This Metasploit module exploits a vulnerability in the rds_page_copy_user function in net/rds/page.c (RDS) in Linux kernel versions 2.6.30 to 2.6.36-rc8 to execute code as root (CVE-2010-3904). This module has been tested successfully on Fedora 13 (i686) kernel version 2.6.33.3-85.fc13.i686.PAE and Ubuntu 10.04 (x86_64) with kernel version 2.6.32-21-generic.
This Metasploit module uses Reptile rootkit’s reptile_cmd backdoor executable to gain root privileges using the root command. This module has been tested successfully with Reptile from master branch (2019-03-04) on Ubuntu 18.04.3 (x64) and Linux Mint 19 (x64).
http://sanpong.go.th notified by Baku Hantam Crew
Tags:
defacement
http://sanpayang.go.th notified by Baku Hantam Crew
Tags:
defacement
Prime95 Version 29.8 build 6 – Buffer Overflow (SEH)
Tags:
0day,
remote exploit
FaceTime suffers from an out-of-bounds read vulnerability in _RSU_DecodeByteBuffer.
FTP Navigator version 8.03 suffers from a denial of service vulnerability.
The Deutsche Bahn Ticket Vending Machine suffers from a local kiosk privilege escalation vulnerability.
FreeSWITCH 1.10.1 – Command Execution
Tags:
0day,
remote exploit
phpMyChat-Plus 1.98 – ‘pmc_username’ Reflected Cross-Site Scripting
Tags:
0day,
remote exploit