TrueCrypt <= 4.3 Local Privilege Escalation Exploit (CVE-2007-1738)

No description provided by source. $Id: raptortruecrypt,v 1.1.1.1 2007/04/04 11:31:56 raptor Exp $ raptortruecrypt - setuid truecrypt privilege escalation Copyright c 2007 Marco Ivaldi [email protected] TrueCrypt 4.3, when installed setuid root, allows local users to cause a denial of servic...

TrueCrypt <= 4.3 Local Privilege Escalation Exploit (CVE-2007-1738)

Exploit for unknown platform in category local exploits =================================================================== TrueCrypt TrueCrypt 4.3, when installed setuid root, allows local users to cause a denial of service filesystem unavailability or gain privileges by mounting a crafted...

TrueCrypt 4.3 - &#039;setuid&#039; Local Privilege Escalation

$Id: raptortruecrypt,v 1.1.1.1 2007/04/04 11:31:56 raptor Exp $ raptortruecrypt - setuid truecrypt privilege escalation Copyright c 2007 Marco Ivaldi TrueCrypt 4.3, when installed setuid root, allows local users to cause a denial of service filesystem unavailability or gain privileges by mounting...

Oracle 10g (Windows x86) - &#039;PROCESS_DUP_HANDLE&#039; Local Privilege Escalation

// Argeniss - Information Security // // Oracle Database local elevation of privileges PoC exploit // // Author: Cesar Cerrudo include include BOOL InjectShellcodeDWORD oldEIP,CHAR oSID HMODULE hKernel; FARPROC pCreateProc; LPSTR sCommand="cmd.exe"; DWORD dwStrLen; CHAR buff100;...

Oracle 10g (PROCESS_DUP_HANDLE) Local Privilege Elevation (win32)

No description provided by source. // Argeniss - Information Security // // Oracle Database local elevation of privileges PoC exploit // // Author: Cesar Cerrudo include windows.h include stdio.h BOOL InjectShellcodeDWORD oldEIP,CHAR oSID HMODULE hKernel; FARPROC pCreateProc; LPSTR...

Oracle 10g (PROCESS_DUP_HANDLE) Local Privilege Elevation (win32)

Exploit for unknown platform in category local exploits ================================================================= Oracle 10g PROCESSDUPHANDLE Local Privilege Elevation win32 ================================================================= // Argeniss - Information Security // // Oracle...

[SECURITY] Fedora Core 5 Update: nspr-4.6.5-0.5.0.fc5

NSPR provides platform independence for non-GUI operating system facilities. These facilities include threads, thread synchronization, normal file and network I/O, interval timing and calendar time, basic memory management malloc and free and shared library linking...

Authentication flaw

Unspecified vulnerability in the thread management in BEA WebLogic 7.0 through 7.0 SP6, 8.1 through 8.1 SP5, 9.0, and 9.1, when T3 authentication is used, allows remote attackers to cause a denial of service thread and system hang via unspecified "sequences of events."...

CVE-2007-0410

Unspecified vulnerability in the thread management in BEA WebLogic 7.0 through 7.0 SP6, 8.1 through 8.1 SP5, 9.0, and 9.1, when T3 authentication is used, allows remote attackers to cause a denial of service thread and system hang via unspecified "sequences of events."...

CVE-2007-0410

BeA WebLogic vulnerability: Unspecified flaw in thread management when T3 authentication is used affects WebLogic 7.0–7.0 SP6, 8.1–8.1 SP5, 9.0, and 9.1. Remote attackers can trigger a denial of service (thread and system hang) via unspecified sequences of events. No concrete exploit details, imp...

BEA产品多个远程安全漏洞

BEA Systems WebLogic包含多种应用系统集成方案，包括Server/Express/Integration等。 BEA Weblogic中存在多个安全漏洞，可能允许恶意攻击者获得敏感信息、绕过某些安全限制、导致拒绝服务或完全入侵系统。 这些漏洞包括： 1 SSL库中的漏洞可能允许判断明文块； 2 从缓存重用连接时服务器没有正确地验证客户端证书，导致攻击者可以通过X.509证书访问Web服务器。成功攻击要求应用程序允许通过单个客户端进程访问多个用户； 3 存储在JDBCDataSourceFactory MBean Properties属性中的口令没有加密； 4...

Fedora Core 5 : ruby-1.8.5-1.fc5 (2006-1110)

Fri Oct 27 2006 Akira TAGOH - 1.8.5-1 - security fix release. - ruby-1.8.5-cgi-CVE-2006-5467.patch: fix a CGI multipart parsing bug that causes the denial of service. 212396 - backport fixes from devel. - fixed rbconfig.rb to refer to DESTDIR for sitearchdir. 207311 - updates to 1.8.5 - removed...

CVE-2006-6237

SQL injection vulnerability in the decodecookie function in thread.php in Woltlab Burning Board Lite 1.0.2 allows remote attackers to execute arbitrary SQL commands via the threadvisit Cookie parameter...

CVE-2006-5967

Race condition in Panda ActiveScan 5.53.00, and other versions before 5.54.01, allows remote attackers to cause memory corruption and execute arbitrary code via unknown vectors related to multiple invocations of the Analizar method in the ActiveScan.1 ActiveX control, which is not thread safe...

CVE-2006-5713

Cross-site scripting XSS vulnerability in Easy File Sharing EFS Web Server 4.0 allows remote attackers to inject arbitrary web script or HTML via the 1 author, 2 content, or 3 title parameters when posting a forum thread. NOTE: the provenance of this information is unknown; the details are obtain...

CVE-2006-5713

Cross-site scripting XSS vulnerability in Easy File Sharing EFS Web Server 4.0 allows remote attackers to inject arbitrary web script or HTML via the 1 author, 2 content, or 3 title parameters when posting a forum thread. NOTE: the provenance of this information is unknown; the details are obtain...

Linux Kernel 2.2.x - 2.4.x ptrace/kmod Local Root Exploit

No description provided by source. / Linux kernel ptrace/kmod local root exploit This code exploits a race condition in kernel/kmod.c, which creates kernel thread in insecure manner. This bug allows to ptrace cloned process, allowing to take control over privileged modprobe binary. Should work...

CVE-2006-4392

The Mach kernel, as used in operating systems including 1 Mac OS X 10.4 through 10.4.7 and 2 OpenStep before 4.2, allows local users to gain privileges via a parent process that forces an exception in a setuid child and uses Mach exception ports to modify the child's thread context and task addre...

Malware and anti-malware technical analysis-vulnerability warning-the black bar safety net

Malware technology of all kinds, of any one function are likely to become a rogue technology, just like weapons, with the good may justice, with a crooked but become evil accomplice. First of all, I From win32 under some rogue bus analysis start: 1. I want to be a malware, the first thing to do i...

Important: Red Hat Bug Fix Advisory: bind bug fix update

Updated bind packages that fix several bugs are now available. BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. The bind package provides a DNS server named, which resolves host names to IP addresses, and tools for control and verification of the DN...