F5 Networks BIG-IP : Rowhammer hardware vulnerability (K60570139)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K60570139 advisory. - Modern DRAM chips DDR4 and LPDDR4 after 2015 are affected by a vulnerability in deployment of internal mitigations...

CVE-2022-39245 Mist vulnerable to user providing a Sudo binary for authentication checks

Mist is the command-line interface for the makedeb Package Repository. Prior to version 0.9.5, a user-provided sudo binary via the PATH variable can allow a local user to run arbitrary commands on the user's system with root permissions. Versions 0.9.5 and later contain a patch. No known...

CVE-2022-39245 Mist vulnerable to user providing a Sudo binary for authentication checks

Mist is the command-line interface for the makedeb Package Repository. Prior to version 0.9.5, a user-provided sudo binary via the PATH variable can allow a local user to run arbitrary commands on the user's system with root permissions. Versions 0.9.5 and later contain a patch. No known...

CVE-2020-10255

Modern DRAM chips DDR4 and LPDDR4 after 2015 are affected by a vulnerability in deployment of internal mitigations against RowHammer attacks known as Target Row Refresh TRR, aka the TRRespass issue. To exploit this vulnerability, the attacker needs to create certain access patterns to trigger bit...

CVE-2020-10255

The CVE-2020-10255/TRRRespass issue affects modern memory (DDR4/LPDDR4 after 2015) where Target Row Refresh mitigations can be bypassed by rowhammer patterns. Documents in connected sources confirm this can allow privilege escalation, kernel/Sudo compromise, and cross-tenant VM access via bit fli...

CVE-2020-10255

Modern DRAM chips DDR4 and LPDDR4 after 2015 are affected by a vulnerability in deployment of internal mitigations against RowHammer attacks known as Target Row Refresh TRR, aka the TRRespass issue. To exploit this vulnerability, the attacker needs to create certain access patterns to trigger bit...

Mac OS X libxpc MITM Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Mac OS X libxpc MITM Privilege Escalation', 'Description' = %q This module exploits a vulnerablity in libxpc on macOS MSFLICENSE, 'Author' =...

Mac OS X libxpc MITM Privilege Escalation

This module exploits a vulnerablity in libxpc on macOS 'Mac OS X libxpc MITM Privilege Escalation', 'Description' = %q This module exploits a vulnerablity in libxpc on macOS = 10.13.3 The tasksetspecialport API allows callers to overwrite their bootstrap port, which is used to communicate with...

Mac OS X Sudo Password Bypass Vulnerability

This Metasploit module gains a session with root permissions on versions of OS X with sudo binary vulnerable to CVE-2013-1775. Tested working on Mac OS 10.7-10.8.4, and possibly lower versions. If your session belongs to a user with Administrative Privileges the user is in the sudoers file and is...

sudo.bin - NLSPATH Privilege Escalation

sudo.bin - NLSPATH Privilege Escalation include include include include include define PATHSUDO "/usr/bin/sudo.bin" define BUFFERSIZE 1024 define DEFAULTOFFSET 50 ulong getesp asm"movl %esp, %eax"; mainint argc, char argv uchar execshell =...