Kingsoft Antivirus/Internet Security 9+ - Local Privilege Escalation

""" Kingsoft Antivirus/Internet Security 9+ Kernel Stack Buffer Overflow Privilege Escalation Vulnerability Anti-Virus: http://www.kingsoft.co/downloads/kav/KAV100720ENUDOWN33102010.rar Internet Security: http://www.kingsoft.co/downloads/kis/kis.rar Summary: ======== This vulnerability allows loc...

CVE-2017-1000437

Creolabs Gravity 1.0 contains a stack based buffer overflow in the operatorstringadd function, resulting in remote code execution...

CVE-2017-1000437

Creolabs Gravity 1.0 contains a stack based buffer overflow in the operatorstringadd function, resulting in remote code execution...

ALLMediaServer 0.95 - Remote Buffer Overflow (Metasploit)

ALLMediaServer 0.95 - Remote Buffer Overflow Metasploit require 'msf/core' class Metasploit4 'ALLMediaServer 0.95 Buffer Overflow', 'Description' = %q This module exploits a stack buffer overflow in ALLMediaServer 0.95. The vulnerability is caused due to a boundary error within the handling of HT...

ALLMediaServer 0.95 - Remote Buffer Overflow (Metasploit)

require 'msf/core' class Metasploit4 'ALLMediaServer 0.95 Buffer Overflow', 'Description' = %q This module exploits a stack buffer overflow in ALLMediaServer 0.95. The vulnerability is caused due to a boundary error within the handling of HTTP request. , 'License' = MSFLICENSE, 'Author' = 'Anurag...

ALLMediaServer 0.95 - Buffer Overflow (Metasploit) Exploit

Exploit for windows platform in category remote exploits require 'msf/core' class Metasploit4 'ALLMediaServer 0.95 Buffer Overflow', 'Description' = %q This module exploits a stack buffer overflow in ALLMediaServer 0.95. The vulnerability is caused due to a boundary error within the handling of...

Kingsoft Antivirus/Internet Security 9+ Privilege Escalation

Vulnerability Summary The following advisory describes a kernel stack buffer overflow that leads to privilege escalation found in Kingsoft Antivirus/Internet Security 9+. Kingsoft Antivirus “provides effective and efficient protection solution at no cost to users. It applies cloud security...

Asus_DeleteOfflineClientOverflow

Vulnerability: Stack buffer overflow in httpd ------------------------------------------ Exploitation: Can control the $pc. Use together with a session hijack vulnerability or in a csrf attack, can remote code execution and then get a connectback shell. ------------------------------------------...

CVE-2017-17806

The HMAC implementation crypto/hmac.c in the Linux kernel, before 4.14.8, does not validate that the underlying cryptographic hash algorithm is unkeyed. This allows a local attacker, able to use the AFALG-based hash interface CONFIGCRYPTOUSERAPIHASH and the SHA-3 hash algorithm CONFIGCRYPTOSHA3, ...

Stack overflow

The HMAC implementation crypto/hmac.c in the Linux kernel before 4.14.8 does not validate that the underlying cryptographic hash algorithm is unkeyed, allowing a local attacker able to use the AFALG-based hash interface CONFIGCRYPTOUSERAPIHASH and the SHA-3 hash algorithm CONFIGCRYPTOSHA3 to caus...

CVE-2017-17806

The HMAC implementation crypto/hmac.c in the Linux kernel before 4.14.8 does not validate that the underlying cryptographic hash algorithm is unkeyed, allowing a local attacker able to use the AFALG-based hash interface CONFIGCRYPTOUSERAPIHASH and the SHA-3 hash algorithm CONFIGCRYPTOSHA3 to caus...

CDex 1.96 - Buffer Overflow (PoC)

CDex 1.96 - Buffer Overflow PoC !/usr/bin/python Exploit Author: bzyo Twitter: @bzyo Exploit Title: CDex 1.96 - Local Stack Buffer Overflow Date: 17-12-2017 Vulnerable Software: CDex 1.96 Unicode Build Vendor Homepage: http://cdex.mu/ Version: v1.96 Software Link: http://cdex.mu/?q=download Teste...

CDex 1.96 - Buffer Overflow (PoC)

!/usr/bin/python Exploit Author: bzyo Twitter: @bzyo Exploit Title: CDex 1.96 - Local Stack Buffer Overflow Date: 17-12-2017 Vulnerable Software: CDex 1.96 Unicode Build Vendor Homepage: http://cdex.mu/ Version: v1.96 Software Link: http://cdex.mu/?q=download Tested On: Windows 7 x32 PoC: generat...

IBM Db2 Stack Buffer Overflow Vulnerability (Dec 2017)

IBM Db2 is prone to stack buffer overflow vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:ibm:db2"; ifdescription...

openthread/radio-receive-done-fuzzer: Stack-buffer-overflow in ot::Mle::RouteTlv::GetRouteCost

Project: https://github.com/openthread/openthread.git Detailed report: https://oss-fuzz.com/testcase?key=5295064105353216 Project: openthread Fuzzer: aflopenthreadradio-receive-done-fuzzer Fuzz target binary: radio-receive-done-fuzzer Job Type: aflasanopenthread Platform Id: linux Crash Type:...

Dup Scout Enterprise 10.0.18 Buffer Overflow Exploit

This Metasploit module exploits a stack buffer overflow in Dup Scout Enterprise version 10.0.18. The buffer overflow exists via the web interface during login. This gives NT AUTHORITY\SYSTEM access. This module requires Metasploit: https://metasploit.com/download Current source:...

Advantech WebAccess 8.2-2017.03.31 - Webvrpcs Service Opcode 80061 Stack Buffer Overflow (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Advantech WebAccess Webvrpcs Service Opcode 80061 Stack Buffer Overflow', 'Description' = %q This module exploits a stack buffer overflow in...

Dup Scout Enterprise 10.0.18 Buffer Overflow

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Dup Scout Enterprise Login Buffer Overflow', 'Description' = %q This module exploits a stack buffer overflow in Dup Scout Enterprise 10.0.18. The...

Advantech WebAccess 8.2 Stack Buffer Overflow

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Advantech WebAccess Webvrpcs Service Opcode 80061 Stack Buffer Overflow', 'Description' = %q This module exploits a stack buffer overflow in...

llvm/clang-fuzzer: Stack-buffer-overflow in clang::expandUCNs

Project: https://github.com/llvm/llvm-project.git Detailed report: https://oss-fuzz.com/testcase?key=5041559499177984 Project: llvm Fuzzer: libFuzzerllvmclang-fuzzer Fuzz target binary: clang-fuzzer Job Type: libfuzzerasanllvm Platform Id: linux Crash Type: Stack-buffer-overflow READ 1 Crash...