This exploit executes code at a user-defined (local) path as SYSTEM, when the execute_installer parameter is used in an HTTP message. This occurs without properly authenticating the user
This vulnerability allows local attackers to escalate privileges on vulnerable installations of MalwareFox Antimalware. An attacker must first obtain the ability to execute normal privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the processing of crafted IOCTL by the zam64.sys kernel driver. The issue lies in the failure to properly validate user-supplied data which can allows a non-privileged process to register itself. An attacker can leverage this vulnerability to execute arbitrary code under the context of kernel. This module will elevate the privileges of the current agent instead of installing a new one.
This module exploits a stack overflow vulnerability in "kwatch3.sys" by calling to IOCTL 0x80030004 function with crafted parameters.
This module exploits a vulnerability in NVIDIA GPU drivers. By abusing a vulnerability in the driver's DxgDdiEscape interface handler, a local attacker can trigger a kernel arbitrary write, which can be leveraged to elevate privileges.
The waitid implementation in upstream kernels did not restrict the target destination to copy information results. This can allow local users to write to otherwise protected kernel memory, which can lead to privilege escalation.
This vulnerability allows local attackers to escalate privileges on vulnerable installations of IKARUS anti.virus. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the processing of crafted IOCTL by the ntguard_x64.sys kernel driver. The issue lies in the failure to properly validate user-supplied data which can result in an out-of-bounds write condition. An attacker can leverage this vulnerability to execute arbitrary code under the context of kernel. This module will elevate the privileges of the current agent instead of installing a new one.
This vulnerability allows local attackers to escalate privileges on vulnerable installations of Jungo WinDriver. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the processing of crafted IOCTL by the windrvr12xx kernel driver. The issue lies in the failure to properly validate user-supplied data which can result in an out-of-bounds write condition. An attacker can leverage this vulnerability to execute arbitrary code under the context of kernel. This module will elevate the privileges of the current agent instead of installing a new one.
This module exploits a memory corruption vulnerability in the Linux kernel. When building a UFO packet with MSG_MORE __ip_append_data() calls ip_ufo_append_data() to append. However in between two send() calls, the append path can be switched from UFO to non-UFO one, which leads to a memory corruption that can be used by an attacker to escalate privileges.
This module exploits a signedness error condition in the Linux Kernel via PACKET_RX_RING option on an AF_PACKET socket with a TPACKET_V3 ring buffer version enabled. The packet_set_ring function in net/packet/af_packet.c in the Linux kernel through 4.10.6 does not properly validate certain block-size data, which allows local users to escalate privileges.
This module exploits a double-free vulnerability in the Linux Kernel. The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel through 4.9.11 mishandles DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allows local users to escalate privileges via an application that makes an IPV6_RECVPKTINFO setsockopt system call.