Linux x86 - polymorphic execve("/bin/bash","-p",NULL) - 57 bytes

No description provided by source. / Title: Linux x86 - polymorphic execve/bin/bash, /bin/bash, -p, NULL - 57 bytes Author: Jonathan Salwan Mail: [email protected] Web: http://www.shell-storm.org !Database of Shellcodes http://www.shell-storm.org/shellcode/ sh sets euid, egid to uid, gid if ...

Debian Security Advisory DSA 2948-1 (python-bottle - security update)

It was discovered that Bottle, a WSGI-framework for Python, performed a too permissive detection of JSON content, resulting a potential bypass of security mechanisms. OpenVAS Vulnerability Test $Id: deb2948.nasl 6637 2017-07-10 09:58:13Z teissa $ Auto-generated from advisory DSA 2948-1 using nvtg...

Mandriva Linux Security Advisory : mariadb (MDVSA-2014:102)

Multiple vulnerabilities has been discovered and corrected in mariadb : Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via vectors related to XML CVE-2014-0384. Unspecified...

Debian Security Advisory DSA 2880-1 (python2.7 - security update)

Multiple security issues were discovered in Python: CVE-2013-4238 Ryan Sleevi discovered that NULL characters in the subject alternate names of SSL cerficates were parsed incorrectly. CVE-2014-1912 Ryan Smith-Roberts discovered a buffer overflow in the socket.recvfrominto function. OpenVAS...

Linux little-known security vulnerabilities: do not output the contents of the pipe to your shell-vulnerability warning-the black bar safety net

Will wget or curl to output the contents of the pipe to the bash or sh is a very stupid thing, for example something like the following: | 1 | wget-O - http://example.com/install.sh | sudo sh ---|--- Command explanation: wget-O parameter is specified the output file name, usually followed by a...

GLSA-201402-09 : Apache mod_fcgid: Arbitrary code execution

The remote host is affected by the vulnerability described in GLSA-201402-09 Apache modfcgid: Arbitrary code execution Apache modfcgid fails to perform a boundary check on user-supplied input, potentially resulting in a heap-based buffer overflow. Impact : A remote attacker can supply a crafted...

Mandriva Linux Security Advisory : hplip (MDVSA-2014:023)

Updated hplip packages fix security vulnerabilities : It was discovered that the HPLIP Polkit daemon incorrectly handled temporary files. A local attacker could possibly use this issue to overwrite arbitrary files CVE-2013-6402. It was discovered that HPLIP contained an upgrade tool that would...

[ MDVSA-2013:284 ] glibc

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2013:284 http://www.mandriva.com/en/support/security/ Package : glibc Date : November 25, 2013 Affected: Enterprise Server 5.0 Problem Description: Multiple vulnerabilities was found and corrected in glibc: Integ...

[Linux Exploit Suggester] Grab the Linux Operating Systems release version, and return a suggestive list of possible exploits

Linux Exploit Suggester; based on operating system release number. This program run without arguments will perform a 'uname -r' to grab the Linux Operating Systems release version, and return a suggestive list of possible exploits. Nothing fancy, so a patched/back-ported patch may fool this scrip...

Oracle Linux 5 : hypervkvpd (ELSA-2013-0807)

The remote Oracle Linux 5 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2013-0807 advisory. - Validate Netlink source address CVE-2012-5532 rhbz953560 Tenable has extracted the preceding description block directly from the Oracle Linux security advisor...

Oracle Linux 6 : NetworkManager (ELSA-2011-1338)

The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2011-1338 advisory. - ifcfg-rh: CVE-2011-3364: filter newline characters when writing into ifcfg- files rh 737338 Tenable has extracted the preceding description block directly fro...

Oracle Linux 5 : kernel (ELSA-2010-2010)

The remote Oracle Linux host is missing a security update for the kernel packages. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The package checks in this plugin were extracted from Oracle Linux Security Advisory ELSA-2010-2010. include'deprecatednasllevel.inc'; include'compat.inc'; if...

Debian Security Advisory DSA 2687-1 (libfs - several vulnerabilities)

Ilja van Sprundel of IOActive discovered several security issues in multiple components of the X.org graphics stack and the related libraries: Various integer overflows, sign handling errors in integer conversions, buffer overflows, memory corruption and missing input sanitising may lead to...

Mandriva Linux Security Advisory : hplip (MDVSA-2013:088)

This hplip update addresses the folloving issues : Print/Fax queues can now be analyzed by running hp-diagnose-queues fixes some issues and duplex scanning support with newer AIO devices fixes Wireless configuration using hp-wificonfig command for HP Deskjet 3000 J310 series and HP Deskjet 3050...

Mandriva Linux Security Advisory : x11-server (MDVSA-2013:139)

This fixes a format string vulnerability in the LogVHdrMessageVerb function in os/log.c when handling input device names in X.Org X11 server CVE-2012-2118. MBS1 is not vulnerable to arbitrary code execution via this vulnerability because of the compiler options that were used to build it, but it...

Using Kernel Exploits to Bypass Sandboxes for Fun and Profit

Researchers and attackers alike are quickly discovering you don’t need a fancy Java or Flash exploit to beat application sandboxes. Exploiting an unpatched kernel vulnerability in the underlying operating system, one that’s likely to stay unpatched for a long time, will do just fine. Twice this...

Hardening Linux Security in few seconds using "Server Shield"

Are you running Linux just because you think it's safer than Windows? Think again. Sure, security is a built-in feature and extends right from the Linux kernel to the desktop, but it still leaves enough room to let someone muck about with your /home folder. Linux might be impervious to viruses an...

linux/x86 - cp /etc/shadow /tmp && chmod 777 /tmp/shadow - 126 bytes

/ 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 x Official Website: http://www.1337day.com 0 1 x...

Mandriva Linux Security Advisory : krb5 (MDVSA-2011:159)

Multiple vulnerabilities has been found and corrected in krb5 : The kdbldap plugin in the Key Distribution Center KDC in MIT Kerberos 5 aka krb5 1.9 through 1.9.1, when the LDAP back end is used, allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via a...

linux/x86 - setreuid (0,0) & execve(/bin/ash,NULL,NULL) + XOR encoded - 58 bytes

Title: Linux x86 setreuid 0,0 & execve"/bin/ash",NULL,NULL + XOR encoded - 58 bytes Author: egeektronic Twitter: @egeektronic Tested on: Slackware 13.37 Thanks: Jonathan Salwan, Yuda Prawira and Rizki Wicaksono from ctypes import shell =...