PT-2018-2968 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.20 Description: The issue is related to errors in synchronization when using a shared resource, specifically a race condition in the smp task timedout and smp task done functions in the drivers/scsi/libsas/sas...

Joomla! Component Music Collection 3.0.3 - SQL Injection

Exploit Title: Joomla! Component Music Collection 3.0.3 - SQL Injection Dork: N/A Date: 2018-09-24 Vendor Homepage: http://joomlathat.com/ Software Link: https://extensions.joomla.org/extensions/extension/multimedia/multimedia-players/music-collection/ Version: 3.0.3 Category: Webapps Tested on:...

Microsoft Windows ALPC Task Scheduler Local Privilege Elevation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core/post/file' require 'msf/core/post/windows/priv' require 'msf/core/post/windows/registry' TODO: Do we need this? require 'msf/core/exploit/exe' class...

Microsoft Windows ALPC Task Scheduler Local Privilege Elevation Exploit

On vulnerable versions of Windows the alpc endpoint method SchRpcSetSecurity implemented by the task scheduler service can be used to write arbitrary DACLs to .job files located in c:\windows\tasks because the scheduler does not use impersonation when checking this location. Since users can creat...

CVE-2018-1711

IBM DB2 for Linux, UNIX and Windows includes DB2 Connect Server 9.7, 10.1, 10.5, and 11.1 could allow a local user to to gain privileges due to allowing modification of columns of existing tasks. IBM X-Force ID: 146369...

Microsoft Windows ALPC Task Scheduler Local Privilege Elevation

On vulnerable versions of Windows the alpc endpoint method SchRpcSetSecurity implemented by the task scheduler service can be used to write arbitrary DACLs to .job files located in c:\windows\tasks because the scheduler does not use impersonation when checking this location. Since users can creat...

Microsoft Patches Actively Exploited Bug as Part of Patch Tuesday

UPDATE Microsoft has patched an elevation-of-privilege vulnerability it said is actively being exploited by hackers. The fix was part of Microsoft’s scheduled September Patch Tuesday release, which also included fixes for two other bugs found being used in the wild, including the zero-day found i...

Bad Actors Sizing Up Systems Via Lightweight Recon Malware

Well-known financial crime gang Cobalt Group and other threat actors have recently shifted tactics to incorporate lightweight modular downloaders that “vet” target machines for their attractiveness before proceeding with a full-fledged attack. The emergence of the AdvisorsBot and Marap malwares, ...

CEM - Support for COSU Android Enterprise devices - COSU

Objective Support for COSU Android Enterprise devices Endpoint Management supports the management of corporate owned single use COSU Android Enterprise devices. COSU devices fulfill a single use case, such as digital signage, ticket printing, or inventory management. Administrators restrict these...

The vulnerability of the SchRpcSetSecurity function in the Advanced Local Procedure Call interface of the Windows operating system’s task scheduler allows a malicious actor to execute malicious code with SYSTEM privileges.

The vulnerability of the SchRpcSetSecurity function in the Advanced Local Procedure Call ALPC interface of the Windows operating system’s task scheduler is related to deficiencies in access control. Exploiting this vulnerability allows an attacker to execute malicious code with SYSTEM privileges...

Moderate: Red Hat Security Advisory: ansible security update

An update for ansible is now available for Red Hat OpenStack Platform 13.0 Queens. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Hacker Discloses Unpatched Windows Zero-Day Vulnerability (With PoC)

A security researcher has publicly disclosed the details of a previously unknown zero-day vulnerability in the Microsoft's Windows operating system that could help a local user or malicious program obtain system privileges on the targeted machine. And guess what? The zero-day flaw has been...

Microsoft Windows - Advanced Local Procedure Call (ALPC) Local Privilege Escalation

Note: PoC will now hijack the print spooler service - spoolsv.exe - as it required less code then hijacking printfilterpipelinesvc.exe, which was shown in the original video demo Description of the vulnerability The task scheduler service has an alpc endpoint, supporting the method...

Microsoft Windows - Advanced Local Procedure Call (ALPC) Local Privilege Escalation

Microsoft Windows - Advanced Local Procedure Call ALPC Local Privilege Escalation Note: PoC will now hijack the print spooler service - spoolsv.exe - as it required less code then hijacking printfilterpipelinesvc.exe, which was shown in the original video demo Description of the vulnerability The...

Microsoft Windows - Advanced Local Procedure Call (ALPC) Local Privilege Escalation Exploit

Exploit for windows platform in category local exploits Note: PoC will now hijack the print spooler service - spoolsv.exe - as it required less code then hijacking printfilterpipelinesvc.exe, which was shown in the original video demo Description of the vulnerability The task scheduler service ha...

January 17, 2018—KB4057401 (Preview of Monthly Rollup)

January 17, 2018—KB4057401 Preview of Monthly Rollup Improvements and fixes This non-security update includes improvements and fixes that were a part of KB4056895 released January 8, 2018 and also includes these new quality improvements as a preview of the next Monthly Rollup update: Addresses...

DependencyCheck v3.3.1 - A Software Composition Analysis Utility That Detects Publicly Disclosed Vulnerabilities In Application Dependencies

Dependency-Check is a Software Composition Analysis SCA tool that attempts to detect publicly disclosed vulnerabilities contained within a project's dependencies. It does this by determining if there is a Common Platform Enumeration CPE identifier for a given dependency. If found, it will generat...

HPE XP P9000 Command View Advanced Edition Software Cross-Site Scripting Vulnerability

HPE XP P9000 Command View Advanced Edition Software CVAE is a suite of device management software from Hewlett Packard Enterprise HPE that enables storage management for HPE XP P9000 disk array products.DevMgr , TSMgr, and RepMgr are among the management modules. A cross-site scripting...

HPE XP P9000 Command View Advanced Edition Software Open URL Redirection Vulnerability

HPE XP P9000 Command View Advanced Edition Software is a full-featured device manager for HPE XP P9500 and XP disk array products. An open URL redirection vulnerability exists in DevMgr, TSMgr, and RepMgr in HPE XP P9000 Command View Advanced Edition Software CVAE 7.0.0-00 - 8.60-00 excluding...

CVE-2018-7090

HPE XP P9000 Command View Advanced Edition Software CVAE has local and remote cross site scripting vulnerability in versions 7.0.0-00 to earlier than 8.60-00 of DevMgr, TSMgr and RepMgr...