Lucene search
K

297 matches found

Exploit DB
Exploit DB
added 2004/08/20 12:0 a.m.38 views

XV 3.x - '.BMP' Parsing Local Buffer Overflow

/ xv exploit for the bmp parsing buffer overflow infamous42md AT hotpop DOT com PEOPLE STOP EMAILING MY BUGTRAQ ADDRESS AND USE THIS ONE!! n00batlocalho.outernet gcc -Wall xvbmpslap.c n00batlocalho.outernet ./a.out Usage: ./a.out align n00batlocalho.outernet ./a.out 0xbffff388...

7AI score
Exploits0
exploitpack
exploitpack
added 2004/04/20 12:0 a.m.10 views

SquirrelMail - chpasswd Local Buffer Overflow

SquirrelMail - chpasswd Local Buffer Overflow / 0x3142-sq-chpasswd.c Squirremail chpasswd buffer overflow. Tested on SuSE 9. The bug was found by Matias Neiff Coded by x314 c 2004 Copyright by x314. All Rights Reserved. Greets: m0s krewz. / include char shellcode=...

0.7AI score
Exploits0
exploitpack
exploitpack
added 2004/01/06 12:0 a.m.10 views

Linux Kernel 2.4.232.6.0 - do_mremap() Bound Checking Validator (1)

Linux Kernel 2.4.232.6.0 - domremap Bound Checking Validator 1 / EDB Note: This will just "test" the vulnerability. EDB Note: An exploit version can be found here https://www.exploit-db.com/exploits/145/ / / Proof-of-concept exploit code for domremap Copyright C 2004 Christophe Devine and Julien...

Exploits0
seebug.org
seebug.org
added 2004/01/06 12:0 a.m.16 views

Linux Kernel ""do_mremap"" Local Proof of Concept

No description provided by source. / Proof-of-concept exploit code for domremap Copyright C 2004 Christophe Devine and Julien Tinnes This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2003/12/02 12:0 a.m.12 views

Linux Kernel 2.4.22 - do_brk() Local Privilege Escalation (1)

Linux Kernel 2.4.22 - dobrk Local Privilege Escalation 1 ; E-DB Note: Updated Exploit https://www.exploit-db.com/exploits/131/ ; ; Christophe Devine devine at cr0.net and Julien Tinnes julien at cr0.org ; ; This exploit uses sysbrk directly to expand his break and doesn't rely ; on the ELF loader...

0.8AI score
Exploits0
Exploit DB
Exploit DB
added 2003/12/02 12:0 a.m.72 views

Linux Kernel 2.4.22 - 'do_brk()' Local Privilege Escalation (1)

; E-DB Note: Updated Exploit https://www.exploit-db.com/exploits/131/ ; ; Christophe Devine devine at cr0.net and Julien Tinnes julien at cr0.org ; ; This exploit uses sysbrk directly to expand his break and doesn't rely ; on the ELF loader to do it. ; ; To bypass a check in sysbrk against...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2003/09/16 12:0 a.m.22 views

Pine <= 4.56 Remote Buffer Overflow Exploit

No description provided by source. / Mon Sep 15 09:35:01 CEST 2003 remote? Pine = 4.56 exploit by sorbo sorbox yahoo com darkirco Ok won't talk much about the bug since as usual idefense advisories are proper advisories and explain everything... exploiting the bug is trivial after reading the adv...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2003/09/16 12:0 a.m.46 views

Pine 4.56 - Remote Buffer Overflow

/ Mon Sep 15 09:35:01 CEST 2003 remote? Pine eip/ebp this can actually be "bruteforced" I didn't show this since this is a PoC and uses "exact offsets" All u do is supply multiple charsets and overwrite larger areas of memory This makes method 1 100% successfull or letys say 99.9% nice for remote...

7.4AI score
Exploits0
Cvelist
Cvelist
added 2002/10/05 4:0 a.m.25 views

CVE-2002-0839

The shared memory scoreboard in the HTTP daemon for Apache 1.3.x before 1.3.27 allows any user running as the Apache UID to send a SIGUSR1 signal to any process as root, resulting in a denial of service process kill or possibly other behaviors that would not normally be allowed, by modifying the...

6.5AI score0.00944EPSS
Exploits0References23
CERT
CERT
added 2002/07/11 12:0 a.m.38 views

Common Desktop Environment (CDE) ToolTalk RPC database server (rpc.ttdbserverd) does not adequately validate file descriptor arguement to _TT_ISCLOSE()

Overview The Common Desktop Environment CDE ToolTalk RPC database server does not adequately validate a client-supplied argument, allowing attackers to overwrite certain locations in memory with zeros. This vulnerability could be exploited in a number of ways, potentially allowing attackers to:...

7.5CVSS7.7AI score0.06574EPSS
Exploits0References2
Exploit DB
Exploit DB
added 2002/06/06 12:0 a.m.21 views

Ehud Gavron TrACESroute 6.1.1 - Terminator Function Format String

source: https://www.securityfocus.com/bid/4956/info A format string vulnerability exists in TrACESroute. The problem exists in the terminator -T function of the program. Due to improper use of the fprintf function, an attacker may be able to supply a malicious format string to the program that...

7AI score
Exploits0
securityvulns
securityvulns
added 2002/05/18 12:0 a.m.39 views

Grsecurity problem - modifying "read-only kernel"

Affected: Grsecurityand maybe other linux hardening patchs. Description: Grsecurity and maybe other linux hardening patchs integrates a variant of the patch published in phrack p58-0x07 article supposed to forbid writing to /dev/mem and /dev/kmem by disabling function dowritemem. This is done by...

7AI score
Exploits0
Cvelist
Cvelist
added 2002/04/05 5:0 a.m.29 views

CVE-2002-0164

Vulnerability in the MIT-SHM extension of the X server on Linux XFree86 4.2.1 and earlier allows local users to read and write arbitrary shared memory, possibly to cause a denial of service or gain privileges...

6.5AI score0.00427EPSS
Exploits0References11
Exploit DB
Exploit DB
added 2001/01/19 12:0 a.m.34 views

RedHat 6.1 - 'man' Local Overflow / Local Privilege Escalation

!/usr/bin/perl Redhat 6.1 man exploit - gives egid 15 Written just for fun - [email protected] $shellcode = "\xeb\x1f\x5f\x89\xfc\x66\xf7\xd4\x31\xc0\x8a\x07". "\x47\x57\xae\x75\xfd\x88\x67\xff\x48\x75\xf6\x5b". "\x53\x50\x5a\x89\xe1\xb0\x0b\xcd\x80\xe8\xdc\xff"...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 1999/09/28 12:0 a.m.30 views

SuSE_root_exploit.txt

nlservd/rnavc local root exploit for Linux x86 tested on SuSE 6.2 exploits Arkiea's Knox backup package. gcc -o knox knox.c ./knox NOTE: you MUST have void mainsetuidgeteuid; system"/bin/bash"; compiled in /tmp/ui for this to work. To exploit rnavc, simply change the execl call to...

0.2AI score
Exploits0
exploitpack
exploitpack
added 1999/08/09 12:0 a.m.27 views

NetBSD 1.4 OpenBSD 2.5 Solaris 7.0 - profil(2) Modify The Internal Data Space

NetBSD 1.4 OpenBSD 2.5 Solaris 7.0 - profil2 Modify The Internal Data Space / source: https://www.securityfocus.com/bid/570/info Some BSD's use a profil2 system call that dates back to "version 6" unix. This system call arranges for the kernel to sample the PC and increment an element of an array...

0.8AI score
Exploits0
Exploit DB
Exploit DB
added 1997/05/25 12:0 a.m.45 views

SGI IRIX - 'LsD' Multiple Local Buffer Overflows

/ copyright by / / Last Stage of Delirium, Dec 1996, Poland/ include include include define BUFSIZE 2068 define OFFS 800 define ADDRS 3 define ALIGN 0 define ALIGN2 4 char...

7.4AI score
Exploits0
Rows per page
Query Builder