4495 matches found
Writing a libemu/Unicorn Compatability Layer
In this post we are going to take a quick look at what it takes to write a libemu compatibility layer for the Unicorn engine. In the course of this work, we will also import the libemu Win32 environment to run under Unicorn. For a bit of background, libemu is a lightweight x86 emulator written in...
Writing a libemu/Unicorn Compatability Layer
In this post we are going to take a quick look at what it takes to write a libemu compatibility layer for the Unicorn engine. In the course of this work, we will also import the libemu Win32 environment to run under Unicorn. For a bit of background, libemu is a lightweight x86 emulator written in...
macOS / iOS Kernel 10.12.3 (16D32) - Bad Locking in necp_open Use-After-Free Exploit
Exploit for multiple platform in category dos / poc / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1116 necpopen is a syscall used to obtain a new necp file descriptor The necp file's fp's fgdata points to a struct necpfddata allocated on the heap. Here's the relevant code fr...
PT-2017-16645 · Apache · Apache Tomcat
Name of the Vulnerable Software and Affected Versions: Apache Tomcat versions 8.5.0 through 8.5.12 Apache Tomcat versions 9.0.0.M1 through 9.0.0.M18 Description: The handling of an HTTP/2 GOAWAY frame for a connection did not close streams associated with that connection that were currently waiti...
RHEL 6 : Red Hat Gluster Storage 3.2.0 (RHSA-2017:0484)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2017:0484 advisory. Red Hat Gluster Storage is a software only scale-out storage solution that provides flexible and affordable unstructured data storage. It unifies dat...
Linux Kernel 3.11 4.8 0 - SO_SNDBUFFORCE SO_RCVBUFFORCE Local Privilege Escalation
Linux Kernel 3.11 4.8 0 - SOSNDBUFFORCE SORCVBUFFORCE Local Privilege Escalation // CAPNETADMIN - root LPE exploit for CVE-2016-9793 // No KASLR, SMEP or SMAP bypass included // Affected kernels: 3.11 - 4.8 // Tested in QEMU only // https://github.com/xairy/kernel-exploits/tree/master/CVE-2016-97...
Leakage Of File And Folder Information
hive-exec is vulnerable to the leakage of file and folder information. The file and folder information is being logged when a query is canceled and the thread is interrupted...
CVE-2017-5986
It was reported that with Linux kernel, earlier than version v4.10-rc8, an application may trigger a BUGON in sctpwaitforsndbuf if the socket tx buffer is full, a thread is waiting on it to queue more data, and meanwhile another thread peels off the association being used by the first thread...
VMware Workstation Invalid DACL Privilege Escalation Vulnerability - Windows
VMware Workstation is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
VMware Player Invalid DACL Privilege Escalation Vulnerability - Windows
VMware Player is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:vmware:player";...
VMware Workstation Code Execution And Privilege Escalation Vulnerabilities (VMSA-2012-0015) - Windows
VMware Workstation is prone to code execution and privilege escalation vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
SUSE-SU-2017:0398-1 Security update for guile
This update for guile fixes the following issues: - CVE-2016-8605: Fixed thread-unsafe umask modification bsc1004221...
SUSE-SU-2017:0394-1 Security update for guile
This update for guile fixes the following issues: - CVE-2016-8605: Fixed thread-unsafe umask modification bsc1004221...
Linux Kernel 4.4.0 AF_PACKET Race Condition / Privilege Escalation Exploit
Linux AFPACKET race condition exploit for Ubuntu 16.04 x8664. / chocoboroot.c linux AFPACKET race condition exploit exploit for Ubuntu 16.04 x8664 vroom vroom ============================== email protected:$ uname -a Linux ubuntu 4.4.0-51-generic 72-Ubuntu SMP Thu Nov 24 18:29:54 UTC 2016 x8664...
Mozilla Firefox ESR < 45.5 Multiple Vulnerabilities
Binary data 9805.prm...
Linux Kernel 2.6.22 < 3.9 - 'Dirty COW /proc/self/mem' Race Condition Privilege Escalation (/etc/passwd Method)
// EDB-Note: Compile: g++ -Wall -pedantic -O2 -std=c++11 -pthread -o dcow 40847.cpp -lutil // EDB-Note: Recommended way to run: ./dcow -s Will automatically do "echo 0 /proc/sys/vm/dirtywritebackcentisecs" // // ----------------------------------------------------------------- // Copyright C 2016...
The vulnerability of libraries that provide system calls and basic functions of glibc and eglibc allows attackers to control the execution of the thread.
The vulnerability of the PTRMANGLE implementation in libraries that provide system calls and core functions of glibc and eglibc is related to the improper initialization of a random value for pointer protection. Exploiting this vulnerability allows an attacker to control the execution of the thre...
Use after free via shared cookies
libcurl explicitly allows users to share cookies between multiple easy handles that are concurrently employed by different threads. When cookies to be sent to a server are collected, the matching function collects all cookies to send and the cookie lock is released immediately afterwards. That...
UBUNTU-CVE-2016-8623
A flaw was found in curl before version 7.51.0. The way curl handles cookies permits other threads to trigger a use-after-free leading to information disclosure...
openSUSE Security Update : guile (openSUSE-2016-1235)
This update for guile fixes the following issues : - CVE-2016-8606: REPL server vulnerable to HTTP inter-protocol attacks bsc1004226. - CVE-2016-8605: Thread-unsafe umask modification bsc1004221. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this...