[UNIX] Liblesstif Local Root (Exploit)

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...

Setuid() - nproc limit the type of vulnerability of in-depth analysis-vulnerability warning-the black bar safety net

Setuid - nproc limit the type of vulnerability of in-depth analysis PST --------- Subject : Setuid - nproc limit the type of vulnerability of in-depth analysis --------- Author : [email protected] --------- Copyright : www.ph4nt0m.org www.secwiki.com --------- Date : 07/20/2006 ---------...

Mac OS X <= 10.4.7 fetchmail Privilege Escalation Exploit (x86)

Exploit for macOS platform in category local exploits =============================================================== Mac OS X kevin-finisterres-mac-mini: kfinisterre$ /usr/bin/fetchmail -p pop3 --fastuidl 1 localhost -P 1234 Enter password for email protected: sh-2.05b$ id uid=501kfinisterre...

[slackware-security] x11

New x11 packages are available for Slackware 10.2 and -current to fix security issues. In addition, fontconfig and freetype have been split out from the x11 packages in -current, so if you run -current you'll also need to install those new packages. More details about the issues may be found here...

linux/x86 - setuid/portbind shellcode 96 bytes

linux/x86 setuid/portbind shellcode 96 bytes. Shellcode exploit for linx86 platform / $Id: portbind-linux.c,v 1.4 2004/06/02 12:22:30 raptor Exp $ portbind-linux.c - setuid/portbind shellcode for Linux/x86 Copyright c 2003 Marco Ivaldi Simple portbind shellcode that bind's a setuid0 shell on port...

linux/x86 setuid(0) and /bin/sh execve() shellcode 30 bytes

Exploit for linux/x86 platform in category shellcode =========================================================== linux/x86 setuid0 and /bin/sh execve shellcode 30 bytes =========================================================== / $Id: setuid-linux.c,v 1.4 2004/06/02 12:22:30 raptor Exp $...

linux/x86 setuid/portbind shellcode 96 bytes

Exploit for linux/x86 platform in category shellcode ============================================ linux/x86 setuid/portbind shellcode 96 bytes ============================================ / $Id: portbind-linux.c,v 1.4 2004/06/02 12:22:30 raptor Exp $ portbind-linux.c - setuid/portbind shellcode f...

bsd/x86 - setuid/portbind shellcode 94 bytes

bsd/x86 setuid/portbind shellcode 94 bytes. Shellcode exploit for bsdx86 platform / $Id: portbind-bsd.c,v 1.3 2004/06/02 12:22:30 raptor Exp $ portbind-bsd.c - setuid/portbind shellcode for BSD/x86 Copyright c 2003 Marco Ivaldi Simple portbind shellcode that bind's a setuid0 shell on port 31337/t...

bsd/x86 - setuid/execve shellcode 30 bytes

bsd/x86 setuid/execve shellcode 30 bytes. Shellcode exploit for bsdx86 platform / $Id: setuid-bsd.c,v 1.6 2004/06/02 12:22:30 raptor Exp $ setuid-bsd.c - setuid/execve shellcode for BSD/x86 Copyright c 2003 Marco Ivaldi Short setuid0 and /bin/sh execve shellcode based on esdee's code. Tested on...

Linux Kernel 2.6.13 2.6.17.4 - logrotate prctl() Local Privilege Escalation

Linux Kernel 2.6.13 2.6.17.4 - logrotate prctl Local Privilege Escalation / $Id: raptorprctl2.c,v 1.3 2006/07/18 13:16:45 raptor Exp $ raptorprctl2.c - Linux 2.6.x suiddumpable2 logrotate Copyright c 2006 Marco Ivaldi The suiddumpable support in Linux kernel 2.6.13 up to versions before 2.6.17.4,...

rocksmountdirty.txt

!/bin/sh rocksmountdirty.sh: Rocks release =4.1 local root exploit make sure 'mount-loop' is in your path for this to work. coded by: [email protected] http://xavsec.blogspot.com echo "Rocks Clusters =4.1 mount-loop local root exploit by [email protected] http://xavsec.blogspot.com" echo...

Linux Kernel 2.6.17.4 - &#039;proc&#039; Local Privilege Escalation

/ Author: h00lyshit Vulnerable: Linux 2.6 ALL Type of Vulnerability: Local Race Tested On : various distros Vendor Status: unknown Disclaimer: In no event shall the author be liable for any damages whatsoever arising out of or in connection with the use or spread of this information. Any use of...

Linux Kernel 2.6.13 &lt; 2.6.17.4 - &#039;sys_prctl()&#039; Local Privilege Escalation (3)

/ $Id: raptorprctl.c,v 1.1 2006/07/13 14:21:43 raptor Exp $ raptorprctl.c - Linux 2.6.x suiddumpable vulnerability Copyright c 2006 Marco Ivaldi The suiddumpable support in Linux kernel 2.6.13 up to versions before 2.6.17.4, and 2.6.16 before 2.6.16.24, allows a local user to cause a denial of...

Jobs start from root when pam_limits enabled

docommand.c in Vixie cron vixie-cron 4.1 does not check the return code of a setuid call, which might allow local users to gain root privileges if setuid fails in cases such as PAM failures or resource limits, as originally demonstrated by a program that exceeds the process limits as defined in...

Linux Kernel 2.6.17.4 sys_prctl() Local Root

/ Linux = 2.6.13 prctl kernel exploit C Julien TINNES If you read the Changelog from 2.6.13 you've probably seen: PATCH setuid core dump This patch mainly adds suidsafe to suiddumpable sysctl but also a new per process, user setable argument to PRSETDUMPABLE. This flaw allows us to create a root...

DSA-1106 ppp - programming error

Bulletin has no description...

CVE-2006-3378

passwd command in shadow in Ubuntu 5.04 through 6.06 LTS, when called with the -f, -g, or -s flag, does not check the return code of a setuid call, which might allow local users to gain root privileges if setuid fails in cases such as PAM failures or resource limits...

CVE-2006-3378

passwd command in shadow in Ubuntu 5.04 through 6.06 LTS, when called with the -f, -g, or -s flag, does not check the return code of a setuid call, which might allow local users to gain root privileges if setuid fails in cases such as PAM failures or resource limits...

CVE-2006-3378

passwd command in shadow in Ubuntu 5.04 through 6.06 LTS, when called with the -f, -g, or -s flag, does not check the return code of a setuid call, which might allow local users to gain root privileges if setuid fails in cases such as PAM failures or resource limits...

CVE-2006-3378

passwd command in shadow in Ubuntu 5.04 through 6.06 LTS, when called with the -f, -g, or -s flag, does not check the return code of a setuid call, which might allow local users to gain root privileges if setuid fails in cases such as PAM failures or resource limits...