CVE-2006-1539

Multiple buffer overflows in the checkscores function in scores.c in tetris-bsd in bsd-games before 2.17-r1 in Gentoo Linux might allow local users with games group membership to gain privileges by modifying tetris-bsd.scores to contain crafted executable content, which is executed when another...

CVE-2006-1539

Multiple buffer overflows in the checkscores function in scores.c in tetris-bsd in bsd-games before 2.17-r1 in Gentoo Linux might allow local users with games group membership to gain privileges by modifying tetris-bsd.scores to contain crafted executable content, which is executed when another...

CVE-2006-1539

CVE-2006-1539: Multiple buffer overflows in the checkscores function of scores.c in tetris-bsd (bsd-games) allow local users with games group membership to gain privileges by modifying tetris-bsd.scores to contain crafted executable content, executed when another user runs tetris-bsd. Affected: G...

CVE-2006-1539

Multiple buffer overflows in the checkscores function in scores.c in tetris-bsd in bsd-games before 2.17-r1 in Gentoo Linux might allow local users with games group membership to gain privileges by modifying tetris-bsd.scores to contain crafted executable content, which is executed when another...

GLSA-200603-26 : bsd-games: Local privilege escalation in tetris-bsd

The remote host is affected by the vulnerability described in GLSA-200603-26 bsd-games: Local privilege escalation in tetris-bsd Tavis Ormandy of the Gentoo Linux Security Audit Team discovered that the checkscores function in scores.c reads in the data from the /var/games/tetris-bsd.scores file...

bsd-games: Local privilege escalation in tetris-bsd

Background bsd-games is a collection of NetBSD games ported to Linux. Description Tavis Ormandy of the Gentoo Linux Security Audit Team discovered that the checkscores function in scores.c reads in the data from the /var/games/tetris-bsd.scores file without validation, rendering it vulnerable to...

Socket unreachable and decompression buffer-overflow in Vavoom 1.19.1

Luigi Auriemma Application: Vavoom http://www.vavoom-engine.com Versions: = 1.19.1 Platforms: Windows, DOS, nix, BSD and more Bugs: A socket unreachable B decompression crash Exploitation: remote, versus server and client Date: 26 Mar 2006 Author: Luigi Auriemma e-mail: [email protected] web:...

[Full-disclosure] Multiple vulnerabilities in ENet library (Jul 2005)

Luigi Auriemma Application: ENet library http://enet.bespin.org Versions: = Jul 2005 it's the current CVS version Platforms: Windows, nix, BSD and more Bugs: A invalid memory access 32 bit B allocation abort with fragment Exploitation: remote Date: 12 Mar 2006 Author: Luigi Auriemma e-mail:...

Multiple vulnerabilities in Cube engine 2005_08_29

Luigi Auriemma Application: Cube engine http://www.cubeengine.com Versions: = 20050829 Platforms: Windows, nix, BSD and MacOS Bugs: A sgetstr buffer-overflow B invalid memory access C clients crash through invalid map Exploitation: remote, versus both server and clients Date: 06 Mar 2006 Author:...

Unix Command Shell, Reverse TCP (via Perl)

Creates an interactive shell via perl This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 234 include Msf::Payload::Single include Msf::Sessions::CommandShellOptions def initializeinfo...

Unix Command Shell, Bind TCP (via Perl)

Listen for a connection and spawn a command shell via perl This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 240 include Msf::Payload::Single include Msf::Sessions::CommandShellOptio...

BSD systems securelevel protection bypass

By mounting different filesystem it's possible to mask file flagged 'immutable'. It's possible to rollback system tiime by setting it to maximum value...

CVE-2006-0126

rxvt-unicode before 6.3, on certain platforms that use openpty and non-Unix pty devices such as Linux and most BSD platforms, does not maintain the intended permissions of tty devices, which allows local users to gain read and write access to the devices...

CVE-2006-0126

rxvt-unicode before 6.3, on certain platforms that use openpty and non-Unix pty devices such as Linux and most BSD platforms, does not maintain the intended permissions of tty devices, which allows local users to gain read and write access to the devices...

CVE-2006-0126

rxvt-unicode before 6.3, on certain platforms that use openpty and non-Unix pty devices such as Linux and most BSD platforms, does not maintain the intended permissions of tty devices, which allows local users to gain read and write access to the devices...

[Full-disclosure] Time modification flaw in BSD securelevels on NetBSD and Linux

Advisory: Time modification flaw in BSD securelevels on NetBSD and Linux The implementations of securelevels on NetBSD and Linux contain an integer overflow, allowing the protection of system time to be completely circumvented. Details ======= Product: NetBSD Linux Affected Versions:...

Alpha2 Alphanumeric Unicode Uppercase Encoder

Encodes payload as unicode-safe uppercase text. This encoder uses SkyLined's Alpha2 encoding suite. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rex/encoder/alpha2/unicodeupper' class MetasploitModule...

Alpha2 Alphanumeric Unicode Mixedcase Encoder

Encodes payload as unicode-safe mixedcase text. This encoder uses SkyLined's Alpha2 encoding suite. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rex/encoder/alpha2/unicodemixed' class MetasploitModule...

FreeBSD (4.x , < 5.4) master.passwd Disclosure Exploit

Exploit for bsd platform in category local exploits ====================================================== FreeBSD 4.x , include include include include include include define BUFSIZ 4096 void dolisten int s,c; struct sockaddrin addr; struct sockaddrin cli; socklent clisize; char bufBUFSIZ; FILE...

BSD ftpd Single Byte Buffer Overflow

One-byte buffer overflow in replydirname function in BSD-based ftpd allows remote attackers to gain root privileges. SPDX-FileCopyrightText: 2003 Xue Yong Zhi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...