added 2018/09/18 7:23 a.m.53 views

Solaris 'EXTREMEPARR' dtappgather Privilege Escalation

This module exploits a directory traversal vulnerability in the dtappgather executable included with Common Desktop Environment CDE on unpatched Solaris systems prior to Solaris 10u11 which allows users to gain root privileges. dtappgather allows users to create a user-owned directory at any...

7.8CVSS7AI score0.05339EPSS
Exploits4
0day.today
0day.today
added 2018/09/18 12:0 a.m.90 views

Solaris libnspr NSPR_LOG_FILE Privilege Escalation Exploit

This Metasploit module exploits an arbitrary file write vulnerability in the Netscape Portable Runtime library libnspr on unpatched Solaris systems prior to Solaris 10u3 which allows users to gain root privileges. libnspr versions prior to 4.6.3 allow users to specify a log file with the...

3.6CVSS0.6AI score0.07683EPSS
Exploits27
Metasploit
Metasploit
added 2018/09/11 8:11 a.m.26 views

Solaris libnspr NSPR_LOG_FILE Privilege Escalation

This module exploits an arbitrary file write vulnerability in the Netscape Portable Runtime library libnspr on unpatched Solaris systems prior to Solaris 10u3 which allows users to gain root privileges. libnspr versions prior to 4.6.3 allow users to specify a log file with the NSPRLOGFILE...

3.6CVSS0.7AI score0.07683EPSS
Exploits27
0day.today
0day.today
added 2018/04/01 12:0 a.m.80 views

glibc LD_AUDIT libmemusage.so RHEL-Based Arbitrary DSO Load Privilege Escalation Exploit

Exploit for linux platform in category local exploits require 'msf/core/exploit/local/linux' require 'msf/core/exploit/exe' class MetasploitModule 'glibc LDAUDIT libmemusage.so RHEL-Based Arbitrary DSO Load Privilege Escalation', 'Description' = %q This module attempts to gain root privileges on...

7.2CVSS6.5AI score0.09454EPSS
Exploits35
Exploit DB
Exploit DB
added 2018/02/12 12:0 a.m.73 views

glibc - &#039;LD_AUDIT&#039; Arbitrary DSO Load Privilege Escalation (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core/exploit/local/linux' require 'msf/core/exploit/exe' class MetasploitModule 'glibc LDAUDIT Arbitrary DSO Load Privilege Escalation', 'Description' = %q...

8.3AI score
Exploits0
Packet Storm
Packet Storm
added 2018/01/05 12:0 a.m.66 views

VMware Workstation ALSA Config File Local Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'VMware Workstation ALSA Config File Local Privilege Escalation', 'Description' = %q This module exploits a vulnerability in VMware Workstation Pr...

7.2CVSS7.6AI score0.05413EPSS
Exploits11
Rows per page
Query Builder