HexChat 2.9.4 Local Exploit Submission

Exploit for windows platform in category local exploits !/usr/bin/python HexChat 2.9.4 Local Exploit Bug found by Jules Carter Exploit by Matt "hostess" Andreko http://www.mattandreko.com/2013/04/buffer-overflow-in-hexchat-294.html junk1 = "B"30 shellcode = msfvenom -p windows/messagebox...

HexChat 2.9.4 Buffer Overflow

!/usr/bin/python HexChat 2.9.4 Local Exploit Bug found by Jules Carter Exploit by Matt "hostess" Andreko http://www.mattandreko.com/2013/04/buffer-overflow-in-hexchat-294.html junk1 = "B"30 shellcode = msfvenom -p windows/messagebox EXITFUNC=process BufferRegister=ESP -e x86/alphamixed -f c...

Ubuntu 10.04 LTS : linux-ec2 vulnerabilities (USN-1776-1)

A flaw was reported in the permission checks done by the Linux kernel for /dev/cpu//msr. A local root user with all capabilities dropped could exploit this flaw to execute code with full root capabilities. CVE-2013-0268 A flaw was discovered in the Linux kernels handling of memory ranges with...

CVE-2013-1773

CVE-2013-1773 involves a buffer overflow in the Linux kernel VFAT UTF-8 to UTF-16 conversion during a VFAT write when utf8 mount option is used. Affects Linux kernel before 3.3; local privilege escalation or system crash possible. The connected advisory set includes references to kernel patches (...

CVE-2013-1248

Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges, and...

CVE-2012-6095

CVE-2012-6095 affects ProFTPD prior to 1.3.5rc1. When using the UserOwner directive, a race condition with a symlink attack on the MKD or XMKD commands lets a local user modify ownership of arbitrary files. The vulnerability arises from insecure handling of temporary files during directory creati...

Nvidia Display Driver Service (Nsvr) - Local Buffer Overflow

/ NVidia Display Driver Service Nsvr Exploit - Christmas 2012 - Bypass DEP + ASLR + /GS + CoE ============================================================= @peterwintrsmith Initial release 25/12/12 Update 25/12/12 - Target for 30 Aug 2012 nvvsvc.exe Build - thanks @seanderegge! Hey all! Here is a...

Grep 2.11 - Integer Overflow Crash (PoC)

Grep 2.11 - Integer Overflow Crash PoC Grep /dev/null Segmentation fault core dumped Method two: $ perl -e 'print "\nx"x231' | grep -c x /dev/null Twitter: https://twitter.com/MegaManSec CVE: CVE-2012-5667 -- Joshua Rogers - Retro Game Collector && IT Security Specialist gpg pubkey...

Grep < 2.11 - Integer Overflow Crash (PoC)

Grep /dev/null Segmentation fault core dumped Method two: $ perl -e 'print "\nx"x231' | grep -c x /dev/null Twitter: https://twitter.com/MegaManSec CVE: CVE-2012-5667 -- Joshua Rogers - Retro Game Collector && IT Security Specialist gpg pubkey...

Grep Integer Overflow

Grep /dev/null Segmentation fault core dumped Method two: $ perl -e 'print "\nx"x231' | grep -c x /dev/null Twitter: https://twitter.com/MegaManSec CVE: CVE-2012-5667 -- Joshua Rogers - Retro Game Collector && IT Security Specialist gpg pubkey...

Zoner Photo Studio v15 Build 3 (Zps.exe) Registry Value Parsing Exploit

Exploit for windows platform in category local exploits !/usr/bin/python Exploit Title: Zoner Photo Studio v15 Build 3 Zps.exe Registry Value Parsing Local Buffer Overflow Version: 15 Build 3, Build 2 Date: 2012-11-09 Author: Julien Ahrens Homepage: http://www.inshell.net Software Link:...

Zoner Photo Studio 15 Build 3 Registry Value Parsing

!/usr/bin/python Exploit Title: Zoner Photo Studio v15 Build 3 Zps.exe Registry Value Parsing Local Buffer Overflow Version: 15 Build 3, Build 2 Date: 2012-11-09 Author: Julien Ahrens Homepage: http://www.inshell.net Software Link: http://www.zoner.com Tested on: Windows XP SP3 Professional Germa...

FreeBSD : xlockmore -- local exploit (57652765-18aa-11e2-8382-00a0d181e71d)

Ignatios Souvatzis of NetBSD reports : Due to an error in the dclock screensaver in xlockmore, users who explicitly use this screensaver or a random mix of screensavers using something like 'xlockmore -mode random' may have their screen unlocked unexpectedly at a random time. %NASLMINLEVEL 70300 ...

PHP 5.3.4 Win Com Module - Com_sink

Exploit Title: PHP 5.3.4 Win Com Module Comsink Local Exploit Google Dork: Nil Date: 9/10/2012 Author: FB1H2S Software Link: PHP Windows Version: 5.3.4 Tested on: Microsoft XP Pro 2002 SP2...

Microsoft Windows - Escalate UAC Execute RunAs (Metasploit)

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Windows...

soapbox 0.3.1 <= Local Root Exploit

Exploit for linux platform in category local exploits ----------------------------------- soapbox 0.3.1 Description: "Soapbox allows to restrict processes to write only to those places you want. Read-access however is still based on file-permissions. By preloading the Soapbox library, you can run...

Vip torrent 4.X.X - Multiple Vulnerabilities

Exploit for windows platform in category local exploits !/usr/bin/perl 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote,...

Internet Download Manager All Versions-SEH Based Buffer Overflow+Universal

Exploit for windows platform in category local exploits !/usr/bin/perl 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote,...

Total Video Player V1.31 m3u playlist exploit

Exploit for windows platform in category local exploits / 28-08-2012 Total Video Player V1.31 m3u playlist exploit Local Exploit Written by GoTr00t Tested on Windows 7 aksuumitathotmail.com / include include include int main char exploit3000; memsetexploit,0x00,sizeofexploit; char overflow304;...

Linux Kernel 2.6.x - rds_recvmsg() Local Information Disclosure

Linux Kernel 2.6.x - rdsrecvmsg Local Information Disclosure / source: https://www.securityfocus.com/bid/54702/info The Linux kernel is prone to a local information-disclosure vulnerability. Local attackers can exploit this issue to obtain sensitive information that may lead to further attacks. /...