This whitepaper covers a new technique that utilizes DLL injection to inject a custom DLL into a running vulnerable process to add a POP POP RET sequence in the scenario that the vulnerable program does not include any null byte free sequences. This is a useful technique to exploit SEH buffer overflow attacks successfully.
74df8ee5ae7f9410a55a3ced1546454f896ed3cdd356c8ffd56a51dee01fc0dbA vulnerability exists in CA Client Automation that can allow a local attacker to gain escalated privileges. CA published solutions to address the vulnerability and recommends that all affected customers implement the applicable solution. The vulnerability, CVE-2019-19231, occurs due to insecure file access by the agent services. A local attacker may exploit this vulnerability to execute arbitrary commands with escalated privileges on an installation of the Client Automation agent. The Windows agent in CA Client Automation versions 14.0, 14.1, 14.2, and 14.3 are affected.
f83b28b09c7c76554eda487fcb8f48e6c31754eb1815d5deca6571ca3cc74d47
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed