SRT2003-11-13-0218 - PCAnywhere local SYSTEM exploit

Secure Network Operations, Inc. http://www.secnetops.com/research Strategic Reconnaissance Team [email protected] Team Lead Contact [email protected] Our Mission: Secure Network Operations offers expertise in Networking, Intrusion Detection Systems IDS, Software Security Validation, and...

Microsoft Windows - ListBox/ComboBox Control Local (MS03-045)

/ \ local ListBox/ComboBox exploit for Win32 / \ Created by xCrZx crazyeinstein yahoo com /11.11.03/ / \ Usage: MS03-045.exe -r return address / \ there is two targets: CBDIR for ComboBox, LBDIR for ListBox. / \ As to return address it should be such as 0x0000XXYY / and you should know that this...

Important: Red Hat Security Advisory: : Updated zebra packages fix security vulnerabilities

Updated zebra packages that close a locally-exploitable and a remotely-exploitable denial of service vulnerability are now available. Zebra an open source implementation of TCP/IP routing software. Jonny Robertson reported that Zebra can be remotely crashed if a Zebra password has been enabled an...

TerminatorX 3.81 - Local Stack Overflow / Local Privilege Escalation

/ TerminatorX V. -b -s -r : no bruteforcing, try to execute shellcode with as return address -b: enables bruteforcing -s: bruteforces by using return address from to 0x00000000 Example: root@li0n7:/tmp/test/exploits ./terminatorX-exp -b exploit: terminatorX V. -b -s + Starting bruteforcing... +...

IBM DB2 - db2stop Format String Arbitrary Code Execution

IBM DB2 - db2stop Format String Arbitrary Code Execution source: https://www.securityfocus.com/bid/8989/info Multiple command-line parameter format string vulnerabilities have been discovered in various IBM DB2 binaries. Specifically, format-based functions are implemented erroneously within the...

IBM DB2 - db2govd Command Line Argument Local Overflow

IBM DB2 - db2govd Command Line Argument Local Overflow source: https://www.securityfocus.com/bid/8990/info IBM DB2 has been reported to be prone to multiple buffer overflow vulnerabilities that present themselves in binaries that are shipped with DB2. The vulnerabilities are likely caused due to ...

Musicqueue multiple local vulnerabilities

======================================== INetCop Security Advisory 2003-0x82-020 ======================================== Title: Musicqueue multiple local vulnerabilities 0x01. Description Musicqueue is a CGI music jukebox using external tools to play the files. Because of that it supports severa...

PT-2003-1911 · Microsoft +1 · Ntfs +3

Name of the Vulnerable Software and Affected Versions: mod gzip versions 1.3.26.1a and earlier Description: The issue allows local users to overwrite arbitrary files via a symlink attack on predictable temporary filenames on Unix systems, or an NTFS hard link on Windows systems when the "Strength...

HP-UX 11 CDE DTPrintInfo - Display Environment Variable Buffer Overflow

HP-UX 11 CDE DTPrintInfo - Display Environment Variable Buffer Overflow source: https://www.securityfocus.com/bid/8795/info It has been reported that dtprintinfo, installed setuid root by default, is susceptible to a locally exploitable buffer overflow vulnerability. The condition is triggered wh...

HP-UX 11 CDE DTPrintInfo - Display Environment Variable Buffer Overflow

source: https://www.securityfocus.com/bid/8795/info It has been reported that dtprintinfo, installed setuid root by default, is susceptible to a locally exploitable buffer overflow vulnerability. The condition is triggered when the value of the DISPLAY environment variable is set to a string...

IBM DB2 - Universal Database 7.2 db2licm Local Overflow

IBM DB2 - Universal Database 7.2 db2licm Local Overflow / Local Exploit for db2licm IBM db2 v 7.1 Linux/x86 vulnerability researched by Juan Manuel Pascual Escriba pask at uninet.edu / char sc= "\x31\xc0" / begin setuid 0 / "\x31\xdb" "\xb0\x17" "\xcd\x80" "\xeb\x1f" "\x5e" "\x89\x76\x08"...

IBM DB2 Universal Database 7.2 (db2licm) Local Exploit

Exploit for linux platform in category local exploits ====================================================== IBM DB2 Universal Database 7.2 db2licm Local Exploit ====================================================== / Local Exploit for db2licm IBM db2 v 7.1 Linux/x86 vulnerability researched by...

IBM DB2 - Universal Database 7.2 'db2licm' Local Overflow

/ Local Exploit for db2licm IBM db2 v 7.1 Linux/x86 vulnerability researched by Juan Manuel Pascual Escriba pask at uninet.edu / char sc= "\x31\xc0" / begin setuid 0 / "\x31\xdb" "\xb0\x17" "\xcd\x80" "\xeb\x1f" "\x5e" "\x89\x76\x08" "\x31\xc0" "\x88\x46\x07" "\x89\x46\x0c" "\xb0\x0b" "\x89\xf3"...

hztty 2.0 (RedHat 9.0) - Local Privilege Escalation

/ 0x333hztty = hztty 2.0 local root exploit more info : Debian Security Advisory DSA 385-1 note I adjusted some part of hztty's code since there were some errors. hope this will not influence exploitation : tested against Red Hat 9.0 : c0wboy@0x333 c0wboy$ gcc 0x333hztty.c -o k c0wboy@0x333 c0wbo...

BSD-Games 2.x - Monop Player Name Local Buffer Overrun (1)

// source: https://www.securityfocus.com/bid/8501/info Monop included in bsd-games is prone to a locally exploitable buffer overrun vulnerability. This is due to insufficient bounds checking of player names. Monop is typically installed setgid games, so it is possible to exploit this issue to...

BSD-Games 2.x - Monop Player Name Local Buffer Overrun (2)

// source: https://www.securityfocus.com/bid/8501/info Monop included in bsd-games is prone to a locally exploitable buffer overrun vulnerability. This is due to insufficient bounds checking of player names. Monop is typically installed setgid games, so it is possible to exploit this issue to...

CVE-2003-0645

CVE-2003-0645 affects man-db 2.3.12 and 2.3.18 up to 2.4.1, where user-controlled DEFINE directives in ~/.manpath are honored even when running setuid, allowing local escalation to the 'man' user. The vulnerability is described across multiple sources (Debian SUSE OSV/openvas/NVD) with local-priv...

[SECURITY] [DSA-366-1] New eroaster packages fix insecure temporary file creation

-------------------------------------------------------------------------- Debian Security Advisory DSA 366-1 [email protected] http://www.debian.org/security/ Matt Zimmerman August 5th, 2003 http://www.debian.org/security/faq -...

man-db 2.4.1 open_cat_stream() Local uid=man Exploit

Exploit for linux platform in category local exploits ==================================================== man-db 2.4.1 opencatstream Local uid=man Exploit ==================================================== !/bin/bash xmandb.sh: shell command file. man-dbv2.4.1-: local uid=man exploit. by:...

[sec-labs] Zone Alarm Device Driver vulnerability

sec-labs team proudly presents: Local ZoneAlarm Firewall probably all versions - tested on v3.1 Device Driver vulnerability. by Lord YuP 04/08/2003 I. BACKGROUND ZoneAlarm is a very powerful and very common nowadays firewall for Windows produced by Zone Labs. http://www.zonelabs.com II. DESCRIPTI...