The problem is that "ARDAgent", which is owned by "root" and has the setuid bit set, can be invoked to execute shell commands via AppleScript (e.g. through "osascript"). This can be exploited to execute arbitrary commands with root privileges.
This module exploits a privilege escalation vulnerability in the Microsoft Windows Task Scheduler Service. This vulnerability is currently exploited by the Stuxnet malware.
WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation.
WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation.
This update adds support to Microsoft Windows 7.
This module exploits a vulnerability on "win32k.sys" when a keyboard layout is loaded by the kernel.
This module exploits a vulnerability on "win32k.sys" when a keyboard layout is loaded by the kernel.
This module exploits a privilege escalation vulnerability in Trend Micro Titanium Maximum Security tmtdi.sys driver. The vulnerable driver trusts a dword passed from user mode via IOCTL 0x220404, and interprets it as a function pointer without performing validations. This vulnerability allows unprivileged local users to execute code with SYSTEM privileges.
The GNU C dynamic linker (ld.so) is prone to a local privilege-
escalation vulnerability. This module exploits the vulnerability to
install an agent with root privileges.
escalation vulnerability. This module exploits the vulnerability to
install an agent with root privileges.
The GNU C library (GNU glibc) is prone to a local privilege-escalation vulnerability. This module exploits the vulnerability to install an agent with root privileges.
This update improves the module reliability.
This update improves the module reliability.
The Linux kernel is prone to a privilege escalation vulnerability that can be exploited by local unprivileged users to gain root access, because
the RDS protocol does not properly check that the base address of a user-provided iovec struct points to a valid userspace address before using the __copy_to_user_inatomic() function to copy the data. By providing a kernel address as an iovec base and issuing a recvmsg() style socket call, a local user could write arbitrary data into kernel memory, thus escalating privileges to root.
the RDS protocol does not properly check that the base address of a user-provided iovec struct points to a valid userspace address before using the __copy_to_user_inatomic() function to copy the data. By providing a kernel address as an iovec base and issuing a recvmsg() style socket call, a local user could write arbitrary data into kernel memory, thus escalating privileges to root.
This module exploits a vulnerability on "win32k.sys" when a keyboard layout is loaded by the kernel.
WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs
or have limited functionality and may not have complete or accurate documentation.
WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs
or have limited functionality and may not have complete or accurate documentation.
Due to failure to handle exceptional conditions, a NULL pointer is dereferenced by the FreeBSD kernel allowing to overwrite arbitrary kernel memory. This module exploits the vulnerability to install an agent with root privileges.
The GNU C library (GNU glibc) is prone to a local privilege-escalation vulnerability. This module exploits the vulnerability to install an agent with root privileges.
WARNING: This is an early release module. This is not the final version of this module.
It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations.
Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation.
WARNING: This is an early release module. This is not the final version of this module.
It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations.
Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation.