4067 matches found
[Full-Disclosure] Linux kernel uselib() privilege elevation, corrected
Hi all, first of all I must comply about the handling of this vulnerability that I reported to vendorsec. Obviously my code posted there has been stolen and plagiated in order to put the blame on Stefan Esser from Ematters and disturb the security community. I really apologize to Stefan Esser for...
IBM DB2 libdb2.so buffer overflow (#NISR05012005B)
NGSSoftware Insight Security Research Advisory Name: IBM DB2 libdb2.so.1 buffer overflow Systems Affected: DB2 8.1/7.x Severity: High risk from local Vendor URL: http://www.ibm.com/ Author: David Litchfield david at ngssoftware.com Relates to: http://www.nextgenss.com/advisories/db2-02.txt Date o...
[Full-Disclosure] WinAce - GZIP File Directory Transversal
Application: WinAce Vendors: http://www.webtoolmaster.com Versions: 1.4d Platforms: Windows Bug: GZIP File Directory Transversal Exploitation: Local extract file Date: 24 Dec 2004 Author: Rafel Ivgi, The-Insider E-Mail: [email protected] Website: http://theinsider.deep-ice.com 1 Introduction 2...
CVE-2004-0491
The linux-2.4.21-mlock.patch in Red Hat Enterprise Linux 3 does not properly maintain the mlock page count when one process unlocks pages that belong to another process, which allows local users to mlock more memory than specified by the rlimit...
USN-45-1: nasm vulnerability
Jonathan Rockway discovered a locally exploitable buffer overflow in the error function of nasm. If an attacker tricked a user into assembling a malicious source file, they could exploit this to execute arbitrary code with the privileges of the user that runs nasm...
Ultrix 4.5/MIPS dxterm Local Buffer Overflow Exploit
Exploit for ultrix platform in category local exploits ==================================================== Ultrix 4.5/MIPS dxterm Local Buffer Overflow Exploit ==================================================== / Ultrix 4.5/MIPS dxterm exploit by ztion in 2004 Greets to: Stok, sidez It wasn't...
AIX 5.1 5.3 - paginit Local Stack Overflow
AIX 5.1 5.3 - paginit Local Stack Overflow / exploit for /usr/bin/paginit tested on: AIX 5.2 if the exploit fails it's because the shellcode ends up at a different address. use dbx to check, and change RETADDR accordingly. cees-bart / define RETADDR 0x2ff22c90 char shellcode = "\x7c\xa5\x2a\x79"...
Linux kernel scm_send local DoS
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Synopsis: Linux kernel scmsend local DoS Product: Linux kernel Version: 2.4 up to and including 2.4.28, 2.6 up to and including 2.6.9 Vendor: http://www.kernel.org/ URL: http://isec.pl/vulnerabilities/isec-0019-scm.txt CVE: CAN-2004-1016 Author: Paul...
[SECURITY] [DSA 609-1] New atari800 packages fix local root exploit
-------------------------------------------------------------------------- Debian Security Advisory DSA 609-1 [email protected] http://www.debian.org/security/ Martin Schulze December 14th, 2004 http://www.debian.org/security/faq -...
TipxD <= 1.1.1 Local Format String Vulnerability (not setuid)
Exploit for linux platform in category local exploits ============================================================= TipxD - SECU No System Group - http://www.nosystem.com.ar / include include define PATH "/bin/tipxd" define OBJDUMP "/usr/bin/objdump" define GREP "/usr/bin/grep" unsigned char...
TipxD <= 1.1.1 Local Format String Vulnerability (not setuid)
No description provided by source. / tipxdexp.c TipxD Format String Vulnerability TipxD = 1.1.1 local exploit Proof of Concept Tested in Slackware 9.0 / 9.1 / 10.0 by CoKi [email protected] - SECU No System Group - http://www.nosystem.com.ar / include stdio.h include string.h define PATH...
TipxD 1.1.1 - Not SETUID Local Format String
TipxD 1.1.1 - Not SETUID Local Format String / tipxdexp.c TipxD Format String Vulnerability TipxD - SECU No System Group - http://www.nosystem.com.ar / include include define PATH "/bin/tipxd" define OBJDUMP "/usr/bin/objdump" define GREP "/usr/bin/grep" unsigned char shellcode= / aleph1...
Linux Kernel <= 2.4.28 and <= 2.6.9 scm_send local DoS Exploit
Exploit for linux platform in category dos / poc ============================================================== Linux Kernel include include include static char buf1024; void fatal const char msg printf "\n"; if !errno fprintf stderr, "FATAL: %s\n", msg; else perror msg; printf "\n"; fflush stdou...
TipxD 1.1.1 - Not SETUID Local Format String
/ tipxdexp.c TipxD Format String Vulnerability TipxD - SECU No System Group - http://www.nosystem.com.ar / include include define PATH "/bin/tipxd" define OBJDUMP "/usr/bin/objdump" define GREP "/usr/bin/grep" unsigned char shellcode= / aleph1 shellcode.45b /...
MS04-044: Vulnerabilities in Windows Kernel and LSASS (885835)
The remote host is running version of the NT kernel and LSASS which could allow a local user to gain elevated privileged. An attacker who has the ability to execute arbitrary commands on the remote host could exploit these flaws to gain SYSTEM privileges. C Tenable Network Security, Inc...
Solaris 7/8/9 CDE libDtHelp - Buffer Overflow Non-Exec Stack Privilege Escalation
Solaris 7/8/9 CDE libDtHelp - Buffer Overflow Non-Exec Stack Privilege Escalation. CVE-2003-0834. Local exploit for Solaris platform / $Id: raptorlibdthelp2.c,v 1.1 2004/12/04 14:44:38 raptor Exp $ raptorlibdthelp2.c - libDtHelp.so local, Solaris/SPARC 7/8/9 Copyright c 2003-2004 Marco Ivaldi...
CVE-2004-1116
CVE-2004-1116 affects Great Internet Mersenne Prime Search (GIMPS) 23.9 and earlier, where init scripts run user-owned binaries with root privileges. This enables local privilege escalation if a user can modify the programs, as described in NVD, CVE listings, and Gentoo GLSA 200411-26. The OpenVA...
Aspell (word-list-compress) Command Line Stack Overflow
No description provided by source. / Fuck private exploits . Fuck iranian hacking and security !! teams who are just some fucking kiddies. Fuck all "Security money makers" word-list-compress local exploit - SECU Coded by : c0d3r / root . razavi1366atyahoodotcom word-list-compress is not setuid . ...
Aspell (word-list-compress) - Command Line Stack Overflow
Aspell word-list-compress - Command Line Stack Overflow / Fuck private exploits . Fuck iranian hacking and security !! teams who are just some fucking kiddies. Fuck all "Security money makers" word-list-compress local exploit - SECU Coded by : c0d3r / root . razavi1366atyahoodotcom...
Aspell (word-list-compress) Command Line Stack Overflow
Exploit for linux platform in category local exploits ======================================================= Aspell word-list-compress Command Line Stack Overflow ======================================================= / Fuck private exploits . Fuck iranian hacking and security !! teams who are...