OpenBSD/x86 - setuid(0) + Load Kernel Module (/tmp/o.o) Shellcode (74 bytes)

OpenBSD/x86 - setuid0 + Load Kernel Module /tmp/o.o Shellcode 74 bytes. Shellcode exploit for OpenBSDx86 platform / The modload shellcode setuid0 loads /tmp/o.o module very usefull if you have rootkit as kernel module in the /tmp dir Size 74 bytes OS OpenBSD /rootteam/dev0id rootteam.void.ru...

BSD/x86 - setuid(0) + Break chroot (../ 10x Loop) Shellcode (34 bytes)

BSD/x86 - setuid0 + Break chroot ../ 10x Loop Shellcode 34 bytes. Shellcode exploit for BSDx86 platform / The setuid0+chroot shellcode. It is the one of the smallest shellcodes in the !!world!! it will put '../' 10 times Size 34 bytes OS BSD /rootteam/dev0id rootteam.void.ru [email protected]...

Linux/x86 - setuid() + execve() + exit() Shellcode (44 bytes)

Linux/x86 - setuid + execve + exit Shellcode 44 bytes. Shellcode exploit for Linuxx86 platform / Linux x86 shellcode by bob / / setuid; execve; exit; / include char shellcode= "\x31\xc0\x31\xdb\x31\xc9\xb0\x17\xcd\x80" "\x31\xc0\x50\x68\x6e\x2f\x73\x68\x68\x2f"...

Linux/x86 - setuid(0) + chmod(/etc/shadow, 0666) Shellcode (37 bytes)

Linux/x86 - setuid0 + chmod/etc/shadow, 0666 Shellcode 37 bytes. Shellcode exploit for Linuxx86 platform / Title: linux/x86 setuid0 + chmod"/etc/shadow", 0666 Shellcode 37 Bytes Type: Shellcode Author: antrhacks Platform: Linux X86 / / ASSembly 31 db xor %ebx,%ebx b0 17 mov $0x17,%al cd 80 int...

Important: Red Hat Security Advisory: kernel security and bug fix update

Updated kernel packages that resolve several security issues and fix various bugs are now available for Red Hat Enterprise Linux 3. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any...

Debian: Security Advisory (DSA-1678-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DSA 1678-1] New perl packages fix privilege escalation

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1678-1 [email protected] http://www.debian.org/security/ Steffen Joeris December 03, 2008 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1678-1] New perl packages fix privilege escalation

------------------------------------------------------------------------ Debian Security Advisory DSA-1678-1 [email protected] http://www.debian.org/security/ Steffen Joeris December 03, 2008 http://www.debian.org/security/faq -...

SuSE 10 Security Update : Linux Kernel (x86) (ZYPP Patch Number 5734)

This patch updates the SUSE Linux Enterprise 10 SP1 kernel. It fixes various bugs and security issues. The following security issues are addressed : - fs/open.c in the Linux kernel before 2.6.22 does not properly strip setuid and setgid bits when there is a write to a file, which allows local use...

solaris/x86 setuid(0) execve(/bin/cat /etc/shadow) exit(0) 59 bytes

No description provided by source. / ; sm4x 2008 ; /bin/cat /etc/shadow ; 59 bytes ; SunOS sol01 5.11 snv86 i86pc i386 i86pc Solaris ; port to SunOS to pwn a b0x - thank god for that default unix CRYPTDEFAULT!!!! ; this is what happens when ur work takes away root pirv on a SunOS box :-/ global...

solaris/x86 setuid0, execve//bin/sh; exit0 NULL Free 39 bytes

solaris/x86 setuid0, execve//bin/sh; exit0 NULL Free 39 bytes. Shellcode exploit for solarisx86 platform / ; sm4x 2008 ; setuid0, execve'/bin/sh', '/bin/sh', 0, ; 39 bytes NizzULL free you know... ; SunOS sol01 5.11 snv86 i86pc i386 i86pc Solaris ; quick port to drop root sh - ; - SunOS is pwnij...

solaris/x86 setuid(0), execve(/bin/cat, /etc/shadow), exit(0) 59 bytes

Exploit for solaris/x86 platform in category shellcode ====================================================================== solaris/x86 setuid0, execve/bin/cat, /etc/shadow, exit0 59 bytes ====================================================================== / ; sm4x 2008 ; /bin/cat /etc/shado...

DEBIAN-CVE-2008-5302

Race condition in the rmtree function in File::Path 1.08 and 2.07 lib/File/Path.pm in Perl 5.8.8 and 5.10.0 allows local users to create arbitrary setuid binaries via a symlink attack, a different vulnerability than CVE-2005-0448, CVE-2004-0452, and CVE-2008-2827. NOTE: this is a regression error...

CVE-2008-5302

Race condition in the rmtree function in File::Path 1.08 and 2.07 lib/File/Path.pm in Perl 5.8.8 and 5.10.0 allows local users to create arbitrary setuid binaries via a symlink attack, a different vulnerability than CVE-2005-0448, CVE-2004-0452, and CVE-2008-2827. NOTE: this is a regression error...

Race condition

Race condition in the rmtree function in File::Path 1.08 and 2.07 lib/File/Path.pm in Perl 5.8.8 and 5.10.0 allows local users to create arbitrary setuid binaries via a symlink attack, a different vulnerability than CVE-2005-0448, CVE-2004-0452, and CVE-2008-2827. NOTE: this is a regression error...

CVE-2008-5302

Race condition in the rmtree function in File::Path 1.08 and 2.07 lib/File/Path.pm in Perl 5.8.8 and 5.10.0 allows local users to create arbitrary setuid binaries via a symlink attack, a different vulnerability than CVE-2005-0448, CVE-2004-0452, and CVE-2008-2827. NOTE: this is a regression error...

CVE-2008-5302

Race condition in the rmtree function in File::Path 1.08 and 2.07 lib/File/Path.pm in Perl 5.8.8 and 5.10.0 allows local users to create arbitrary setuid binaries via a symlink attack, a different vulnerability than CVE-2005-0448, CVE-2004-0452, and CVE-2008-2827. NOTE: this is a regression error...

p5-File-Path -- rmtree allows creation of setuid files

Jan Lieskovsky reports: perl-File-Path rmtree race condition CVE-2005-0448 was assigned to address this This vulnerability was fixed in 5.8.4-7 but re-introduced in 5.8.8-1. It's also present in File::Path 2.xx, up to and including 2.07 which has only a partial fix...

Important: Red Hat Security Advisory: kernel security and bug fix update

Updated kernel packages that resolve several security issues and fix various bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any...

kernel: open() call allows setgid bit when user is not in new file's group

fs/open.c in the Linux kernel before 2.6.22 does not properly strip setuid and setgid bits when there is a write to a file, which allows local users to gain the privileges of a different group, and obtain sensitive information or possibly have unspecified other impact, by creating an executable...