This update fixes an issue in the dynamic_fork mem_execute implementation used by some privilege escalation exploits.
This module exploits a null pointer dereference in win32k.sys by abusing of xxxSendMessageTimeout function. The TrackPopupMenu API function is used to trigger the vulnerability.
This update is to add the exploit in order to attack Drupal core CMS 7.x versions prior to 7.32 using default configuration (CVE-2014-3704).
This update add verification for CVE-2014-6278 to all available attack
vectors.
vectors.
Kolibri Webserver is vulnerable to a stack buffer overflow as a result of failure to properly validate user-supplied input when handling HTTP POST requests.
A stack buffer overflow occurs when copying a user supplied input to a fixed size stack buffer without boundary check leading to overwrite the SEH and the return address.
The copying procedure stops when a null word is found and no size check is proceeded.
The copying procedure stops when a null word is found and no size check is proceeded.
This update adds a SMB file share server. This server is useful for serving files such as libraries or binary exectuables necessary for triggering or executing a remote attack.
The OLE packager component (packager.dll) of Microsoft Windows will automatically download remote files referenced in embedded OLE objects within Office documents.
In the case of .INF installer files, packager.dll will automatically run them without prompting the user. This can be abused to gain arbitrary code execution by creating an Office document with an embedded OLE object containing a reference to a remote INF file with specially crafted commands.
This vulnerability can be exploited by convincing an unsuspecting user to open a specially crafted PowerPoint document.
WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation.
In the case of .INF installer files, packager.dll will automatically run them without prompting the user. This can be abused to gain arbitrary code execution by creating an Office document with an embedded OLE object containing a reference to a remote INF file with specially crafted commands.
This vulnerability can be exploited by convincing an unsuspecting user to open a specially crafted PowerPoint document.
WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation.
This module exploits a vulnerability in the Linux Kernel. The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the "LECHO & !OPOST" case, which allows local attackers to escalate privileges triggering a race condition involving read and write operations with long strings.
This update adds support for Ubuntu 14.04.
This update adds support for Ubuntu 14.04.
This module exploits a stack-based buffer overflow in ovopi.dll which listens by default on a UDP port 696. When parsing option -L, the process blindly copies user supplied data into a fixed-length buffer allowing for an arbitrary write to occur.