Category: CVE
-
jQuery XSS (CVE-2015-9251)
jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.
-
Zerologon (CVE-2020-1472)
Zerologon is an elevation of privilege vulnerability when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC), aka ‘Netlogon Elevation of Privilege Vulnerability’. Zerologon (CVE-2020-1472) is a critical vulnerability that affects Windows servers. Given certain circumstances, this vulnerability can allow an attacker to bypass authentication…
-
Exploit 47995: Sudo 1.8.25p – Buffer Overflow (CVE-2019-18634)
If pwfeedback is enabled in sudoers, the stack overflow may allow unprivileged users to escalate to the root account. https://www.exploit-db.com/exploits/47995 Check if server is vulnerable
-
Exploit 45233: OpenSSH 2.3 < 7.7 - Username Enumeration (CVE-2018-15473)
Fix for: https://www.exploit-db.com/exploits/45233 Create file ssh-exploit-user-enum.py Run with Python 2 Requires paramiko (pip install paramiko) Exploit 45233 Fix the exploit first, see below. Fixing the exploit for Python3 Fix broken indentation before “pass” in “BadUsername” Replace every occurence of _handler_table by _client_handler_table Replace every occurence of print with print() 45233.py (fixed)
-
Cisco ASA firewall: Cisco CLI “jail break” (CVE-2014-3390)
Shell access without a reboot https://www.youtube.com/watch?v=KXqrovapQ5A&feature=youtu.be&t=1495