Смотрите также связанные темы 29.01.2018 A Security Vulnerability in Sun Java System Access Manager May Allow Privilege Escalation of Sub-Realm Administrators A security vulnerability in Sun Java System Access Manager may allow a sub-realm administrator to escalate their privileges and access the root realm as an administrator.
04.02.2018 CVE-2009-0062 Unspecified vulnerability in the Cisco Wireless LAN Controller (WLC), Cisco Catalyst 6500 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.2.173.0 allows remote authenticated users to gain privileges via unknown vectors, as demonstrated by escalation from the (1) Lobby Admin and (2) Local Management User privilege levels.
12.03.2018 Cisco Security Advisory: Cisco Unified Communications Manager IP Phone Personal Address Book Synchronizer Privilege Escalation Vulnerability Cisco Unified Communications Manager, formerly CallManager, contains a privilege escalation vulnerability in the IP Phone Personal Address Book (PAB) Synchronizer feature that may allow an attacker to gain complete administrative access to a vulnerable Cisco Unified Communications Manager system.
03.06.2018 Security Vulnerability in Solaris libpng(3) May Allow Denial of Service (DoS) or Privilege Escalation Security Vulnerability in Solaris libpng(3) May Allow Denial of Service (DoS) or Privilege Escalation.
04.12.2018 Блог: TDL4 стал использовать 0-day уязвимость! В начале декабря экспертами Лаборатории Касперского были обнаружены экземпляры вредоносной программы TDL4 (обновление TDSS), которые используют 0-day уязвимость для повышения привилегий в системах Windows 7/2008 x86/x64 (Windows Task Scheduler Privilege Escalation, CVE: 2010-3888 ). Данная уязвимость первоначально была обнаружена Лабораторией Касперского во вредоносной программе Stuxnet.
17.10.2018 SQL-инъекции на основе переполнения BIGINT Я решил поискать новые техники, связанные с извлечением данных при помощи ошибок в MySQL, а конкретно – при помощи переполнений.
27.08.2018 GreenSQL защитит MySQL GreenSQL позволяет защитить MySQL от атак, направленных на подстановку SQL запросов. Программа анализирует запросы, выявляет подозрительные и блокирует опасные операции. Вы сможете установить ряд параметров, по которым GreenSQL будет определять опасный запрос. Более подробно о GreenSQL читайте в статье "Protecting your MySQL database from SQL injection attacks with GreenSQL".
04.09.2018 CVE-2008-3916 Heap-based buffer overflow in the strip_escapes function in signal.c in GNU ed before 1.0 allows context-dependent or user-assisted attackers to execute arbitrary code via a long filename. NOTE: since ed itself does not typically run with special privileges, this issue only crosses privilege boundaries when ed is invoked as a third-party component.
09.10.2018 About Bitmap Discovery Exploits It was announced this week that Bernd Roellgen of PMC Ciphers has “discovered” a possible exploit which can be used to reveal details of the encryption key used to protect hard disk image backups. PMC used this information to promote the release of a new version of their software which is immune.
Some customers have asked [...]
14.10.2018 (MS08-066) Vulnerability in the Microsoft Ancillary Function Driver Could Allow Elevation of Privilege (956803) A local attacker who successfully exploited this vulnerability could take complete control of an affected system.
|