2016 December

The OpenSSH agent permits its clients to load PKCS11 providers using the commands SSH_AGENTC_ADD_SMARTCARD_KEY and SSH_AGENTC_ADD_SMARTCARD_KEY_CONSTRAINED if OpenSSH was compiled with the ENABLE_PKCS11 flag (normally enabled) and the agent isn’t locked. For these commands, the client has to specify a provider name. Th e agent passes this provider name to a subprocess (via ssh-agent.c:process_add_smartcard_key -> […]

OpenSSH Local Privilege Escalation

Posted by deepcore under exploit (No Respond)

OpenSSH can forward TCP sockets and UNIX domain sockets. If privilege separation is disabled, then on the server side, the forwarding is handled by a child of sshd that has root privileges. For TCP server sockets, sshd explicitly checks whether an attempt is made to bind to a low port (below IPPORT_RESERVED) and, if so, […]

:: Deepquest ::

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

PHPMailer 5.2.17 Remote Code Execution

http://umjan.go.th

http://dhr.go.th

http://namon.go.th

http://www.phachi.go.th

XAMPP Control Panel Denial Of Service

http://www.khanom.go.th/usronline.php

Nidesoft MP3 Converter 2.6.18 DLL Hijacking

OpenSSH Arbitrary Library Loading

OpenSSH Local Privilege Escalation

Tabs Switcher

Categories

Archives

Meta

BLOGROLL