5 matches found
SunOS <= 4.1.3 LD_LIBRARY_PATH and LD_OPTIONS Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/43/info There exists a vulnerability involving environment variables and setuid/setgid programs under SunOS 4.0 and higher. A dynamically-linked program that is invoked by a setuid/setgid program has access to the caller'...
Linux Kernel 3.0 3.3.5 - CLONE_NEWUSER|CLONE_FS Local Privilege Escalation
Linux Kernel 3.0 3.3.5 - CLONENEWUSER|CLONEFS Local Privilege Escalation / source: https://www.securityfocus.com/bid/58478/info Linux kernel is prone to a local privilege-escalation vulnerability. Local attackers can exploit this issue to gain kernel privileges, which will aid in further attacks....
GLIBC (via /bin/su) Local Root Exploit
No description provided by source. / Working exploit for glibc executing /bin/su To exploit this i have used a technique that overwrites the .dtors section of /bin/su program with the address of the shellcode, so, the program executes it when main returns or exit is called Thanks a lot to rwxrwxr...
CVE-2002-2039
In QNX RTOS versions 4.25 and 6.1.0, /bin/su allows local users to read sensitive information from core dump files by sending SIGSERV (invalid memory reference); impact is partial confidentiality. The description notes the local privilege/impact but does not provide exploitable details, affected ...
GLIBC - '/bin/su' Local Privilege Escalation
/ Working exploit for glibc executing /bin/su To exploit this i have used a technique that overwrites the .dtors section of /bin/su program with the address of the shellcode, so, the program executes it when main returns or exit is called Thanks a lot to rwxrwxrwx for explaining me this technique...