Exploits a missing verification of the path in the command "sudoedit", provided by the sudo package. This can be exploited to e.g. execute any command as root including a shell, allowing an unprivileged process to elevate privileges to root.
The setuid-set ViscosityHelper binary insecurely executes certain scripts and can be exploited to gain escalated privileges via symlink attacks.
Serv-U FTP versions 3.x, 4.x and 5.x ship with a default administrative account. A local attacker could establish a connection using the administrative authentication credentials and gain elevated privileges on the server.
The PulseAudio reload functionality has an exploitable race condition vulnerability. The executable file pulseaudio is seteuid root, therefore exploiting this bug allows to gain root privileges. This module uploads a binary exploit to the target machine and executes it with different parameters to try to exploit the vulnerability. As race conditions are sensitive to hardware and CPU load changes, this module may fail on some vulnerable machines.
The internal stack may be overrun using the controls module with a special crafted control sequence. This condition can be exploited by attackers to ultimately execute instructions with the privileges of the ProFTPD process, typically administrator or system. Exploitation requires valid local user, with access to the controls socket. After successful exploitation an agent will be deployed. This agent will inherit the user identity and capabilities of the abused service, usually those of the ftp server. However, the euid (as opposite to the uid) of the agent may be not that of the super user (usually is "nobody"), and by using the setuid module (see setuid module documentation), it can be changed to zero (root). This exploit may cause a Denial of Service on the target ProFTPD server.
This module exploits a local race-condition vulnerability in PolicyKit, which allows local users to execute arbitrary code with root privileges.
This module exploits a buffer overflow vulnerability in Panda Internet Security RKPavProc.sys driver when handling a specially crafted IOCTL request. This vulnerability allows unprivileged local users to execute code with SYSTEM privileges.
This module exploits a privilege escalation vulnerability in Panda Internet Security.
This module exploits a privilege escalation vulnerability in the AppFlt.sys driver of Panda Global Protection. The vulnerable driver trusts some values passed from user mode via IOCTL 0x06660E1C, which can be leveraged to corrupt memory in the kernel address space. This vulnerability allows unprivileged local users to execute code with SYSTEM privileges.
The PAM MOTD module in Ubuntu does not correctly handle path permissions when creating user file stamps. A local attacker can exploit this to gain root privileges.