Microsoft Windows (x86) - Task Scheduler' .job' Import Arbitrary Discretionary Access Control List Write / Local Privilege Escalation

Task Scheduler .job import arbitrary DACL write Tested on: Windows 10 32-bit Bug information: There are two folders for tasks. c:\windows\tasks c:\windows\system32\tasks The first one is only there for legacy purposes. The second one gets used by the task scheduler. In the old days i.e windows xp...

Microsoft Windows Task Scheduler SetJobFileSecurityByName privilege escalation vulnerability

Overview Microsoft Windows contains a privilege escalation vulnerability in the way that theTask Scheduler SetJobFileSecurityByName function is used, which can allow an authenticated attacker to gain SYSTEM privileges on an affected system. Description Task Scheduler is a set of Microsoft Windows...

Information Disclosure

Linux kernel is vulnerable to information disclosure vulnerability. The vulnerability exists in the procpidstack function in fs/proc/base.c in the Linux kernel. Local attackers could obtain kernel task stack contents that may lead to further attacks...

Authorization Bypass

PolicyKit is vulnerable to authorization bypass attacks. This occurs when authentication is performed by a non-root user to perform an administrative task which may lead to an authentication crash temporarily. A local attacker could use this flaw to gain access to elevated privileges...

Kernel: FPU state information leakage via lazy FPU restore

A Floating Point Unit FPU state information leakage flaw was found in the way the Linux kernel saved and restored the FPU state during task switch. Linux kernels that follow the "Lazy FPU Restore" scheme are vulnerable to the FPU state information leakage issue. An unprivileged local attacker cou...

Fedora Update for php-horde-nag FEDORA-2018-8ab75bcc08

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

UBUNTU-CVE-2018-20836

An issue was discovered in the Linux kernel before 4.20. There is a race condition in smptasktimedout and smptaskdone in drivers/scsi/libsas/sasexpander.c, leading to a use-after-free...

CVE-2018-4073

An exploitable Permission Assignment vulnerability exists in the ACEManager EmbeddedAceSetTask.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. The the binary the endpoint /cgi-bin/EmbededAceTLSetTask.cgi is a very similar endpoint that is designed for use with setting table values th...

CVE-2018-4072

An exploitable Permission Assignment vulnerability exists in the ACEManager EmbeddedAceSetTask.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. The EmbeddedAceSetTask.cgi executable is used to change MSCII configuration values within the configuration manager of the AirLink ES450. Thi...

CVE-2018-4070

An exploitable Information Disclosure vulnerability exists in the ACEManager EmbeddedAceGetTask.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. This binary does not have any restricted configuration settings, so once the MSCIID is discovered, any authenticated user can send...

The vulnerability of the “Security Management Center” component of the Dr.Web Enterprise Security Suite allows a hacker to execute HTML code.

The vulnerability of the “Security Management Center” component of the Dr.Web Enterprise Security Suite exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to inject arbitrary HTML code into the user’s browser by placin...

Qakbot levels up with new obfuscation techniques

Ashlee Benge of Cisco Talos and Nick Randolph of the Threat Grid Research and Efficacy team authored this blog post. Executive summary Qakbot, also known as Qbot, is a well-documented banking trojan that has been around since 2008. Recent Qakbot campaigns, however, are utilizing an updated...

Vulnerability Management vendors and Vulnerability Remediation problems

It's not a secret, that Vulnerability Management vendors don't pay much attention to the actual process of fixing vulnerabilities, that they detect in the infrastructure Vulnerability Remediation. Although it seems to be the main goal of VM products: to make vulnerabilities fixed and whole IT...

Sierra Wireless AirLink ES450 Information Disclosure Vulnerability (CNVD-2019-13407)

The Sierra Wireless AirLink ES450 is a cellular network modem device from Sierra Wireless Canada. An information disclosure vulnerability exists in the ACEManager EmbeddedAceGetTask.cgi function in the Sierra Wireless AirLink ES450 using firmware version 4.9.3. The vulnerability stems from an err...

Sierra Wireless AirLink ES450 Information Disclosure Vulnerability (CNVD-2019-13408)

The Sierra Wireless AirLink ES450 is a cellular network modem device from Sierra Wireless Canada. An information disclosure vulnerability exists in the ACEManager EmbeddedAceGetTask.cgi function in the Sierra Wireless AirLink ES450 using firmware version 4.9.3. The vulnerability stems from an err...

PT-2019-2821 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.0.10 Description: The issue is caused by errors in synchronization when using a shared resource in the Linux kernel's coredump implementation. This allows local users to obtain sensitive information, cause a...

The vulnerability of the Windows Task Scheduler allows a malicious individual to gain unauthorized access to protected information.

The vulnerability of the Windows Task Scheduler, a task scheduling tool for operating systems, is related to errors in handling user credentials. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information through a specially created application...

Microsoft Windows Multiple Vulnerabilities (KB4493446)

This host is missing a critical security update according to Microsoft KB4493446 Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This progra...

Microsoft Windows Multiple Vulnerabilities (KB4493475)

This host is missing a critical security update according to Microsoft KB4493475 Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This progra...

Microsoft Windows Multiple Vulnerabilities (KB4493474)

This host is missing a critical security update according to Microsoft KB4493474 Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This progra...