4067 matches found
Aspell (word-list-compress) - Command Line Stack Overflow
/ Fuck private exploits . Fuck iranian hacking and security !! teams who are just some fucking kiddies. Fuck all "Security money makers" word-list-compress local exploit - SECU Coded by : c0d3r / root . razavi1366atyahoodotcom word-list-compress is not setuid . so good for backdooring . gratz fly...
CoffeeCup FTP Clients (Direct 6.2.0.62) (Free 3.0.0.10) - Remote Buffer Overflow
CoffeeCup FTP Clients Direct 6.2.0.62 Free 3.0.0.10 - Remote Buffer Overflow / CoffeeCup FTP Clients Buffer Overflow Vulnerability Exploit created by Komrade e-mail: unsecureataltervistadotorg web: http://unsecure.altervista.org Tested on: CoffeeCup Direct FTP 6.2.0.62 CoffeeCup Free FTP 3.0.0.10...
CoffeeCup FTP Clients (Direct <= 6.2.0.62) (Free <= 3.0.0.10) BoF Expl
Exploit for unknown platform in category remote exploits ========================================================================= CoffeeCup FTP Clients Direct coffeecupbof direct -l exploit for CoffeeCup Direct FTP executed locally C:\ coffeecupbof free -r 10.0.0.1 exploit for CoffeeCup Free FTP...
wodFtpDLX Client - ActiveX Control Buffer Overflow Crash
/ WodFtpDLX Client ActiveX Control Buffer Overflow Crash Exploit created by Komrade e-mail: unsecureataltervistadotorg web: http://unsecure.altervista.org Tested on WodFtpDLX.ocx versions 2.3.2.90 - 2.3.0.0 - 2.2.0.1 on a Windows XP Professional sp2 operating system. This exploit creates a fake F...
CVE-2004-0923
CVE-2004-0923 affects CUPS 1.1.20 and earlier, where authentication information for a device URI could be recorded in the error_log. This enables a local user to obtain usernames and passwords by reading the log. The issue is a log leakage caused by how CUPS handles device URIs with embedded cred...
socat <= 1.4.0.2 Local Format String Exploit (not setuid)
Exploit for linux platform in category local exploits ========================================================= socat No System Group - http://www.nosystem.com.ar email protected:$ make socatexp email protected:$ ./socatexp socat shellcode address = 0xbfffffb9 .dtors address = 0x080740c4 2004/10/...
Socat 1.4.0.2 - Not SETUID Local Format String
Socat 1.4.0.2 - Not SETUID Local Format String / socatexp.c Socat Format String Vulnerability socat No System Group - http://www.nosystem.com.ar coki@servidor:$ make socatexp coki@servidor:$ ./socatexp socat shellcode address = 0xbfffffb9 .dtors address = 0x080740c4 2004/10/19 09:49:46 socat26197...
Apache <= 1.3.31 mod_include Local Buffer Overflow Exploit
Exploit for linux platform in category local exploits ========================================================== Apache = 1.3.31 modinclude Local Buffer Overflow Exploit ========================================================== / local exploit for modinclude of apache 1.3.x written by xCrZx...
BSD bmon <= 1.2.1_2 Local Exploit
No description provided by source. !/usr/local/bin/bash Written by Idan Nahoum. [email protected] local exploit for FreeBSD/OpenBSD with bmon 1.2.12 installed. when bmon is executed with the -n parameter it popens netcat but fail to provide an absoluth path. some bsds are configured with acls that...
BSD bmon 1.2.1_2 - Local acls Bypass
BSD bmon 1.2.12 - Local acls Bypass !/usr/local/bin/bash Written by Idan Nahoum. [email protected] local exploit for FreeBSD/OpenBSD with bmon default: $BMONEXEC" "$" -gt "0" && BMONEXEC="$1" -x "$BMONEXEC" || echo "$BMONEXEC not found" exit cd /tmp apparently bmon closes stdout, so we run a shell wit...
BSD bmon <= 1.2.1_2 Local Exploit
Exploit for bsd platform in category local exploits ================================= BSD bmon default: $BMONEXEC" "$" -gt "0" && BMONEXEC="$1" -x "$BMONEXEC" || echo "$BMONEXEC not found" exit cd /tmp apparently bmon closes stdout, so we run a shell with stdout redirected to stderr. cat ./netsta...
BSD bmon 1.2.1_2 - Local acls Bypass
!/usr/local/bin/bash Written by Idan Nahoum. [email protected] local exploit for FreeBSD/OpenBSD with bmon default: $BMONEXEC" "$" -gt "0" && BMONEXEC="$1" -x "$BMONEXEC" || echo "$BMONEXEC not found" exit cd /tmp apparently bmon closes stdout, so we run a shell with stdout redirected to stderr. cat...
IIS NNTP Service XPAT Command Vulnerabilities
Advisory ID Internal CORE-2004-0802 Core Security Advisory https://www.coresecurity.com Date Published: 2004-10-12 Last Update: 2004-10-12 Advisory ID: CORE-2004-0802 Bugtraq ID: Not assigned CVE Name: CAN-2004-0574 Title: IIS NNTP Service XPAT Command Vulnerabilities Class: Boundary error...
Debian DSA-041-1 : joe - local exploit
Christer Oberg of Wkit Security AB found a problem in joe Joe's Own Editor. joe will look for a configuration file in three locations: The current directory, the users homedirectory $HOME and in /etc/joe. Since the configuration file can define commands joe will run for example to check spelling...
Debian DSA-325-1 : eldav - insecure temporary file
eldav, a WebDAV client for Emacs, creates temporary files without taking appropriate security precautions. This vulnerability could be exploited by a local user to create or overwrite files with the privileges of the user running emacs and eldav. %NASLMINLEVEL 70300 C Tenable Network Security, In...
Debian DSA-024-1 : cron - local insecure crontab handling
The FreeBSD team has found a bug in the way new crontabs were handled which allowed malicious users to display arbitrary crontab files on the local system. This only affects valid crontab files so it can't be used to get access to /etc/shadow or something. crontab files are not especially secure...
Zinf Audio Player 2.2.1 - Local Buffer Overflow
Zinf Audio Player 2.2.1 - Local Buffer Overflow / -------------------------------Advisory---------------------------------- Luigi Auriemma I don't know why this bug has not been tracked but moreover I don't completely know why it has not been fixed yet in the Windows version of Zinf. In short, Zi...
Zinf Audio Player 2.2.1 - Local Buffer Overflow
/ -------------------------------Advisory---------------------------------- Luigi Auriemma I don't know why this bug has not been tracked but moreover I don't completely know why it has not been fixed yet in the Windows version of Zinf. In short, Zinf is an audio player for Linux and Windows:...
GNU Sharutils <= 4.2.1 Local Format String PoC Exploit
No description provided by source. / GNU sharutils = 4.2.1 Local Format String POC Code C0ded by n4rk0tix a.k.a nrktx [email protected] Below is a l4m3 proof of concept code for da recently reported lame bug; These binaryz have not only format bugz, but also buffer overflowz,etc.We also...
CVE-2004-0907
CVE-2004-0907 affects Linux installs of Mozilla Firefox (pre-Preview Release), Mozilla (pre-1.7.3), and Thunderbird (pre-0.8). The root cause is insecure permissions on files created during the installation tarball extraction, which could let local users overwrite files and execute arbitrary code...