:: Deepquest ::

RHEL 7.1 Kernel – snd-usb-audio Crash PoC

RHEL 7.1 Kernel – iowarrior driver Crash PoC

WordPress Site Import Plugin 1.0.1 – Local and Remote File Inclusion

TeamPass 2.1.24 – Multiple Vulnerabilities

Zortam Mp3 Media Studio 20.15 – SEH Overflow DoS

Exim versions prior to 4.86.2 suffer from a local root privilege escalation vulnerability. When Exim installation has been compiled with Perl support and contains a perl_startup configuration variable it can be exploited by malicious local attackers to gain root privileges.

A memory corruption vulnerability exists in the IPT_SO_SET_REPLACE ioctl in the netfilter code for iptables support. This ioctl is can be triggered by an unprivileged user on PF_INET sockets when unprivileged user namespaces are available (CONFIG_USER_NS=y). Android does not enable this option, but desktop/server distributions and Chrome OS will commonly enable this to allow for […]

PuTTY / PSCP versions 0.66 and below suffer from a buffer overflow vulnerability. Proof of concept code included.

A remote attacker may crash or execute arbitrary code in libotr by sending large OTR messages. While processing specially crafted messages, attacker controlled data on the heap is written out of bounds. No special user interaction or authorization is necessary in default configurations. libotr versions 4.1.0 and below are affected.

Security Explorations has released details and a proof of concept to bypass a broken security fix found in the Oracle Java SE fix from September, 2013.