This update includes a module exploiting a vulnerability found in Bash. When using PureFTPd in conjuntion with the vulnerable Bash version for user authentication, a Core Impact agent is installed.
On x86_64 Intel CPUs, sysret to a non-canonical address causes a fault on the sysret instruction itself after the stack pointer has been set to a usermode-controlled value, but before the current privilege level (CPL) is changed.
A flaw in the ptrace subsystem of the Linux kernel allows a tracer process to set the RIP register of the tracee to a non-canonical address, which is later used when returning to user space with a sysret instruction instead of iret after a system call, thus bypassing sanity checks that were previously introduced to fix related vulnerabilities.
This vulnerability can be used by a local unprivileged attacker to corrupt kernel memory and gain root privileges on the affected system.
A flaw in the ptrace subsystem of the Linux kernel allows a tracer process to set the RIP register of the tracee to a non-canonical address, which is later used when returning to user space with a sysret instruction instead of iret after a system call, thus bypassing sanity checks that were previously introduced to fix related vulnerabilities.
This vulnerability can be used by a local unprivileged attacker to corrupt kernel memory and gain root privileges on the affected system.
This module exploits a double-free vulnerability in "afd.sys" by calling to "AfdTransmiteFile" function with crafted parameters.
This update adds support to Impact 2014 R2.
This update adds support to Impact 2014 R2.
The vulnerability lies in the failure to validate the size of the input buffer before copying it into a fixed-size buffer on the stack within the handling of the loadExtensionFactory method.
Insufficient sanitization in Openfile's /admin/system.html 'Hostname' field, leads to remote code execution.
This update fixes the exploit category.
This update fixes the exploit category.
Foxit Reader is prone to a vulnerability that may allow the loading and execution of any library file named imgseg.dll, if this dll is located in a determined subfolder where a .PDF file is.
Buffer overflow in Kolibri Web Server allows remote attackers to execute arbitrary code via a long URI in a GET request.
This module allows an agent running in the context of AcroRd32.exe with Low Integrity Level/AppContainer Integrity Level to escalate privileges in order to install a new agent that will run with Medium Integrity Level.
A missing boundary check in the TLS Heartbeat extension in OpenSSL can be abused by remote attackers to read up to 64 kb of memory from the server.
This memory disclosure vulnerability can be used by remote unauthenticated attackers to obtain sensitive information from the affected server, including private keys and session cookies.
This update adds features to the module, like the ability to read 64 kb of data from vulnerable services, reporting the results in the Module Output window, and saving the memory dumps to disk. It also improves the compatibility with OpenSSL services and adds support for FTPS.
This memory disclosure vulnerability can be used by remote unauthenticated attackers to obtain sensitive information from the affected server, including private keys and session cookies.
This update adds features to the module, like the ability to read 64 kb of data from vulnerable services, reporting the results in the Module Output window, and saving the memory dumps to disk. It also improves the compatibility with OpenSSL services and adds support for FTPS.
This module exploits a double-free vulnerability in "afd.sys" by calling to "AfdTransmiteFile" function with crafted parameters.
This module adds support to Microsoft Windows 2003, Windows Vista, Windows 2008 and Windows 8.1
This module adds support to Microsoft Windows 2003, Windows Vista, Windows 2008 and Windows 8.1