Oracle Solaris - 'su' Local Solaris Vulnerability

No description provided by source. From http://cvs.opensolaris.org/source/xref/onnv/onnv-gate/usr/src/cmd/su/su.c 521 for j = 0; initenvj != 0; j++ 1 522 if initvar = getenvinitenvj 2 ... 535 else 536 var = char 537 mallocstrleninitenvj 3 538 + strleninitvar 539 + 2; 540 void strcpyvar, initenvj;...

Linux Kernel <= 2.6.28.3 - set_selection() UTF-8 Off By One Local Exploit

No description provided by source. / CVE-2009-1046 Virtual Console UTF-8 setselection off-by-onetwo Memory Corruption Linux Kernel = 2.6.28.3 coded by: sgrakkyu at antifork.org http://kernelbof.blogspot.com/2009/07/even-when-one-byte-matters.html Dedicated to all people talking nonsense about non...

AOL Instant Messenger AIM "Away" Message Local Exploit

No description provided by source. / subject: local PoC exploit for AIM 5.5.3595 vendor: http://www.aim.com cve: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0636 credits: Matt Murphy date: 10 August 2004 notes: exploits localy if an argument is supplied, otherwise prints the url...

Linux Kernel 2.6.10 File Lock Local Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/12949/info A local denial of service vulnerability reportedly affects the Linux kernel. This issue arises due to a failure of the kernel to properly handle malicious, excessive file locks. An attacker may leverage this...

Sendfile 1.x/2.1 - Local Privileged Arbitrary Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2645/info Sendfile is an implementation of the SAFT simple asynchronous file transfer protocol for UNIX systems. Due to a problem dropping privileges completely before running user-specified post-processing commands in th...

SudoEdit 1.6.8 - Local Change Permission Exploit

No description provided by source...

F-Secure Internet Gatekeeper for linux < 2.15.484 Local Root Exploit

No description provided by source. !/usr/bin/env python F-Secure Anti-Virus Internet Gatekeeper for Linux 2.15.484 F-Secure Anti-Virus Linux Gateway 2.16 added line 3-4 for references /str0ke fsigkexp.py: F-Secure Internet Gatekeeper for Linux local root exploit acknowledgements: everyone in...

Publish-It 3.6d - Buffer Overflow Vulnerability

No description provided by source. Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Publish-It Buffer Overflow Vulnerability 1. Advisory Information Title: Publish-It Buffer Overflow Vulnerability Advisory ID: CORE-2014-0001 Advisory URL:...

Info2www 1.0/1.1 CGI Input Handling Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1995/info The info2www script allows HTTP access to information stored in GNU EMACS Info Nodes. This script fails to properly parse input and can be used to execute commands on the server with permissions of the web serve...

TIBCO Rendezvous <= 7.4.11 Password Extractor Local Exploit

No description provided by source...

soapbox <= 0.3.1 - Local Root Exploit

No description provided by source. ----------------------------------- soapbox 0.3.1 = Local Root Exploit ----------------------------------- Vendor URI: http://dag.wieers.com/home-made/soapbox/ Credit: Jean Pascal Pereira [email protected] Description: Soapbox allows to restrict processes to wri...

IBM AIX <= 5.3 sp6 ftp gets() Local Root Exploit

No description provided by source. / 07/2007: public release IBM AIX = 5.3 sp6 AIX ftp Local Root Exploit By qaaz / include stdio.h include stdlib.h include string.h include unistd.h include sys/wait.h include sys/select.h define TARGET /usr/bin/ftp define OVERLEN 300 define MAXx,y x y ? x : y...

ATFTP 0.7 Timeout Command Line Argument Local Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7902/info atftp is prone to a locally exploitable buffer overflow condition. This issue is due to insufficient bounds checking performed on input supplied to the command line parameter -t for timeout. Local attackers may...

CDRDAO 1.1.x Home Directory Configuration File Symbolic Link Vulnerability (3)

No description provided by source. source: http://www.securityfocus.com/bid/3865/info CDRDAO is a freely available, open source CD recording software package available for the Unix and Linux Operating Systems. It is maintained by Andreas Mueller. When CDRDAO saves it's configuration to the .cdrda...

XFree86 4.2 XLOCALEDIR Local Buffer Overflow Vulnerability (3)

No description provided by source. source: http://www.securityfocus.com/bid/7002/info Several XFree86 utilities may be prone to a buffer overflow condition. The vulnerability exists due to insufficient boundary checks performed by these utilities when referencing the XLOCALEDIR environment...

Mandrake 6.x,RedHat 6.x,Turbolinux 3.5 b2/4.x/6.0.2 userhelper/PAM Path Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/913/info Because of double path vulnerabilities in the binary userhelper and PAM, it is possible to get root locally on RedHat 6.0 and 6.1 systems. Both userhelper and PAM follow .. paths and userhelper allows you to...

GetDataBack Data Recovery 2.31 - Local Exploit

No description provided by source. / GetDataBack for NTFS v2.31 Local Exploit by Kozan Application: GetDataBack for NTFS v2.31 Vendor: www.runtime.org - Runtime Software Vulnerable Description: GetDataBack for NTFS v2.31 discloses licence informaations username and key to local users. Discovered ...

BSD-Games 2.x Monop Player Name Local Buffer Overrun Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/8501/info Monop included in bsd-games is prone to a locally exploitable buffer overrun vulnerability. This is due to insufficient bounds checking of player names. Monop is typically installed setgid games, so it is possib...

TerminatorX <= 3.81 stack overflow local root exploit

No description provided by source...

AOL 9.5 (rtx) Local Buffer Overflow Exploit

No description provided by source. !/usr/bin/python Bug : AOL 9.5 rtx Local Buffer Overflow Exploit by sup3r Tested on : XP SP3 header1 = \x3c\x48\x54\x4d\x4c\x3e\x3c\x46\x4f\x4e\x54\x20\x20\x53\x49\x5a \x45\x3d\x32\x20\x50\x54\x53\x49\x5a\x45\x3d\x31\x30\x20\x46\x41...