libvirt_proxy <= 0.5.1 Local Privilege Escalation Exploit

No description provided by source. / cve-2009-0036.c libvirtproxy = 0.5.1 Local Privilege Escalation Exploit Jon Oberheide [email protected] http://jon.oberheide.org Information: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0036 Buffer overflow in the proxyReadClientSocket function in...

FreeBSD 7.0-RELEASE - Telnet Daemon Privilege Escalation

FreeBSD 7.0-RELEASE - Telnet Daemon Privilege Escalation FreeBSD 7.0-RELEASE telnet daemon local privilege escalation - And possible remote root code excution. There is a rather big bug in the current FreeBSD telnetd daemon. The environment is not properly sanitized when execution /bin/login, wha...

FreeBSD telnetd Privilege Escalation

FreeBSD 7.0-RELEASE telnet daemon local privilege escalation - And possible remote root code excution. There is a rather big bug in the current FreeBSD telnetd daemon. The environment is not properly sanitized when execution /bin/login, what leads to a possible remote root hole. The telnet protoc...

solaris/x86 setuid(0), execve(//bin/sh); exit(0) NULL Free 39 bytes

Exploit for solaris/x86 platform in category shellcode =================================================================== solaris/x86 setuid0, execve//bin/sh; exit0 NULL Free 39 bytes =================================================================== / ; sm4x 2008 ; setuid0, execve'/bin/sh',...

apcupsd overflows

The remote apcupsd, according to its version number, is vulnerable to a buffer overflow which could allow an attacker to gain a root shell on this host. OpenVAS solely relied on the version number of the remote server, so this might be a false positive OpenVAS Vulnerability Test $Id:...

yppasswdd overflow

The remote RPC service 100009 yppasswdd is vulnerable to a buffer overflow which allows any user to obtain a root shell on this host. SPDX-FileCopyrightText: 2008 Renaud Deraison Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...

irix rpc.passwd overflow

The remote RPC service 100009 yppasswdd is vulnerable to a buffer overflow which allows any user to obtain a root shell on this host. OpenVAS Vulnerability Test $Id: sgirpcpasswd.nasl 8023 2017-12-07 08:36:26Z teissa $ Description: irix rpc.passwd overflow Authors: Renaud Deraison Copyright:...

yppasswdd overflow

The remote RPC service 100009 yppasswdd is vulnerable to a buffer overflow which allows any user to obtain a root shell on this host. OpenVAS Vulnerability Test $Id: yppasswdd.nasl 8023 2017-12-07 08:36:26Z teissa $ Description: yppasswdd overflow Authors: Renaud Deraison Copyright: Copyright C...

rpc.nisd overflow

The remote RPC service 100300 nisd is vulnerable to a buffer overflow which allows any user to obtain a root shell on this host. SPDX-FileCopyrightText: 2008 Renaud Deraison Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Oracle Database Local Untrusted Library Path Vulnerability

Oracle Database Local Untrusted Library Path Vulnerability ---------------------------------------------------------- The Oracle July 2008 Critical Patch Update fixes a vulnerability which allows a user in the OINSTALL/DBA group to scalate privileges to root. Scalating Privileges from "oracle" to...

trixbox-lfi.txt

I have discovered a file inclusion in Trixbox that may be exploited to run arbitrary code and eventually obtain a root shell. The vendor Fonality has been noticed about this issue. They have fixed it and shall release a patch this week. I have already posted an exploit giving a shell with...

xorg-race.txt

!/bin/sh Xorg-x11-xfs Race Condition Vuln local root exploit CVE-2007-3103 Another lame xploit by vl4dZ : works on redhat el5 and before $ id uid=1001kecos gid=1001user groups=1001user $ sh xfs-RaceCondition-root-exploit.sh Generate large data file in /tmp/.font-unix Wait for xfs service to be...

X.Org xorg-x11-xfs 1.0.2-3.1 - Local Race Condition

!/bin/sh Xorg-x11-xfs Race Condition Vuln local root exploit CVE-2007-3103 Another lame xploit by vl4dZ : works on redhat el5 and before $ id uid=1001kecos gid=1001user groups=1001user $ sh xfs-RaceCondition-root-exploit.sh Generate large data file in /tmp/.font-unix Wait for xfs service to be...

X.Org xorg-x11-xfs 1.0.2-3.1 - Local Race Condition

X.Org xorg-x11-xfs 1.0.2-3.1 - Local Race Condition !/bin/sh Xorg-x11-xfs Race Condition Vuln local root exploit CVE-2007-3103 Another lame xploit by vl4dZ : works on redhat el5 and before $ id uid=1001kecos gid=1001user groups=1001user $ sh xfs-RaceCondition-root-exploit.sh Generate large data...

Debian Security Advisory DSA 082-1 (xvt)

The remote host is missing an update to xvt announced via advisory DSA 082-1. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian Security Advisory DSA 918-1 (osh)

The remote host is missing an update to osh announced via advisory DSA 918-1. Several security related problems have been discovered in osh, the operator's shell for executing defined programs in a privileged environment. The Common Vulnerabilities and Exposures project identifies the following...

MOAB-15-01-2007.rb.txt

!/usr/bin/ruby Exploit for MOAB-15-01-2007 c 2006 LMH . Note: It's a generic exploit, you can use it over any binary writable which is set as root setuid by diskutil repair permissions. Simply change the path. Blame Apple for doing such a piece of and relying on flawed DAC. Line-noise: Jackass of...

Rumpus 5.1 - Local Privilege Escalation Remote FTP LIST

Rumpus 5.1 - Local Privilege Escalation Remote FTP LIST !/usr/bin/ruby Copyright c Lance M. Havok Kevin Finisterre Proof of concept for issues described in MOAB-18-01-2007. require 'net/ftp' require 'socket' bugselected = ARGV0 || 0.toi targethost = ARGV1 || "localhost" targetuser = ARGV2 ||...

ContentNow 1.30 (upload/xss) Multiple Remote Vulnerabilities

Exploit for unknown platform in category web applications ============================================================ ContentNow 1.30 upload/xss Multiple Remote Vulnerabilities ============================================================ ContentNow Directory Traversalupload.php...

ContentNow 1.30 - Arbitrary File Upload Cross-Site Scripting

ContentNow 1.30 - Arbitrary File Upload Cross-Site Scripting ContentNow Directory Traversalupload.php ------------------------------------------ -vulnerability By: Timq -http://securitydb.org -Team Root-Shell -Email:timqathushmail.com ------------------------------------------ It appears that it ...