Source: Phishing Helps Hackers Hijack Google Accounts
The post Phishing Helps Hackers Hijack Google Accounts appeared first on MondoUnix.
Opentext Documentum Content Server (formerly known as EMC Documentum Content Server) does not properly validate input of the PUT_FILE RPC command which allows any authenticated user to hijack arbitrary file from the Content Server filesystem. Because some files on the Content Server filesystem are security-sensitive this security flaw leads to privilege escalation. Source: Opentext Documentum […]
The post Opentext Documentum Content Server File Hijack / Privilege Escalation appeared first on MondoUnix.
Source: It’s September 2017, And .NET Lets PDFs Hijack Your Windows PC
The post It’s September 2017, And .NET Lets PDFs Hijack Your Windows PC appeared first on MondoUnix.
This Metasploit module will bypass Windows UAC by creating COM handler registry entries in the HKCU hive. When certain high integrity processes are loaded, these registry entries are referenced resulting in the process loading user-controlled DLLs. These DLLs contain the payloads that result in elevated sessions. Registry key modifications are cleaned up after payload invocation. […]
The post Windows Escalate UAC Protection Bypass (Via COM Handler Hijack) appeared first on MondoUnix.
Barracuda WAF V360 with firmware 8.0.1.014 suffers from a support tunnel hijacking vulnerability.
Source: Barracuda WAF V360 Firmware 8.0.1.014 Support Tunnel Hijack
The post Barracuda WAF V360 Firmware 8.0.1.014 Support Tunnel Hijack appeared first on…