4521 matches found
Mozilla Firefox ESR < 45.5 Multiple Vulnerabilities
Binary data 9805.prm...
Linux Kernel 2.6.22 < 3.9 - 'Dirty COW /proc/self/mem' Race Condition Privilege Escalation (/etc/passwd Method)
// EDB-Note: Compile: g++ -Wall -pedantic -O2 -std=c++11 -pthread -o dcow 40847.cpp -lutil // EDB-Note: Recommended way to run: ./dcow -s Will automatically do "echo 0 /proc/sys/vm/dirtywritebackcentisecs" // // ----------------------------------------------------------------- // Copyright C 2016...
The vulnerability of libraries that provide system calls and basic functions of glibc and eglibc allows attackers to control the execution of the thread.
The vulnerability of the PTRMANGLE implementation in libraries that provide system calls and core functions of glibc and eglibc is related to the improper initialization of a random value for pointer protection. Exploiting this vulnerability allows an attacker to control the execution of the thre...
Use after free via shared cookies
libcurl explicitly allows users to share cookies between multiple easy handles that are concurrently employed by different threads. When cookies to be sent to a server are collected, the matching function collects all cookies to send and the cookie lock is released immediately afterwards. That...
UBUNTU-CVE-2016-8623
A flaw was found in curl before version 7.51.0. The way curl handles cookies permits other threads to trigger a use-after-free leading to information disclosure...
openSUSE Security Update : guile (openSUSE-2016-1235)
This update for guile fixes the following issues : - CVE-2016-8606: REPL server vulnerable to HTTP inter-protocol attacks bsc1004226. - CVE-2016-8605: Thread-unsafe umask modification bsc1004221. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this...
DirtyCow Local Root Proof Of Concept Exploit
Exploit for linux platform in category local exploits / uncomment correct payload first x86 or x64! $ gcc cowroot.c -o cowroot -pthread $ ./cowroot DirtyCow root privilege escalation Backing up /usr/bin/passwd.. to /tmp/bak Size of binary: 57048 Racing, this may take a while.. /usr/bin/passwd...
Linux Kernel 2.6.22 3.9 (x86x64) - Dirty COW procselfmem Race Condition Privilege Escalation (SUID Method)
Linux Kernel 2.6.22 3.9 x86x64 - Dirty COW procselfmem Race Condition Privilege Escalation SUID Method / EDB-Note: After getting a shell, doing "echo 0 /proc/sys/vm/dirtywritebackcentisecs" may make the system more stable. uncomment correct payload first x86 or x64! $ gcc cowroot.c -o cowroot...
Tunnel TCP connections over HTTP: Tunna
Tunnel TCP connections over HTTP Tunna is a set of tools which will wrap and tunnel any TCP communication over HTTP. It can be used to bypass network restrictions in fully firewalled environments. In a fully firewalled inbound and outbound connections restricted – except the webserver port. The...
Oracle MySQL 5.7.x < 5.7.13 Multiple Vulnerabilities
Binary data 9616.prm...
Multiple Denial of Service Vulnerabilities in GNU Libosip
GNU Libosip is a standard library written in C for multi-threaded safety. GNU Libosip suffers from multiple denial of service vulnerabilities. An attacker could exploit this vulnerability to cause a denial of service...
Android debuggerd.cpp elevation of privilege vulnerability
Android is a mobile operating system based on the Linux open kernel, and Debuggerd is one of the system startup process components. An elevation of privilege vulnerability exists in the debuggerd/debuggerd.cpp file in Android Debuggerd, which stems from the program's failure to properly handle th...
CVE-2016-3885
debuggerd/debuggerd.cpp in Debuggerd in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 mishandles the interaction between PTRACEATTACH operations and thread exits, which allows attackers to gain privileges via a crafted application, aka internal b...
UBUNTU-CVE-2016-3885
debuggerd/debuggerd.cpp in Debuggerd in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 mishandles the interaction between PTRACEATTACH operations and thread exits, which allows attackers to gain privileges via a crafted application, aka internal b...
glibc - getaddrinfo Remote Stack Buffer Overflow
glibc - getaddrinfo Remote Stack Buffer Overflow / add by SpeeDr00t@Blackfalcon jang kyoung chip This is a published vulnerability by google in the past. Please refer to the link below. Reference: - https://googleonlinesecurity.blogspot.kr/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html -...
Adobe Flash - Use-After-Free When Returning Rectangle
Exploit for multiple platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=842 Several methods in flash return instances of the Rectangle class. There is a use-after-free in creating these objects for return. If the this object of the call is a MovieClip...
Teamspeak 3 Use-After-Free / Information Disclosure / DoS
Teamspeak 3 RCE advisory by: ff214370685e536b9ee021c7ff6b7680bfbe6008bc29f87511b6b90256043536 August 10, 2016 While auditing the Teamspeak 3 server I've discovered several 0-day vulnerabilities which I'll describe in detail in this advisory. They exist in the newest version of the server, version...
CoolPlayer+ Portable 2.19.6 Stack Overflow
Exploit Title: CoolPlayer+ Portable build 2.19.6 - .m3u Stack Overflow Egghunter+ASLR bypass Exploit Author: Karn Ganeshen Download link: https://sourceforge.net/projects/portableapps/files/CoolPlayer%2B%20Portable/CoolPlayerPlusPortable2.19.6.paf.exe/download?usemirror=liquidtelecom Version:...
[SECURITY] Fedora 23 Update: kf5-threadweaver-5.24.0-1.fc23
KDE Frameworks 5 Tier 1 addon for advanced thread management...
[SECURITY] Fedora 24 Update: kf5-threadweaver-5.24.0-1.fc24
KDE Frameworks 5 Tier 1 addon for advanced thread management...