This module exploits an arbitrary file upload in DotCMS to install an agent.
This module exploits a command injection vulnerability in REDDOXX Appliance to install an agent. The deployed agent will run with ROOT privileges.
This module exploits a memory corruption vulnerability in the Linux kernel. When building a UFO packet with MSG_MORE __ip_append_data() calls ip_ufo_append_data() to append. However in between two send() calls, the append path can be switched from UFO to non-UFO one, which leads to a memory corruption that can be used by an attacker to escalate privileges.
CMS Made Simple is prone to an OS command injection which allows attackers the execution of system commands.
This module exploits a signedness error condition in the Linux Kernel via PACKET_RX_RING option on an AF_PACKET socket with a TPACKET_V3 ring buffer version enabled. The packet_set_ring function in net/packet/af_packet.c in the Linux kernel through 4.10.6 does not properly validate certain block-size data, which allows local users to escalate privileges.
This module exploits a double-free vulnerability in the Linux Kernel. The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel through 4.9.11 mishandles DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allows local users to escalate privileges via an application that makes an IPV6_RECVPKTINFO setsockopt system call.
This module injects .so library into the remote smbd process. For this exploit to work, a writable shared directory must be available, in order to write an so library. The agent will normally run as the "nobody" user, and will have limited capabilities.
Solarwinds LEM Management Virtual Appliance is prone to a shell escape via OS command injection which allows attackers the execution of system commands.
Remote Code Execution when performing file upload based on Jakarta Multipart parser.
This module exploits a signedness issue in the Linux Kernel. The sock_setsockopt function in net/core/sock.c in the Linux kernel before 4.8.14 mishandles negative values of sk_sndbuf and sk_rcvbuf, which allows local users to escalate privileges. This module performs a CAP_NET_ADMIN to root privilege escalation.
Pagination
- Previous page
- Page 20
- Next page