The Qualys Research Team has discovered a size_t-to-int type conversion vulnerability in the Linux Kernel’s filesystem layer affecting most Linux operating systems. Any unprivileged user can gain root privileges on a vulnerable host by exploiting this vulnerability in a default configuration. The Linux file system interface is implemented as a layered architecture, separating the user … Continue reading “Sequoia – Linux’s Filesystem Layer Local Privilege Escalation Vulnerability (CVE-2021-33909)”
Tag: Local Privilege Escalation
Linux Kernel ePBF Local Privilege Escalation Vulnerability (CVE-2020-8835)
The Linux kernel was reported with out-of-bounds reads and writes vulnerability due to lack of calculation in register bounds of ePBF code. Using this vulnerability (CVE-2020-8835), a local authenticated user can exploit and expose sensitive information resulting in high data loss. In ZDI’s Pwn2own competition, Manfred Paul demonstrated the flaw in the bpf verifier for … Continue reading “Linux Kernel ePBF Local Privilege Escalation Vulnerability (CVE-2020-8835)”
Citrix ADC And Citrix Gateway Multiple Security Vulnerabilities (CTX276688)
Citrix issued a new security advisory CTX276688 on 7th July,2020 addressing multiple security vulnerabilities in Citrix networking products like Citrix ADC, Citrix Gateway, and Citrix SD-WAN WANOP. Description: Citrix identified several vulnerabilities in products like Citrix ADC, Citrix Gateway, and Citrix SD-WAN WANOP. Approximately 11 vulnerabilities of type including Code Injection, Privilege Escalation, Authorization Bypass, … Continue reading “Citrix ADC And Citrix Gateway Multiple Security Vulnerabilities (CTX276688)”
Docker Desktop Privilege Escalation Vulnerability(CVE-2020-10665)
Overview: An active privilege escalation vulnerability was observed in Docker Desktop application. This vulnerability is assigned as CVE-2020-10665 and the research credits belongs to ACTIVELabs team. Successful exploitation leads to local elevation of privilege to NT AUTHORITY\SYSTEM. Docker Desktop for Windows is an easy-to-install application that enables you to build and share containerized applications and … Continue reading “Docker Desktop Privilege Escalation Vulnerability(CVE-2020-10665)”
Microsoft Windows Defender Elevation of Privilege Vulnerability
For 2020, June’s Patch Tuesday, Microsoft published Advisories addressing Multiple Vulnerabilities in Microsoft Windows Defender. CVE-2020-1163 and CVE-2020-1170 was assigned to these vulnerabilities. Microsoft Windows Defender Microsoft Defender is an anti-malware component of Microsoft Windows, designed to protect computers from viruses, spyware and other forms of malware. CVE-2020-1163 and CVE-2020-1170 An elevation of privilege vulnerability … Continue reading “Microsoft Windows Defender Elevation of Privilege Vulnerability”
Oracle Solaris Local Privilege Escalation Vulnerability (CVE-2020-2944)
Summary: An unusual buffer overflow vulnerability. that allows LPE was observed prior to April’s PT (patch-tuesday) in various Oracle Solaris platform. The researcher have published a POC publicly that was acclaimed by Oracle as well for CVE-2020-2944. Description: A buffer overflow in the _SanityCheck() function in the Common Desktop Environment version distributed with Oracle Solaris … Continue reading “Oracle Solaris Local Privilege Escalation Vulnerability (CVE-2020-2944)”
VMware Workstation and Fusion Guest-to-Host Escape Vulnerability
VMware issued a Security Advisory for Guest-to-Host Escape Vulnerability, VMSA-020-0004. VMSA-2020-0004 also includes the other two important vulnerabilities in VMware Horizon Client for Windows and VMRC for Windows, (CVE-2019-5543, CVE-2020-3948) CVE-2020-3947 has assigned to Guest-to Host Escape vulnerability. The vendors labeled it a critical severity bug with a CVSS score of 9.3 What is the … Continue reading “VMware Workstation and Fusion Guest-to-Host Escape Vulnerability”
Ricoh Printer Drivers for Windows Local Privilege Escalation Vulnerability (CVE-2019-19363)
Summary: A local privilege escalation vulnerability was observed in Ricoh printer drivers for Windowsdue to insecure file permissions. This was assigned under CVE-2019-19363. Description: Any local user is able to overwrite program library files (DLLs) with own code as file permissions of file system entries are improperly set while a printer is added to the … Continue reading “Ricoh Printer Drivers for Windows Local Privilege Escalation Vulnerability (CVE-2019-19363)”
OpenBSD Local Privilege Escalation Vulnerability CVE-2019-19726
Summary: Qualys researchers discovered a local privilege escalation vulnerability in OpenBSD’s dynamic loader (ld.so): this vulnerability is exploitable in the default installation (via the set-user-ID executable chpass or passwd) and yields full root privileges to attackers who has a low privilege on the system. Vulnerability: In OpenBSD with a low memory conditions, “_dl_split_path” function … Continue reading “OpenBSD Local Privilege Escalation Vulnerability CVE-2019-19726”