An issue was discovered in open-vm-tools 2009.03.18-154848. Local users can bypass intended access restrictions on mounting shares via a symlink attack that leverages a realpath race condition in mount.vmhgfs (aka hgfsmounter).
More Stories
Multiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code Execution
Multiple vulnerabilities have been discovered in Adobe products, the most severe of which could allow for arbitrary code execution. Adobe...
SEC Consult SA-20240513-0 :: Tolerating Self-Signed Certificates in SAPĀ® Cloud Connector
Posted by SEC Consult Vulnerability Lab via Fulldisclosure on May 14 SEC Consult Vulnerability Lab Security Advisory < 20240513-0 >...
TROJANSPY.WIN64.EMOTET.A / Arbitrary Code Execution
Posted by malvuln on May 14 Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024 Original source: https://malvuln.com/advisory/f917c77f60c3c1ac6dbbadbf366ddd30.txt Contact:...
BACKDOOR.WIN32.ASYNCRAT / Arbitrary Code Execution
Posted by malvuln on May 14 Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024 Original source: https://malvuln.com/advisory/2337b9a12ecf50b94fc95e6ac34b3ecc.txt Contact:...
Re: Panel.SmokeLoader / Cross Site Request Forgery (CSRF)
Posted by malvuln on May 14 Updated and fixed a payload typo and added additional info regarding the stored persistent...
Panel.SmokeLoader / Cross Site Request Forgery (CSRF)
Posted by malvuln on May 14 Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024 Original source: https://malvuln.com/advisory/4b5fc3a2489985f314b81d35eac3560f_B.txt Contact:...