Microsoft Windows Shell Security Feature CVE-2015-2465 Local Security Bypass Vulnerability

Description Microsoft Windows is prone to a local security-bypass vulnerability. Local attackers can exploit this issue to bypass certain security restrictions and execute arbitrary code by exploiting another vulnerability in the application. Successful exploits may lead to other attacks...

Emissary Panda APT Group Gets Selective About Data it Steals

LAS VEGAS – The Emissary Panda APT group has a long history of invading Western organizations—be they enterprises, government or political outfits—hungry for reams of intellectual property. Lately the group, however, has become a little more selective about what it steals. Researchers at Dell...

Microsoft Windows Kernel 'Win32k.sys' CVE-2015-2366 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Avaya CallPilot 4.0 Avaya CallPilot 4.0.1 Avaya CallPilot 5.0 Avaya CallPilot 5.0....

Microsoft Windows Kernel 'Win32k.sys' CVE-2015-2381 Local Information Disclosure Vulnerability

Description Microsoft Windows is prone to a local information-disclosure vulnerability. An attacker can leverage this issue to disclose kernel memory and obtain sensitive information that may aid in further attacks. Technologies Affected Avaya CallPilot 4.0 Avaya CallPilot 4.0.1 Avaya CallPilot 5...

Microsoft Windows Kernel Mode Driver CVE-2015-1720 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with elevated privileges. Technologies Affected Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsof...

Microsoft Windows Kernel 'Win32k.sys' CVE-2015-1725 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to gain elevated privileges. Technologies Affected Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8 for 32-bit...

Microsoft Windows Kernel CVE-2015-1674 Local Security Bypass Vulnerability

Description Microsoft Windows is prone to a local security-bypass vulnerability. A local attacker can leverage this issue to bypass certain security restrictions and perform unauthorized actions. Technologies Affected Microsoft Windows 8 for 32-bit Systems Microsoft Windows 8 for 64-bit Systems...

Common Reverse Shells

If you’re lucky enough to find a remote command execution vulnerability, you’ll more often than not want to connect back to your attacking machine to leverage an interactive shell. Below are a collection of reverse shells that use commonly installed programming languages, or commonly installed...

Microsoft Windows Kernel CVE-2015-0075 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to gain elevated privileges on the affected system. Technologies Affected Avaya CallPilot 4.0 Avaya CallPilot 4.0.1 Avaya CallPilot 5.1.0 Avaya Meeting Exchange - Client...

Reverse Shells With Terminal Support: revsh

revsh is a tool for establishing reverse shells with terminal support, reverse VPNs for advanced pivoting Pivoting , as well as arbitrary data tunneling. A reverse shell is a network connection that grants shell access to a remote host. As opposed to other remote login tools such as telnet and ss...

Microsoft Windows Kernel 'Win32k.sys' CVE-2015-0003 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker with local access could potentially exploit this issue to gain elevated privileges. Technologies Affected Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1...

Microsoft Windows Kernel 'Win32k.sys' CVE-2015-0058 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with elevated privileges and gain access to kernel memory. Technologies Affected Microsoft Windows 8 for 32-bit Systems Microsoft Windows 8 for...

BASHLITE Malware leverages ShellShock Bug to Hijack Devices Running BusyBox

Cyber criminals are using new malware variants by exploiting GNU Bash vulnerability referred to as ShellShock CVE-2014-6271 in order to infect embedded devices running BusyBox software, according to a researcher. A new variant of "Bashlite" malware targeting devices running BusyBox software was...

The Bash Vulnerability: How to Protect your Environment

A recently discovered hole in the security of the Bourne-Again Shell bash has the majority of Unix/Linux including OS X admins sweating bullets. You should be, too--attackers have already developed exploits to unleash on unpatched web servers, network services and daemons that use shell scripts...

[CVE- Requested][Vembu Storegrid - Multiple Critical Vulnerabilities]

Advisory Overview Multiple vulnerabilities exist in the Vembu Storegrid Backup and Disaster Recovery solution affecting both the client and server software see Additional Information section include but are not limited to reflected XSS, source code/sensitive information disclosure, privilege...

Microsoft Windows Kernel 'Win32k.sys' CVE-2014-4113 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with elevated privileges and gain access to kernel memory. Technologies Affected Microsoft Exchange Server 2003 SP2 Microsoft Windows 7 for 32-bi...

Mandriva Linux Security Advisory : glibc (MDVSA-2014:152)

Updated glibc packages fix security issues : Stephane Chazelas discovered that directory traversal issue in locale handling in glibc. glibc accepts relative paths with .. components in the LC and LANG variables. Together with typical OpenSSH configurations with suitable AcceptEnv settings in...

GarageSales Remote Upload Vulnerability

No description provided by source. Exploit Title: GarageSales Remote Upload Vulnerability Date: 06/04/2010 Author: saidinh0 Software Link: N/A Version: 2004/2008 Tested on: Linux/unix CVE : if exists Code : N/A Email : [email protected] | Intorduction :| Hi everybody , This my first bug Remote Uplo...

Xcode OpenBase <= 10.0.0 (symlink) Local Root Exploit (OSX)

No description provided by source. !/usr/bin/perl http://www.digitalmunition.com written by kf kflistsatdigitalmunitiondotcom = ftp://www.openbase.com/pub/OpenBase10.0 vulnerable ? Create a new file anywhere on the filesystem with rw-rw-rw privs. Sorry you can NOT overwrite existing files. Writin...

Vulnerabilities within Mura CMS / Sitecore MCS / SmarterMail

These vulnerabilities allow for a complete take over giving full administrative access as well as remote shells on the servers that they are installed on. Each of these suffer from Insecure Direct Object Reference Vulnerabilities. Due to the details of the attack and screen shots, they can be fou...