[FD] CVE-2020-2771, CVE-2020-2851, CVE-2020-2944 - Multiple vulnerabilities in Oracle Solaris

2020-04-17 Thread Marco Ivaldi
posts anymore: it finally happened, the end of an era... -- Marco Ivaldi, Offensive Security Manager CISSP, OSCP, QSA, ASV, OPSA, OPST, OWSE, LA27001, PRINCE2F @Mediaservice.net S.r.l. con Socio Unico https://www.mediaservice.net/ @Mediaservice.net Security Advisory #2020-05 (last updated on 2020-04

[FD] CVE-2020-2696 - Local privilege escalation via CDE dtsession

2020-01-17 Thread Marco Ivaldi
-dtsession/ https://github.com/0xdea/exploits/blob/master/solaris/raptor_dtsession_ipa.c Regards, -- Marco Ivaldi, Offensive Security Manager CISSP, OSCP, QSA, ASV, OPSA, OPST, OWSE, LA27001, PRINCE2F @Mediaservice.net S.r.l. con Socio Unico https://www.mediaservice.net/ Tel: +39 011 19016595

[FD] CVE-2020-2656 - Low impact information disclosure via Solaris xlock

2020-01-17 Thread Marco Ivaldi
read partial contents of sensitive files. Due to the fact that target files must be in a very specific format, exploitation of this flaw to escalate privileges in a realistic scenario is unlikely." Regards, -- Marco Ivaldi, Offensive Security Manager CISSP, OSCP, QSA, ASV, OPSA, OPST, OWS

Re: [FD] local privilege escalation via CDE dtprintinfo

2019-07-18 Thread Marco Ivaldi
report, especially given the unusual circumstances. -- Marco Ivaldi, SAT Manager CISSP, OSCP, QSA, ASV, OPSA, OPST, OWSE, LA27001, PRINCE2F @Mediaservice.net S.r.l. con Socio Unico https://www.mediaservice.net/ ´╗┐On 17/05/2019, 16:13, "Marco Ivaldi" wrote: Dear Full Disclosure,

[FD] local privilege escalation via CDE dtprintinfo

2019-05-17 Thread Marco Ivaldi
github.com/0xdea/raptor_infiltrate19 Regards, -- Marco Ivaldi, SAT Manager CISSP, OSCP, QSA, ASV, OPSA, OPST, OWSE, LA27001, PRINCE2F @Mediaservice.net S.r.l. con Socio Unico https://www.mediaservice.net/ @Mediaservice.net (Cybaze Group) Security Advisory #2019-01 (updated on 2019-05-08)