Linux Kernel 2.4.22 "do_brk()" local Root Exploit (PoC)

No description provided by source. ; Christophe Devine devine at cr0.net and Julien Tinnes julien at cr0.org ; ; This exploit uses sysbrk directly to expand his break and doesn't rely ; on the ELF loader to do it. ; ; To bypass a check in sysbrk against available memory, we use a high ; virtual...

IPD (Integrity Protection Driver) Local Exploit

No description provided by source. / ipd-dos.c Copyright c 2002-2004 By Next Generation Security S.L. All rights reserved Compiles with: cl ipd-dos.c Madrid, August 2004 / include windows.h define MYNULL 0x01 typedef DWORD zwopensectionTYPEDWORD Handle, DWORD mask, DWORD oa; int mainint argc, cha...

Solaris 7/8/9 CDE LibDTHelp Local Buffer Overflow Exploit

No description provided by source. / $Id: raptorlibdthelp.c,v 1.1 2004/12/04 14:44:38 raptor Exp $ raptorlibdthelp.c - libDtHelp.so local, Solaris/SPARC 7/8/9 Copyright c 2003-2004 Marco Ivaldi [email protected] Buffer overflow in CDE libDtHelp library allows local users to execute arbitrary...

TerminatorX <= 3.81 stack overflow local root exploit

No description provided by source. / TerminatorX V. = 3.81 local root exploit by Li0n7 Typical local stack-based overflow Bugs discovered by c0wboy from 0x333 Contact Li0n7 voila fr Usage: ./terminatorX-exp -r RET-b -s STARTINGRET -r RET: no bruteforcing, try to execute shellcode with RET as retu...

AOL Instant Messenger AIM "Away" Message Local Exploit

No description provided by source. / subject: local PoC exploit for AIM 5.5.3595 vendor: http://www.aim.com cve: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0636 credits: Matt Murphy date: 10 August 2004 notes: exploits localy if an argument is supplied, otherwise prints the url...

UnixWare Merge mcd Local Root Exploit

No description provided by source. / 04/2008: public release I have'nt seen any advisory on this; possibly still not fixed. SCO UnixWare Merge mcd Local Root Exploit By qaaz / include stdio.h include stdlib.h include string.h include unistd.h include errno.h include sys/stat.h define TARGET...

Linux Kernel <= 2.6.10 Local Denial of Service Exploit

No description provided by source. / Removed ='s at the bottom /str0ke / / linux kernel =2.6.102.6.x DOS exploit writen by ChoiX c uKt Research [email protected] / include stdio.h include stdlib.h include sys/types.h include sys/stat.h include fcntl.h include unistd.h include...

Linux Kernel <= 2.6.11 (CPL 0) Local Root Exploit (k-rad3.c)

No description provided by source. / k-rad3.c - linux 2.6.11 and below CPL 0 kernel local exploit v3 Discovered and original exploit coded Jan 2005 by sd [email protected] Modified 2005/9 by alert7 [email protected] XFOCUS Security Team http://www.xfocus.org gcc -o k-rad3 k-rad3.c -static -O2 test...

CVE-2008-0598

CVE-2008-0598 affects the Linux kernel 2.6.9, 2.6.18 (and likely other versions) via the 32-bit/64-bit emulation. The issue allows local attackers to read uninitialized memory through crafted binaries, indicating a local, unauthenticated attack with LOW complexity and complete confidentiality imp...

[Full-disclosure] CORE-2008-0125: CitectSCADA ODBC service vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ CitectSCADA ODBC service vulnerability Advisory Information Title: CitectSCADA ODBC service vulnerability Advisory ID: CORE-2008-0125 Advisory URL:...

CVE-2008-2513

CVE-2008-2513 describes a kernel buffer overflow in IBM AIX 5.2, 5.3, and 6.1 that allows a local attacker to execute arbitrary code in kernel mode. The Nessus/NVD entries identify vulnerable AIX kernel files (e.g., /usr/lib/boot/unix_64, /usr/lib/boot/unix_mp, /usr/lib/boot/unix_up) and confirm ...

Symantec Altiris Client Service 6.8.378 Local Privilege Escalation Exploit

No description provided by source. // 0day PRIVATE NOT DISTRIBUTE!!! // // Symantec Altiris Client Service Local Exploit 0day // // Affected Versions : Altiris Client 6.5.248 // Altiris Client 6.5.299 // Altiris client 6.8.378 // // Alex Hernandez aka alt3kx // ahernandez at sybsecurity.com...

Insufficient argument validation of hooked SSDT functions on multiple Antivirus and Firewalls

Advisory ID Internal CORE-2008-0320 Advisory Information Title: Insufficient argument validation of hooked SSDT functions on multiple Antivirus and Firewalls Advisory ID: CORE-2008-0320 Date published: 2008-04-28 Date of last update: 2008-04-28 Vendors contacted: BitDefender, Comodo, Sophos and...

AlsaPlayer < 0.99.80-rc3 - Vorbis Input Local Buffer Overflow

I have released this exploit for the alsaplayer bug CVE-2007-5301. You can find all the needed files at http://www.wekk.net/research/CVE-2007-5301/ With my modified version of vorbiscomment, you can generate a ogg exploit like this: whats@debian:$ vorbiscomment.whats -w -t "TITLE=$perl -e 'print...

alamthal-sql.txt

Default.ASPX SQL Injection Vulnerability: Al-Amthal HRMS Solution-Optimum Remote: Yes Local: Yes Class: Input Validation Error Critical: Moderately critical URL: http://www.example.com/optimum/default.aspx?page=Search&app=Search&srch=sql sql=-1//UNION//ALL//SELECT//1,2 Published: April 6, 2008...

SCO UnixWare Merge mcd Local Root Exploit

Exploit for sco platform in category local exploits ========================================= SCO UnixWare Merge mcd Local Root Exploit ========================================= / 04/2008: public release I have'nt seen any advisory on this; possibly still not fixed. SCO UnixWare Merge mcd Local...

SCO UnixWare Reliant HA 1.1.4 - Local Privilege Escalation

/ 04/2008: public release I have'nt seen any advisory on this; possibly still not fixed. SCO UnixWare Reliant HA Local Root Exploit By qaaz / include include include include include include define TGT1 "/usr/opt/reliant/bin/hvdisp" define TGT2 "/usr/opt/reliant/bin/rcvm" define DIR "bin" define B...

[TKADV2008-002] avast! 4.7 aavmker4.sys Kernel Memory Corruption

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Advisory: avast! 4.7 aavmker4.sys Kernel Memory Corruption Advisory ID: TKADV2008-002 Revision: 1.0 Release Date: 2008/03/30 Last Modified: 2008/03/30 Date Reported: 2008/03/16 Author: Tobias Klein tk at trapkit.de Affected Software: avast! 4.7...

VLC <= 0.8.6e Subtitle Parsing Local Buffer Overflow Exploit

No description provided by source. / VLC =0.8.6.e Subtitle parsing local buffer overflow exploit Creadit to [email protected] vs Look2Me @ Tested on windows XP Pro SP2 / include stdio.h include stdlib.h include string.h char ssaheader= "Script Info\r\n" "Title: VLC = 0.8.6c,e buffer-overflow\r\n"...

Panda Internet SecurityAntiVirus+Firewall 2008 - CPoint.sys Memory Corruption

Panda Internet SecurityAntiVirus+Firewall 2008 - CPoint.sys Memory Corruption source: https://www.securityfocus.com/bid/28150/info Panda Internet Security/Antivirus+Firewall 2008 is prone to a vulnerability that allows local attackers to corrupt kernel memory. This vulnerability occurs because th...