Category: Exploits

Sudo 1.8.28 CVE-2019-1428 – Execute Arbitrary Commands

Summary When sudo is configured to allow a user to run commands as an arbitrary user via the ALL keyword in a Runas specification, it is possible to run commands as root by specifying the user ID -1 or 4294967295. This can be used by a user with sufficient sudo privileges to run commands as root even […]

Read More

Nostromo httpd CVE-2019-16279 – Denial of Service

Description Directory Traversal in the function SSL_accept in nostromo nhttpd through 1.9.6 allows an attacker to trigger a denial of service via a crafted HTTP request. This bug exploit a memory error when sending too many \r\n in a single connexion. Example

Read More

Nostromo httpd CVE-2019-16278 – Remote Code Execution

Description Directory Traversal in the function http_verify in nostromo nhttpd through 1.9.6 allows an attacker to achieve remote code execution via a crafted HTTP request. This bug is due to an incomplete fix for CVE-2011-0751. We can bypass a check for /../ which allows us to execute /bin/sh with arbitrary arguments. Example

Read More

iTerm2 CVE-2019-9535 – Remote Command Execution

Description iTerm2 is prone to a remote command-injection vulnerability Attackers can exploit this issue to execute arbitrary commands on the system. iTerm2 version 3.3.5 and prior versions are vulnerable. Technologies Affected iTerm2 iTerm2 3.0.4 iTerm2 iTerm2 3.1.0 iTerm2 iTerm2 3.1.5 iTerm2 iTerm2 3.2.0 iTerm2 iTerm2 3.2.5 iTerm2 iTerm2 3.3.0 iTerm2 iTerm2 3.3.1 iTerm2 iTerm2 3.3.2 […]

Read More

OpenSSH Pre-Auth XMSS – Integer Overflow

Summary The following advisory describes a Pre-Auth Integer Overflow in the XMSS Key Parsing Algorithm in OpenSSH. CVE ID CVE-2019-16905 Details OpenSSH is a free version of the SSH connectivity tools which technical users of the Internet rely on. Users of telnet, rlogin, and ftp may not realize that their password is transmitted across the […]

Read More

NVIDIA Tegra bootloader contains – Buffer Overflow

Description NVIDIA Shield TV Experience prior to v8.0.1, NVIDIA Tegra bootloader contains a vulnerability where the software performs an incorrect bounds check, which may lead to buffer overflow resulting in escalation of privileges and code execution. escalation of privileges, and information disclosure, code execution, denial of service, or escalation of privileges. Security Updates The following […]

Read More

Signal Private Messenger CVE-2019-17191 – Logic Error

Description There is a logic error in Signal that can cause an incoming call to be answered even if the callee does not pick it up. In the Android client, there is a method handleCallConnected that causes the call to finish connecting. During normal use, it is called in two situations: when callee device accepts […]

Read More

Linux kernel 5.3.2 CVE-2019-17133 – Buffer Overflow

Description In the Linux kernel through 5.3.2, cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c does not reject a long SSID IE, leading to a Buffer Overflow. Ensure the SSID element is bounds-checked prior to invoking memcpy() with its length field.

Read More