12 - 2019 - :: Deepquest ::

>> vReliable Datagram Sockets (RDS) rds_page_copy_user Privilege Escalation

USER: deepcore // 2019-12-24 // 0 CMT

This Metasploit module exploits a vulnerability in the rds_page_copy_user function in net/rds/page.c (RDS) in Linux kernel versions 2.6.30 to 2.6.36-rc8 to execute code as root (CVE-2010-3904). This module has been…

>> Reptile Rootkit reptile_cmd Privilege Escalation

USER: deepcore // 2019-12-24 // 0 CMT

This Metasploit module uses Reptile rootkit’s reptile_cmd backdoor executable to gain root privileges using the root command. This module has been tested successfully with Reptile from master branch (2019-03-04) on…

>> http://sanpong.go.th

USER: deepcore // 2019-12-23 // 0 CMT

http://sanpong.go.th notified by Baku Hantam Crew

>> http://sanpayang.go.th

USER: deepcore // 2019-12-23 // 0 CMT

http://sanpayang.go.th notified by Baku Hantam Crew

>> [local] Prime95 Version 29.8 build 6 – Buffer Overflow (SEH)

USER: deepcore // 2019-12-23 // 0 CMT

Prime95 Version 29.8 build 6 – Buffer Overflow (SEH)

>> FaceTime _RSU_DecodeByteBuffer Out-Of-Bounds Read

USER: deepcore // 2019-12-21 // 0 CMT

FaceTime suffers from an out-of-bounds read vulnerability in _RSU_DecodeByteBuffer.

>> FTP Navigator 8.03 Denial Of Service

USER: deepcore // 2019-12-20 // 0 CMT

FTP Navigator version 8.03 suffers from a denial of service vulnerability.

>> Deutsche Bahn Ticket Vending Machine Privilege Escalation

USER: deepcore // 2019-12-20 // 0 CMT

The Deutsche Bahn Ticket Vending Machine suffers from a local kiosk privilege escalation vulnerability.

>> [remote] FreeSWITCH 1.10.1 – Command Execution

USER: deepcore // 2019-12-20 // 0 CMT

FreeSWITCH 1.10.1 – Command Execution

>> [webapps] phpMyChat-Plus 1.98 – 'pmc_username' Reflected Cross-Site Scripting

USER: deepcore // 2019-12-20 // 0 CMT

phpMyChat-Plus 1.98 – ‘pmc_username’ Reflected Cross-Site Scripting