1822 matches found
linux/x86 TCP Proxy Shellcode 236 bytes
No description provided by source. // proxylib.c - is located at http://www.milw0rm.com/id.php?id=1476 /str0ke / hey all.. this is my attempt at a very small very functional tcp proxy shellcode.. to pull this off i ignored the "socks" protocols and invented my own.. sorta.. how to use me.. delive...
MDKSA-2006:022 : perl-Convert-UUlib
A buffer overflow was discovered in the perl Convert::UUlib module in versions prior to 1.051, which could allow remote attackers to execute arbitrary code via a malformed parameter to a read operation. This update provides version 1.051 which is not vulnerable to this flaw. %NASLMINLEVEL 999999...
linux/x86 setreuid(0 0) + execve(/bin/sh) 31 bytes
No description provided by source. / linux/x86 setreuid0, 0 + execve"/bin/sh", "/bin/sh", NULL, NULL - 31 bytes - izik [email protected] / char shellcode = "\x6a\x46" // push $0x46 "\x58" // pop %eax "\x31\xdb" // xor %ebx,%ebx "\x31\xc9" // xor %ecx,%ecx "\xcd\x80" // int $0x80 "\x99" // cltd...
linux/x86 Adduser without Password to /etc/passwd 59 bytes
Exploit for linux/x86 platform in category shellcode ========================================================== linux/x86 Adduser without Password to /etc/passwd 59 bytes ========================================================== / linux/x86 adds user 'xtz' without password to /etc/passwd - 59...
Mandrake Linux Security Advisory : xine-lib (MDKSA-2005:228)
Simon Kilvington discovered a vulnerability in FFmpeg libavcodec, which can be exploited by malicious people to cause a DoS Denial of Service and potentially to compromise a user's system. The vulnerability is caused due to a boundary error in the 'avcodecdefaultgetbuffer' function of 'utils.c' i...
Mandrake Linux Security Advisory : xmovie (MDKSA-2005:229)
Simon Kilvington discovered a vulnerability in FFmpeg libavcodec, which can be exploited by malicious people to cause a DoS Denial of Service and potentially to compromise a user's system. The vulnerability is caused due to a boundary error in the 'avcodecdefaultgetbuffer' function of 'utils.c' i...
Mandrake Linux Security Advisory : kdegraphics (MDKSA-2006:012)
Multiple heap-based buffer overflows in the DCTStream::readProgressiveSOF and DCTStream::readBaselineSOF functions in the DCT stream parsing code Stream.cc in xpdf 3.01 and earlier, allow user-complicit attackers to cause a denial of service heap corruption and possibly execute arbitrary code via...
zlib: Buffer overflow
Background zlib is a widely used free and patent unencumbered data compression library. Description Tavis Ormandy of the Gentoo Linux Security Audit Team discovered a buffer overflow in zlib. A bounds checking operation failed to take invalid data into account, allowing a specifically malformed...
Mandrake Linux Security Advisory : kernel (MDKSA-2005:110)
Multiple vulnerabilities in the Linux kernel have been discovered and fixed in this update. The following CVE names have been fixed in the LE2005 kernel : Colin Percival discovered a vulnerability in Intel's Hyper-Threading technology could allow a local user to use a malicious thread to create...
Ethereal 0.10.10 - 'SIP' Protocol Dissector Remote Buffer Overflow
/ tetherealsip.c now quite functional Ethereal 0.10.0 to 0.10.10 SIP Dissector remote root exploit Advisory: http://www.ethereal.com/appnotes/enpa-sa-00019.html produced by Team W00dp3ck3r: frauk\x41iser mag00n s00n thorben Notes: tested on Debian Sarge Linux maggot4 2.6.8-1-386 1 Mon Sep 13...
GLSA-200505-16 : ImageMagick, GraphicsMagick: Denial of Service vulnerability
The remote host is affected by the vulnerability described in GLSA-200505-16 ImageMagick, GraphicsMagick: Denial of Service vulnerability Tavis Ormandy of the Gentoo Linux Security Audit Team discovered a Denial of Service vulnerability in the XWD decoder of ImageMagick and GraphicsMagick when...
gdb: Multiple vulnerabilities
Background gdb is the GNU project's debugger, facilitating the analysis and debugging of applications. The BFD library provides a uniform method of accessing a variety of object file formats. Description Tavis Ormandy of the Gentoo Linux Security Audit Team discovered an integer overflow in the B...
libTIFF: Buffer overflow
Background libTIFF provides support for reading and manipulating TIFF Tag Image File Format images. Description Tavis Ormandy of the Gentoo Linux Security Audit Team discovered a stack based buffer overflow in the libTIFF library when reading a TIFF image with a malformed BitsPerSample tag. Impac...
GLSA-200504-25 : Rootkit Hunter: Insecure temporary file creation
The remote host is affected by the vulnerability described in GLSA-200504-25 Rootkit Hunter: Insecure temporary file creation Sune Kloppenborg Jeppesen and Tavis Ormandy of the Gentoo Linux Security Team have reported that the checkupdate.sh script and the main rkhunter script insecurely creates...
GLSA-200504-14 : monkeyd: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-200504-14 monkeyd: Multiple vulnerabilities Tavis Ormandy of the Gentoo Linux Security Audit Team discovered a double expansion error in monkeyd, resulting in a format string vulnerability. Ciaran McCreesh of Gentoo Linux discover...
Salim Gasmi GLD (Greylisting Daemon) 1.0 1.4 - Postfix Greylisting Buffer Overflow (Metasploit)
Salim Gasmi GLD Greylisting Daemon 1.0 1.4 - Postfix Greylisting Buffer Overflow Metasploit $Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms...
Mandrake Linux Security Advisory : gtk+2.0 (MDKSA-2005:068)
A bug was discovered in the way that gtk+2.0 processes BMP images which could allow for a specially crafted BMP to cause a Denial of Service attack on applications linked against gtk+2.0. The updated packages have been patched to correct these issues. %NASLMINLEVEL 70300 C Tenable Network Securit...
[SECURITY] [DSA 694-1] New xloadimage packages fix several vulnerabilities
-------------------------------------------------------------------------- Debian Security Advisory DSA 694-1 [email protected] http://www.debian.org/security/ Martin Schulze March 21st, 2005 http://www.debian.org/security/faq -...
Debian DSA-694-1 : xloadimage - missing input sanitising, integer overflow
Several vulnerabilities have been discovered in xloadimage, an image viewer for X11. The Common Vulnerabilities and Exposures project identifies the following problems : - CAN-2005-0638 Tavis Ormandy of the Gentoo Linux Security Audit Team has reported a flaw in the handling of compressed images,...
[Full-Disclosure] [ GLSA 200503-12 ] Hashcash: Format string vulnerability
Gentoo Linux Security Advisory GLSA 200503-12 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity:...