ALCASAR-Remote

By sending a specially crafted value in the "host" HTTP header, it is possible to inject the exec function in order to execute commands as Apache user. !/usr/bin/env python -- coding: utf-8 -- ALCASAR = 2.8 Remote Root Code Execution Vulnerability Author: eF Date : 2014-02-10 db 88 ,ad8888ba, db...

F5 rsync daemon ConfigSync interface cmi module vulnerability

Added: 09/02/2014 CVE: CVE-2014-2927 BID: 69461 OSVDB: 110595 Background F5 BIG-IP is a suite of security, availability and acceleration products. Problem When configured to support failover, multiple BIG-IP products are vulnerable to an unauthenticated rsync access vulnerability that can be...

McAfee LinuxShield <= 1.5.1 - Local/Remote Root Code Execution

No description provided by source. !/usr/bin/perl Title: McAfee LinuxShield = 1.5.1 Local/Remote Root Exploit Name: nailsRoot.pl Author: Nikolas Sotiriu lofi lofiatsotiriu.de WARNING: This Exploit deletes the default Update Server Use it only for education or ethical pentesting! The author accept...

CFME: SSH Utility insecure tmp file creation leading to code execution as root

The 1 shellexec function in lib/util/MiqSshUtilV1.rb and 2 tempcmdfile function in lib/util/MiqSshUtilV2.rb in Red Hat CloudForms 3.0 Management Engine CFME before 5.2.4.2 allow local users to execute arbitrary commands via a symlink attack on a temporary file with a predictable name...

bcfg2 shell chatacters vulnerability

It's possible to execute code as a root...

FreeBSD 7.0-RELEASE Telnet Daemon Local Privilege Escalation Exploit

Exploit for freebsd platform in category local exploits ==================================================================== FreeBSD 7.0-RELEASE Telnet Daemon Local Privilege Escalation Exploit ==================================================================== FreeBSD 7.0-RELEASE telnet daemon...

KDE start_kdeinit privilege escalation

It's possible to execute code with root privileges or send signals to privileged processes...

FreeBSD : NVIDIA UNIX driver -- arbitrary root code execution vulnerability (a6d9da4a-5d5e-11db-8faf-000c6ec775d9)

Rapid7 reports : The NVIDIA Binary Graphics Driver for Linux is vulnerable to a buffer overflow that allows an attacker to run arbitrary code as root. This bug can be exploited both locally or remotely via a remote X client or an X client which visits a malicious web page. A working...

DEBIAN-CVE-2004-0579

Format string vulnerability in super before 3.23 allows local users to execute arbitrary code as root...

Real Server/Helix Universal Server array overflow

Pointers array overflow leads to remote root code execution...

LPRng (RedHat 7.0) lpd Remote Root Format String Exploit

Exploit for linux platform in category remote exploits ======================================================== LPRng RedHat 7.0 lpd Remote Root Format String Exploit ======================================================== / Copyright c 2000 - Security.is The following material may be freely...

clientagent662.txt

Client Agent 6.62 for Unix Vulnerability Tested on a Debian 2.2.14 Introduction -------------- Client Agent has a hole allowing to execute an arbitrary code by root without its knowing. In the meantime, some conditions are necessary to exploit this vulnerability. Description ------------ Client...

Stelian Pop dump 0.4 - restore Buffer Overflow

Stelian Pop dump 0.4 - restore Buffer Overflow // source: https://www.securityfocus.com/bid/1330/info A buffer overflow exists in the 'restore' program, part of the dump 0.4b15-1 package, distributed with RedHat Linux 6.2. By supplying a long string containing machine executable code at the promp...

Solaris 2.6/7.0 - lp -d Option Buffer Overflow

// source: https://www.securityfocus.com/bid/1143/info A buffer overrun has been discovered in the lp program, as included with Sun's Solaris 7 operating system. By passing well crafted, machine executable code of sufficient length to the -d option of lp, it becomes possible to execute arbitrary...

Sun Solaris 7.0 - usrdtbindtprintinfo Local Buffer Overflow

Sun Solaris 7.0 - usrdtbindtprintinfo Local Buffer Overflow / source: https://www.securityfocus.com/bid/249/info The dtprintinfo is a setuid commands open the CDE Print Manager window. A stack based buffer overflow in the handling of the "-p" option allow the execution of arbitrary code as root...