CVE-2018-17972

An issue was discovered in the procpidstack function in fs/proc/base.c in the Linux kernel through 4.18.11. It does not ensure that only root may inspect the kernel stack of an arbitrary task, allowing a local attacker to exploit racy stack unwinding and leak kernel task stack contents...

DEBIAN-CVE-2018-17972

An issue was discovered in the procpidstack function in fs/proc/base.c in the Linux kernel through 4.18.11. It does not ensure that only root may inspect the kernel stack of an arbitrary task, allowing a local attacker to exploit racy stack unwinding and leak kernel task stack contents...

CVE-2018-17972

An issue was discovered in the procpidstack function in fs/proc/base.c in the Linux kernel through 4.18.11. It does not ensure that only root may inspect the kernel stack of an arbitrary task, allowing a local attacker to exploit racy stack unwinding and leak kernel task stack contents...

IBM DB2 Elevation of Privilege Vulnerability (CNVD-2018-20056)

IBM DB2 is a set of relational database management system from IBM in the United States. The main execution environments for this system are UNIX, Linux, IBM i, z/OS, and Windows server versions. A privilege extraction vulnerability exists in the Administrative Task Scheduler ATS in IBM DB2...

November 8, 2016 — KB3200970 (OS Build 14393.447)

November 8, 2016 — KB3200970 OS Build 14393.447 This update includes quality improvements and security updates. No new operating system features are being introduced in this update. Key changes include: Improved the reliability of multimedia audio, Remote Desktop, and Internet Explorer 11...

PT-2018-2968 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.20 Description: The issue is related to errors in synchronization when using a shared resource, specifically a race condition in the smp task timedout and smp task done functions in the drivers/scsi/libsas/sas...

Joomla! Component Music Collection 3.0.3 - SQL Injection

Exploit Title: Joomla! Component Music Collection 3.0.3 - SQL Injection Dork: N/A Date: 2018-09-24 Vendor Homepage: http://joomlathat.com/ Software Link: https://extensions.joomla.org/extensions/extension/multimedia/multimedia-players/music-collection/ Version: 3.0.3 Category: Webapps Tested on:...

Microsoft Windows ALPC Task Scheduler Local Privilege Elevation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core/post/file' require 'msf/core/post/windows/priv' require 'msf/core/post/windows/registry' TODO: Do we need this? require 'msf/core/exploit/exe' class...

Microsoft Windows ALPC Task Scheduler Local Privilege Elevation Exploit

On vulnerable versions of Windows the alpc endpoint method SchRpcSetSecurity implemented by the task scheduler service can be used to write arbitrary DACLs to .job files located in c:\windows\tasks because the scheduler does not use impersonation when checking this location. Since users can creat...

CVE-2018-1711

IBM DB2 for Linux, UNIX and Windows includes DB2 Connect Server 9.7, 10.1, 10.5, and 11.1 could allow a local user to to gain privileges due to allowing modification of columns of existing tasks. IBM X-Force ID: 146369...

Microsoft Windows ALPC Task Scheduler Local Privilege Elevation

On vulnerable versions of Windows the alpc endpoint method SchRpcSetSecurity implemented by the task scheduler service can be used to write arbitrary DACLs to .job files located in c:\windows\tasks because the scheduler does not use impersonation when checking this location. Since users can creat...

Microsoft Patches Actively Exploited Bug as Part of Patch Tuesday

UPDATE Microsoft has patched an elevation-of-privilege vulnerability it said is actively being exploited by hackers. The fix was part of Microsoft’s scheduled September Patch Tuesday release, which also included fixes for two other bugs found being used in the wild, including the zero-day found i...

Bad Actors Sizing Up Systems Via Lightweight Recon Malware

Well-known financial crime gang Cobalt Group and other threat actors have recently shifted tactics to incorporate lightweight modular downloaders that “vet” target machines for their attractiveness before proceeding with a full-fledged attack. The emergence of the AdvisorsBot and Marap malwares, ...

Update Rollup 5 for System Center 2016 Orchestrator

Update Rollup 5 for System Center 2016 Orchestrator Introduction This article describes the issues that are fixed in Update Rollup 5 for Microsoft System Center 2016 Orchestrator. This article also contains the installation instructions for this update. Issues that are fixed When you view the...

CEM - Support for COSU Android Enterprise devices - COSU

Objective Support for COSU Android Enterprise devices Endpoint Management supports the management of corporate owned single use COSU Android Enterprise devices. COSU devices fulfill a single use case, such as digital signage, ticket printing, or inventory management. Administrators restrict these...

The vulnerability of the SchRpcSetSecurity function in the Advanced Local Procedure Call interface of the Windows operating system’s task scheduler allows a malicious actor to execute malicious code with SYSTEM privileges.

The vulnerability of the SchRpcSetSecurity function in the Advanced Local Procedure Call ALPC interface of the Windows operating system’s task scheduler is related to deficiencies in access control. Exploiting this vulnerability allows an attacker to execute malicious code with SYSTEM privileges...

Moderate: Red Hat Security Advisory: ansible security update

An update for ansible is now available for Red Hat OpenStack Platform 13.0 Queens. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Hacker Discloses Unpatched Windows Zero-Day Vulnerability (With PoC)

A security researcher has publicly disclosed the details of a previously unknown zero-day vulnerability in the Microsoft's Windows operating system that could help a local user or malicious program obtain system privileges on the targeted machine. And guess what? The zero-day flaw has been...

Microsoft Windows - Advanced Local Procedure Call (ALPC) Local Privilege Escalation

Microsoft Windows - Advanced Local Procedure Call ALPC Local Privilege Escalation Note: PoC will now hijack the print spooler service - spoolsv.exe - as it required less code then hijacking printfilterpipelinesvc.exe, which was shown in the original video demo Description of the vulnerability The...

Microsoft Windows - Advanced Local Procedure Call (ALPC) Local Privilege Escalation Exploit

Exploit for windows platform in category local exploits Note: PoC will now hijack the print spooler service - spoolsv.exe - as it required less code then hijacking printfilterpipelinesvc.exe, which was shown in the original video demo Description of the vulnerability The task scheduler service ha...