Microsoft Windows Kernel 'Win32k.sys' CVE-2015-2381 Local Information Disclosure Vulnerability

Description Microsoft Windows is prone to a local information-disclosure vulnerability. An attacker can leverage this issue to disclose kernel memory and obtain sensitive information that may aid in further attacks. Technologies Affected Avaya CallPilot 4.0 Avaya CallPilot 4.0.1 Avaya CallPilot 5...

Microsoft Windows Kernel 'Win32k.sys' CVE-2015-1725 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to gain elevated privileges. Technologies Affected Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8 for 32-bit...

Microsoft Windows Kernel Mode Driver CVE-2015-1720 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with elevated privileges. Technologies Affected Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsof...

Microsoft Windows Kernel CVE-2015-1674 Local Security Bypass Vulnerability

Description Microsoft Windows is prone to a local security-bypass vulnerability. A local attacker can leverage this issue to bypass certain security restrictions and perform unauthorized actions. Technologies Affected Microsoft Windows 8 for 32-bit Systems Microsoft Windows 8 for 64-bit Systems...

Common Reverse Shells

If you’re lucky enough to find a remote command execution vulnerability, you’ll more often than not want to connect back to your attacking machine to leverage an interactive shell. Below are a collection of reverse shells that use commonly installed programming languages, or commonly installed...

Microsoft Windows Kernel CVE-2015-0075 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to gain elevated privileges on the affected system. Technologies Affected Avaya CallPilot 4.0 Avaya CallPilot 4.0.1 Avaya CallPilot 5.1.0 Avaya Meeting Exchange - Client...

Reverse Shells With Terminal Support: revsh

revsh is a tool for establishing reverse shells with terminal support, reverse VPNs for advanced pivoting Pivoting , as well as arbitrary data tunneling. A reverse shell is a network connection that grants shell access to a remote host. As opposed to other remote login tools such as telnet and ss...

Microsoft Windows Kernel 'Win32k.sys' CVE-2015-0058 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with elevated privileges and gain access to kernel memory. Technologies Affected Microsoft Windows 8 for 32-bit Systems Microsoft Windows 8 for...

Microsoft Windows Kernel 'Win32k.sys' CVE-2015-0003 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker with local access could potentially exploit this issue to gain elevated privileges. Technologies Affected Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1...

BASHLITE Malware leverages ShellShock Bug to Hijack Devices Running BusyBox

Cyber criminals are using new malware variants by exploiting GNU Bash vulnerability referred to as ShellShock CVE-2014-6271 in order to infect embedded devices running BusyBox software, according to a researcher. A new variant of "Bashlite" malware targeting devices running BusyBox software was...

The Bash Vulnerability: How to Protect your Environment

A recently discovered hole in the security of the Bourne-Again Shell bash has the majority of Unix/Linux including OS X admins sweating bullets. You should be, too--attackers have already developed exploits to unleash on unpatched web servers, network services and daemons that use shell scripts...

[CVE- Requested][Vembu Storegrid - Multiple Critical Vulnerabilities]

Advisory Overview Multiple vulnerabilities exist in the Vembu Storegrid Backup and Disaster Recovery solution affecting both the client and server software see Additional Information section include but are not limited to reflected XSS, source code/sensitive information disclosure, privilege...

Microsoft Windows Kernel 'Win32k.sys' CVE-2014-4113 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with elevated privileges and gain access to kernel memory. Technologies Affected Microsoft Exchange Server 2003 SP2 Microsoft Windows 7 for 32-bi...

Mandriva Linux Security Advisory : glibc (MDVSA-2014:152)

Updated glibc packages fix security issues : Stephane Chazelas discovered that directory traversal issue in locale handling in glibc. glibc accepts relative paths with .. components in the LC and LANG variables. Together with typical OpenSSH configurations with suitable AcceptEnv settings in...

Xcode OpenBase <= 10.0.0 (symlink) Local Root Exploit (OSX)

No description provided by source. !/usr/bin/perl http://www.digitalmunition.com written by kf kflistsatdigitalmunitiondotcom = ftp://www.openbase.com/pub/OpenBase10.0 vulnerable ? Create a new file anywhere on the filesystem with rw-rw-rw privs. Sorry you can NOT overwrite existing files. Writin...

GarageSales Remote Upload Vulnerability

No description provided by source. Exploit Title: GarageSales Remote Upload Vulnerability Date: 06/04/2010 Author: saidinh0 Software Link: N/A Version: 2004/2008 Tested on: Linux/unix CVE : if exists Code : N/A Email : [email protected] | Intorduction :| Hi everybody , This my first bug Remote Uplo...

Vulnerabilities within Mura CMS / Sitecore MCS / SmarterMail

These vulnerabilities allow for a complete take over giving full administrative access as well as remote shells on the servers that they are installed on. Each of these suffer from Insecure Direct Object Reference Vulnerabilities. Due to the details of the attack and screen shots, they can be fou...

Microsoft Windows Kernel 'NDProxy.sys' Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of the affected...

[HTSHELLS] Self contained web shells and other attacks via .htaccess files

Attacks are named in the following fashion, module.attack.htaccess and grouped by attack type in directories. Pick the one you need and copy it to a new file named .htaccess, check the file to see if it needs editing before you upload it. Web shells executes commands from the query parameter c,...

Microsoft Windows Ancillary Function Driver CVE-2013-3887 Local Information Disclosure Vulnerability

Description Microsoft Windows is prone to a local information-disclosure vulnerability. An attacker can leverage this issue to disclose kernel memory and obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Windows 7 for x64-based Systems SP1 Microsoft...