This module exploits a vulnerability in OpenBSD crontab entries that allow arbitrary commands execution as root. To exploit the vulnerability this exploit will create an agent in the target filesystem which will be automatically executed later (with root privileges) by a crontab vulnerable security entry (/etc/daily | mail). Once the agent gets executed, it is possible to connect to it. If the exploit succeeds, a new agent will be installed with root privileges.
Stack-based buffer overflow in WINSRV.DLL in the Client Server Runtime System (CSRSS) process of Microsoft Windows 2000, Windows XP SP1 and SP2, and Windows Server 2003 allows local users to gain privileges via a specially-designed application that provides console window information with a long FaceName value.
cdrecord in the cdrtools package before 2.01, when installed setuid root, does not properly drop privileges before executing a program specified in the RSH environment variable, which allows local users to gain privileges. This module exploits this vulnerability.
This module exploits a vulnerability in Anti keylogger elite when the 0x002224A4 function is invoked with a specially crafted parameter. The IOCTL 0x002224A4 handler in the AKEProtect.sys device driver in Anti Keylogger Elite allows local users to overwrite memory and execute arbitrary code via malformed Interrupt Request Packet (Irp) parameters to obtain system privileges.
Subscribe to Impact