The PPP daemon (pppd) in Apple Mac OS X 10.4.8 checks ownership of the stdin file descriptor to determine if the invoker has sufficient privileges, which allows local users to load arbitrary plugins and gain root privileges by bypassing this check.
An elevation of privilege vulnerability exists due to the Windows kernel improperly validating input passed from user mode to the kernel. The vulnerability could allow an attacker to run code with elevated privileges.
This module exploits a stack buffer overflow vulnerability in Microsoft Internet Information Server 5.1 through 6.0.
This update adds support for 2003 Enterprise Sp1 and bypasses DEP in already supported platforms.
This update adds support for 2003 Enterprise Sp1 and bypasses DEP in already supported platforms.
This module exploits a integer overflow condition on local X.org servers with MIT-SHM extension activated.
This module exploits a vulnerability in VMware shared folders.
This module exploits a stack buffer overflow vulnerability in Microsoft Internet Information Server 5.1 through 6.0.
WARNING: This is an early release module.
WARNING: This is an early release module.
Exploits a missing verification of parameters within the vmsplice_to_user(), copy_from_user_mmap_sem(), and get_iovec_page_array() functions in fs/splice.c before using them to perform certain memory operations. This can be exploited to e.g. read or write to arbitrary kernel memory via a specially crafted vmsplice() system call, and allows an unprivileged process to elevate privileges to root.
This module exploits a vulnerability in Novell NetWare Client when handling a specially crafted IOCTL. The vulnerability allows local users to overwrite memory and execute arbitrary code via a malformed Interrupt Request Packet (Irp) parameters.
This module exploits a vulnerability in Linux for x86_64. The IA32 system call emulation functionality does not zero extend the eax register after the 32bit entry path to ptrace is used, which might allow local users to trigger an out-of-bounds access to the system call table using the %RAX register and escalate privileges.
This module exploits a buffer overflow condition on local X.org servers with the composite extension activated.