Lucene search
K

818 matches found

exploitpack
exploitpack
added 2004/12/24 12:0 a.m.37 views

Solaris 2.6789 (SPARC) - ld.so.1 Local Privilege Escalation

Solaris 2.6789 SPARC - ld.so.1 Local Privilege Escalation / $Id: raptorldpreload.c,v 1.1 2004/12/04 14:44:38 raptor Exp $ raptorldpreload.c - ld.so.1 local, Solaris/SPARC 2.6/7/8/9 Copyright c 2003-2004 Marco Ivaldi Stack-based buffer overflow in the runtime linker, ld.so.1, on Solaris 2.6 throug...

7.2CVSS0.1AI score0.03523EPSS
Exploits5
Tenable Nessus
Tenable Nessus
added 2004/07/12 12:0 a.m.24 views

Solaris 9 (x86) : 113986-29

SunOS 5.9x86: linker Patch. Date this patch was last updated by Sun : May/28/10 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

7.2CVSS6.9AI score0.00998EPSS
Exploits1References2
0day.today
0day.today
added 2003/10/27 12:0 a.m.22 views

Solaris Runtime Linker (ld.so.1) Buffer Overflow Exploit (SPARC version)

Exploit for solaris platform in category local exploits ======================================================================== Solaris Runtime Linker ld.so.1 Buffer Overflow Exploit SPARC version ======================================================================== / ld.so.1 exploit SPARC...

6.8AI score
Exploits0
exploitpack
exploitpack
added 2003/10/27 12:0 a.m.11 views

Solaris Runtime Linker (SPARC) - ld.so.1 Local Buffer Overflow

Solaris Runtime Linker SPARC - ld.so.1 Local Buffer Overflow / ld.so.1 exploit SPARC coded by: osker178 bjr213 psu.edu Alright, so this exploits a fairly standard buffer overflow in the default Solaris runtime linker ld.so.1 discovery by Jouko Pynnonen Only real deviation here from the standard...

0.6AI score
Exploits0
Exploit DB
Exploit DB
added 2003/10/27 12:0 a.m.31 views

Solaris Runtime Linker (SPARC) - 'ld.so.1' Local Buffer Overflow

/ ld.so.1 exploit SPARC coded by: osker178 bjr213 psu.edu Alright, so this exploits a fairly standard buffer overflow in the default Solaris runtime linker ld.so.1 discovery by Jouko Pynnonen Only real deviation here from the standard overflow and return into libc scenario is that at the time tha...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2003/07/30 12:0 a.m.31 views

Sun Solaris Runtime Linker buffer overflow

Buffer overflow on LDPRELOAD environment variable parsing...

6.1AI score
Exploits0References2Affected Software1
securityvulns
securityvulns
added 2003/07/30 12:0 a.m.34 views

Solaris ld.so.1 buffer overflow

OVERVIEW ======== There is a buffer overflow vulnerability in the Solaris runtime linker, /lib/ld.so.1. A local user can gain elevated privileges if there are any dynamically linked, executable SUID/SGID programs in the filesystem. On a typical Solaris installation most or all SUID/SGID programs...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2003/07/30 12:0 a.m.48 views

iDEFENSE Security Advisory 07.29.03: Buffer Overflow in Sun Solaris Runtime Linker

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 iDEFENSE Security Advisory 07.29.03: http://www.idefense.com/advisory/07.29.03.txt Buffer Overflow in Sun Solaris Runtime Linker July 29, 2003 I. BACKGROUND The Solaris runtime linker, ld.so.11, processes dynamic executables and shared objects at...

7.2CVSS0.03523EPSS
Exploits5
NVD
NVD
added 2002/08/12 4:0 a.m.24 views

CVE-2002-0746

Vulnerability in template.dhcpo in AIX 4.3.3 related to an insecure linker argument...

10CVSS6.5AI score0.0184EPSS
Exploits0References1
CVE
CVE
added 2002/07/26 4:0 a.m.48 views

CVE-2002-0746

CVE-2002-0746 affects AIX 4.3.3 in the template.dhcpo component, where an insecure linker argument is cited as the root cause. The available references describe the vulnerability but do not provide exploit details, affected vectors, or concrete remediation steps within the provided documents. The...

10CVSS6.5AI score0.0184EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2002/07/26 4:0 a.m.24 views

CVE-2002-0746

Vulnerability in template.dhcpo in AIX 4.3.3 related to an insecure linker argument...

6.5AI score0.0184EPSS
Exploits0References1
securityvulns
securityvulns
added 2002/04/15 12:0 a.m.39 views

Security holes : Linker, Pharao

Product1 : Linker http://enproject.codelib.co.kr Versions : 2.0 Problems : - Reading in HD - Informations recovery passwords, DBHOST, DBUSER,... Exploits : - /imageview.php?uid=../function/passinfo.php or /imageview.php?uid=../function/baseinfo.php - Set cookies : "adminlogin","1"...

7.1AI score
Exploits0
Cvelist
Cvelist
added 2002/03/09 5:0 a.m.23 views

CVE-1999-1143

Vulnerability in runtime linker program rld in SGI IRIX 6.x and earlier allows local users to gain privileges via setuid and setgid programs...

6.6AI score0.00346EPSS
Exploits0References3
Debian
Debian
added 2000/11/23 1:33 a.m.2 views

[SECURITY] New version of ghostscript released

Package : gs Problem type : symlink attack Debian-specific: no ghostscript uses temporary files to do some of its work. Unfortunately the method used to create those files wasnt secure: mktemp was used to create a name for a temporary file, but the file was not opened safely. A second problem is...

5.9AI score
Exploits0
securityvulns
securityvulns
added 2000/04/07 12:0 a.m.64 views

minor issue with IBM HTTPD and /usr/bin/ikeyman

Summary: /usr/bin/ikeyman is a shell script installed with setuid root permissions by the IBMHSSSB package on Solaris. The script does not seem to work very well in a Solaris 2.6 environment because of dynamic linker issues; if they are resolved, however, an unprivileged user may then be able to...

0.4AI score
Exploits0
CVE
CVE
added 2000/03/22 5:0 a.m.56 views

CVE-1999-0786

The CVE-1999-0786 entry concerns the Solaris dynamic linker. Vulnerability: a local user can create arbitrary files via the LD_PROFILE environmental variable and a symlink attack affecting the dynamic linker. Affected component: Solaris dynamic linker; root cause: LD_PROFILE manipulation enabling...

4.6CVSS6.8AI score0.00559EPSS
Exploits0References1Affected Software2
exploitpack
exploitpack
added 1999/09/22 12:0 a.m.13 views

Solaris 2.6 - Profiling File Creation

Solaris 2.6 - Profiling File Creation source: https://www.securityfocus.com/bid/659/info A vulnerability in the dynamic linkers while profiling a shared object allows local users to create arbitrary files in the system. It canno't be used to overwrite existing files. If the LDPROFILE environment...

7.4AI score
Exploits0
exploitpack
exploitpack
added 1992/05/27 12:0 a.m.14 views

SunOS 4.1.3 - LD_LIBRARY_PATH LD_OPTIONS

SunOS 4.1.3 - LDLIBRARYPATH LDOPTIONS source: https://www.securityfocus.com/bid/43/info There exists a vulnerability involving environment variables and setuid/setgid programs under SunOS 4.0 and higher. A dynamically-linked program that is invoked by a setuid/setgid program has access to the...

7.4AI score
Exploits0
Rows per page
Query Builder