:: Deepquest ::

This Metasploit module exploits an issue in ptrace_link in kernel/ptrace.c before Linux kernel 5.1.17. This issue can be exploited from a Linux desktop terminal, but not over an SSH session, as it requires execution from within the context of a user with an active Polkit agent. In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c […]

This Metasploit module exploits a vulnerability in xscreensaver versions since 5.06 on unpatched Solaris 11 systems which allows users to gain root privileges. xscreensaver allows users to create a user-owned file at any location on the filesystem using the -log command line argument introduced in version 5.06. This module uses xscreensaver to create a log […]

This Metasploit module exploits a PHP object injection vulnerability in Joomla version 3.4.6.

AUO SunVeillance Monitoring System 1.1.9e – ‘MailAdd’ SQL Injection

AUO SunVeillance Monitoring System 1.1.9e – Incorrect Access Control

WordPress Sliced Invoices 3.8.2 – ‘post’ SQL Injection

Linux Polkit – pkexec helper PTRACE_TRACEME local root (Metasploit)

This Metasploit module attempts to gain root privileges with SUID Xorg X11 server versions 1.19.0 up to 1.20.3. A permission check flaw exists for -modulepath and -logfile options when starting Xorg. This allows unprivileged users that can start the server the ability to elevate privileges and run arbitrary code under root privileges. This module has […]

Joomla! 3.4.6 – Remote Code Execution (Metasploit)

IObit Uninstaller 9.1.0.8 – ‘IObitUnSvr’ Unquoted Service Path