969 matches found
Slackware: Security Advisory (SSA:2003-259-02)
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mandrake Linux Security Advisory : kon2 (MDKSA-2000:028)
There is a vulnerable suid program called fld. This program accepts option input from a text file and it is possible to input arbitrary code into the stack, thus spawning a root shell. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...
Symantec Web Gateway 5.0.3.18 LFI Remote ROOT RCE Exploit
Exploit for linux platform in category remote exploits !/usr/bin/python ''' The original patch for the Symantec Web Gateway 5.0.2 LFI vulnerability removed the /tmp/networkScript file but left the entry in /etc/sudoers, allowing us to simply recreate the file and obtain a root shell using a...
HP SAN/iQ < 9.5 Root Shell Command Injection
The version of SAN/iQ running on the remote host has a command injection vulnerability. The hydra service, used for remote management and configuration, does not properly sanitize untrusted input. A remote attacker could exploit this to execute arbitrary commands as root. Authentication is...
Symantec Web Gateway < 5.0.3 Multiple Vulnerabilities (SYM12-006) (version check)
According to its self-reported version number, the remote web server is hosting Symantec Web Gateway before version 5.0.3, which has the following vulnerabilities : -There are multiple cross-site scripting vulnerabilities. CVE-2012-0296 - Multiple shell command injection and local file inclusion...
ZTE(ZTE)the phone there the back door, get a Root Shell-vulnerability warning-the black bar safety net
It's appearing that a root virus has appeared in ZTE phones, allowing full root to devices. It simply provides a root shell using a hard-coded password. This is serious news for any hackers, as this command can cause major damage to phones. Here is the information, should you wish to have a go: T...
HT Editor Spawning Root Shell
Exploit for linux platform in category remote exploits !/usr/bin/python Exploit Title: HT Editor Spawning Root Shell Date: 29-Mar-2012 Author: blusp10it Version: 2.0.18 Download: http://sourceforge.net/projects/hte/files/ht-source/ht-2.0.18.tar.gz Tested on: BackTrack 4 R2, Ubuntu 10.04 Run with:...
Acpid 1:2.0.10-1ubuntu2 Privilege Boundary Crossing Vulnerability
Exploit for linux platform in category local exploits Exploit Title: Acpid Privilege Boundary Crossing Vulnerability Google Dork: Date: 23-11-2011 Author: otr Software Link: https://launchpad.net/ubuntu/+source/acpid Version: 1:2.0.10-1ubuntu2 Tested on: Ubuntu 11.10, Ubuntu 11.04 CVE :...
bzexe (bzip2) - Race Condition
bzexe bzip2 - Race Condition / bzexecPoC.c -- bzip2 bzexe race condition PoC Author: vladz http://vladz.devzero.fr Tested on: Debian 6.0.3 up to date bzip2 version 1.0.5-6 This PoC exploits a race condition in the bzexe script. This tool is rarely used so I wasn't supposed to write an exploit. Bu...
MyAuth 3 Blind SQL Injection
Exploit Title: MyAuth3 Blind SQL Injection / Root Shell Access 0day exploit Google Dork: allinurl:1881/?console=panel Date: 09/06/2011 Author: Marcio Almeida marcioatalligatorteamdotorg | @marcioalm Version: 3.0 Tested on: Linux EDB-Note: apparently no true exploit is needed to dump system pwd...
MyAuth3 Blind SQL Injection
Exploit for php platform in category web applications Exploit Title: MyAuth3 Blind SQL Injection / Root Shell Access 0day exploit Google Dork: allinurl:1881/?console=panel Date: 09/06/2011 Author: Marcio Almeida marcioatalligatorteamdot org | @marcioalm Version: 3.0 Tested on: Linux EDB-Note:...
HP Data Protector (Linux) - Remote Command Execution
HP Data Protector Linux - Remote Command Execution !/bin/bash Exploit Title: HP Data Protector Remote Root Shell for Linux Date: 2011-08-10 Author: SZ Software Link:http://www8.hp.com/us/en/software/software- product.html?compURI=tcm:245-936920&pageTitle=data-protector Version: 0.9 Tested on:...
WD TV Live Hub Compromised - Multiple Vulnerabilities Found By Dr. Alberto Fontanella
WD TV Live Hub Compromised - Multiple Vulnerabilities Found By Dr. Alberto Fontanella Dr. Alberto Fontanella found on Western Digital WD TV Live Hub appliance with the last firmware installed 2.06.10 and 3 exploits to get admin password, deface appliance and get root shell: Author: Dr. Alberto...
OpenSSH 3.5p1 Remote Root Exploit for FreeBSD
No description provided by source. OpenSSH 3.5p1 Remote Root Exploit for FreeBSD Discovered and Exploited By Kingcope Year 2011 -- The last two days I have been investigating a vulnerability in OpenSSH affecting at least FreeBSD 4.9 and 4.11. These FreeBSD versions run OpenSSH 3.5p1 in the defaul...
OpenSSH 3.5p1 Remote Root Exploit for FreeBSD
OpenSSH 3.5p1 Remote Root Exploit for FreeBSD OpenSSH 3.5p1 Remote Root Exploit for FreeBSD has been shared by kcope on twitter. The Released note is as given below : OpenSSH 3.5p1 Remote Root Exploit for FreeBSD Discovered and Exploited By Kingcope Year 2011 -- The last two days I have been...
FreeBSD OpenSSH 3.5p1 - Remote Command Execution
OpenSSH 3.5p1 Remote Root Exploit for FreeBSD Discovered and Exploited By Kingcope Year 2011 -- The last two days I have been investigating a vulnerability in OpenSSH affecting at least FreeBSD 4.9 and 4.11. These FreeBSD versions run OpenSSH 3.5p1 in the default install. The sshd banner for...
Eircom Netopia Router Backdoor
++++++++++++++++++++ FULL DISCLOSURE OF EIRCOM NETOPIA ROUTER BACKDOOR VULNERABILITY! Yes, failcom suck, and they did it again. DERP! They gave us a nice TELNET shell into their routers, and now we can mess about 'cos it spawns a root shell by magic! and magic is the actual command! They also lef...
Sun Microsystems SunScreen Firewall - Privilege Escalation
/ Sun Microsystems SunScreen Firewall Root Exploit discovered & exploited by Kingcope January 2011 The SunScreen Firewall can be administrated remotely via a java protocol service which is running on port 3858 on a SunOS machine. This Java Service contains numerous buffer overruns 2 of which I am...
Sun Microsystems SunScreen Firewall Root Exploit
Exploit for multiple platform in category remote exploits / Sun Microsystems SunScreen Firewall Root Exploit discovered & exploited by Kingcope January 2011 The SunScreen Firewall can be administrated remotely via a java protocol service which is running on port 3858 on a SunOS machine. This Java...
IBM OmniFind - Buffer Overflow
IBM OmniFind - Buffer Overflow Remote buffer overflow CVE-2010-3894 The administration interface has a login form with an username- and a passwordfield. Entering a valid username default value is »esadmin« and a very long string into the password field a buffer overflow is triggered. The function...