Microsoft Windows Local Privilege Escalation Vulnerability CVE-2019-1253

Summary: September MSPT has come with a local privilege-escalation vulnerability in Microsoft Windows. Description: Windows AppX Deployment Server improperly handles junctions resulting into privilege escalation. An attacker would first have to gain execution on the victim system, aka ‘Windows Elevation of Privilege Vulnerability‘ to exploit this vulnerability, A Poc is available that demonstrates on Microsoft … Continue reading “Microsoft Windows Local Privilege Escalation Vulnerability CVE-2019-1253”

Linux PIE/Stack Corruption: CVE-2017-1000253

Qualys Vulnerability and Malware Research Labs (VMRL) has found a Local Privilege Escalation vulnerability in Linux operating system. The vulnerability is named “Linux PIE/stack corruption” with CVE-2017-1000253. Exploiting this vulnerability will result in stack corruption as it is overwritten by data segments of a PIE binary, an unprivileged local user with access to SUID PIE … Continue reading “Linux PIE/Stack Corruption: CVE-2017-1000253”