Archive for the ‘privilege escalation’ Category

Hacker Discloses Second Zero-Day to Bypass Patch for Windows EoP Flaw

June 7th, 2019
An anonymous security researcher going by the name of SandboxEscaper today publicly shared a second zero-day exploit that can be used to bypass a recently patched elevation of privilege vulnerability in the Microsoft Windows operating system. SandboxEscaper is known for publicly dropping zero-day exploits for unpatched Windows vulnerabilities. In the past year, the hacker has disclosed over half

Posted in hacking news, privilege escalation, windows privilege escalation, Windows zero-day vulnerability, zero-day exploit | Comments (0)

PoC Exploit For Unpatched Windows 10 Zero-Day Flaw Published Online

May 22nd, 2019
An anonymous hacker with an online alias "SandboxEscaper" today released proof-of-concept (PoC) exploit code for a new zero-day vulnerability affecting Windows 10 operating system—that's his/her 5th publicly disclosed Windows zero-day exploit [1, 2, 3] in less than a year. Published on GitHub, the new Windows 10 zero-day vulnerability is a privilege escalation issue that could allow a local

Posted in hacking news, Microsoft Windows 10, operating system, privilege escalation, sandbox bypass, Vulnerability, windows security, Zero-Day Vulnerability | Comments (0)

New Apache Web Server Bug Threatens Security of Shared Web Hosts

April 2nd, 2019
Mark J Cox, one of the founding members of the Apache Software Foundation and the OpenSSL project, today posted a tweet warning users about a recently discovered important flaw in Apache HTTP Server software. The Apache web server is one of the most popular, widely used open-source web servers in the world that powers almost 40 percent of the whole Internet. The vulnerability, identified as

Posted in Apache, Apache web server, fast web server, hacking web server, privilege escalation, shared web hosting, Vulnerability, web hosting, web server hacking, web server security | Comments (0)

Snapd Flaw Lets Attackers Gain Root Access On Linux Systems

February 13th, 2019
Ubuntu and some other Linux distributions suffer from a severe privilege escalation vulnerability that could allow a local attacker or a malicious program to obtain root privileges and total control over the targeted system. Dubbed "Dirty_Sock" and identified as CVE-2019-7304, the vulnerability was discovered by security researcher Chris Moberly, who privately disclosed it to Canonical, the

Posted in hacking news, linux, privilege escalation, Snap Package, Ubuntu, Ubuntu Linux, Vulnerability | Comments (0)

Latest iOS 12.1.4 Update Patches 2 Zero-Day and FaceTime Bugs

February 8th, 2019
Apple has finally released iOS 12.1.4 software update to patch the terrible Group FaceTime privacy bug that could have allowed an Apple user to call you via the FaceTime video chat service and hear or see you before you even pick up the call without your knowledge. The Facetime bug (CVE-2019-6223) was discovered by 14-year-old Grant Thompson of Catalina Foothills High School while he was

Posted in Apple Face Time, Apple iPhone, Google Project Zero, Group FaceTime, iphone update, macOS update, privilege escalation, Vulnerability | Comments (0)

New Privilege Escalation Flaw Affects Most Linux Distributions

October 26th, 2018
An Indian security researcher has discovered a highly critical flaw in X.Org Server package that impacts OpenBSD and most Linux distributions, including Debian, Ubuntu, CentOS, Red Hat, and Fedora. Xorg X server is a popular open-source implementation of the X11 system (display server) that offers a graphical environment to a wider range of hardware and OS platforms. It serves as an

Posted in CentOS, Debian, Fedora, Linux distribution, Linux server, Linux Vulnerability, OpenBSD, privilege escalation, Red Hat, Ubuntu | Comments (0)

Critical Flaws Found in Windows NTLM Security Protocol – Patch Now

July 12th, 2017

As part of this month’s Patch Tuesday, Microsoft has released security patches for a serious privilege escalation vulnerability which affect all versions of its Windows operating system for enterprises released since 2007.

Researchers at behavioral firewall specialist Preempt discovered two zero-day vulnerabilities in Windows NTLM security protocols, both of which allow attackers to create a

Posted in hacking news, Microsoft Windows, privilege escalation, RDP exploit, RDP server hacking, Vulnerability, windows hacking, windows Vulnerability, zero-day exploit | Comments (0)

A Decade Old Unix/Linux/BSD Root Privilege-Escalation Bug Discovered

June 20th, 2017

Update: Find working Exploits and Proof-of-Concepts at the bottom of this article.

Security researchers have discovered more than a decade-old vulnerability in several Unix-based operating systems — including Linux, OpenBSD, NetBSD, FreeBSD and Solaris — which can be exploited by attackers to escalate their privileges to root, potentially leading to a full system takeover.

Dubbed Stack Clash

Posted in freebsd, hacking news, Linux exploit, Linux Vulnerability, local root exploit, OpenBSD, privilege escalation, root exploit, solaris os, Vulnerability | Comments (0)

A Decade Old Unix/Linux/BSD Root Privilege-Escalation Bug Discovered

June 20th, 2017

Security researchers have discovered more than a decade-old vulnerability in several Unix-based operating systems — including Linux, OpenBSD, NetBSD, FreeBSD and Solaris — which can be exploited by attackers to escalate their privileges to root, potentially leading to a full system takeover.

Dubbed Stack Clash, the vulnerability (CVE-2017-1000364) has been discovered in the way memory was

Posted in freebsd, hacking news, Linux exploit, Linux Vulnerability, local root exploit, OpenBSD, privilege escalation, root exploit, solaris os, Vulnerability | Comments (0)

A Decade Old Unix/Linux/BSD Root Privilege-Escalation Bug Discovered

June 20th, 2017

Security researchers have discovered more than a decade-old vulnerability in several Unix-based operating systems — including Linux, OpenBSD, NetBSD, FreeBSD and Solaris — which can be exploited by attackers to escalate their privileges to root, potentially leading to a full system takeover.

Dubbed Stack Clash, the vulnerability (CVE-2017-1000364) has been discovered in the way memory was

Posted in freebsd, hacking news, Linux exploit, Linux Vulnerability, local root exploit, OpenBSD, privilege escalation, root exploit, solaris os, Vulnerability | Comments (0)