3209 matches found
CVE-2005-3279
CVE-2005-3279 reports a stack-based buffer overflow in the vgasco_printf function of Jan Kybic BitMap Viewer (BMV) 1.2 when built with M_UNIX and run setuid. A long filename passed via the -b option can overflow the stack and allow local privilege escalation. Affected: BMV 1.2 (vgasco_printf). Ro...
[Full-disclosure] iDEFENSE Security Advisory 10.20.05: Symantec Norton AntiVirus DiskMountNotify Local Privilege Escalation
Symantec Norton AntiVirus DiskMountNotify Local Privilege Escalation iDEFENSE Security Advisory 10.20.05 www.idefense.com/application/poi/display?id=325&type=vulnerabilities October 20, 2005 I. BACKGROUND Symantec's Norton AntiVirus for Macintosh is an antivirus solution for the Mac OS X...
CVE-2005-2759
CVE-2005-2759 (LiveUpdate) and CVE-2005-3270 (DiskMountNotify) describe local privilege escalation in Symantec Norton AntiVirus for Macintosh 9.0.3. The illustrations show that the jlucaller binary (LiveUpdate) and DiskMountNotify are setuid root and rely on user-supplied input or PATH handling t...
security flaw
Race condition in the rmtree function in File::Path.pm in Perl before 5.8.4 allows local users to create arbitrary setuid binaries in the tree being deleted, a different vulnerability than CVE-2004-0452...
Low: Red Hat Security Advisory: perl security update
Updated Perl packages that fix security issues and contain several bug fixes are now available for Red Hat Enterprise Linux 4. This update has been rated as having low security impact by the Red Hat Security Response Team. Perl is a high-level programming language commonly used for system...
Uim: Privilege escalation vulnerability
Background Uim is a multilingual input method library which provides secure and useful input method for all languages. Description Masanari Yamamoto discovered that Uim uses environment variables incorrectly. This bug causes a privilege escalation if setuid/setgid applications are linked to libui...
uim -- privilege escalation vulnerability
The uim developers reports: Masanari Yamamoto discovered that incorrect use of environment variables in uim. This bug causes privilege escalation if setuid/setgid applications was linked to libuim. This bug appears in 'immodule for Qt' enabled Qt. Normal Qt is also safe. In some distribution,...
Wireless Tools 26 (iwconfig) Local Root Exploit (some setuid)
No description provided by source. // if the iwconfig executable is setuid /str0ke include stdio.h include string.h include unistd.h include stdlib.h / 45 Byte /bin/sh http://www.milw0rm.com/id.php?id=1169 / char shellcode= "\x31\xc0\x31\xdb\x50\x68\x2f\x2f" "\x73\x68\x68\x2f\x62\x69\x6e\x89"...
Wireless Tools 26 (iwconfig) Local Root Exploit (some setuid)
Exploit for linux platform in category local exploits ============================================================= Wireless Tools 26 iwconfig Local Root Exploit some setuid ============================================================= // if the iwconfig executable is setuid /str0ke include inclu...
VisualBoyAdvanced 1.7.x Local Shell Exploit (non suid) (updated)
Exploit for linux platform in category local exploits ================================================================ VisualBoyAdvanced 1.7.x Local Shell Exploit non suid updated ================================================================ / VisualBoyAdvanced 1.7.x BufferOver Flow exploit VB...
VisualBoyAdvanced 1.7.x - Non SUID Local Shell
VisualBoyAdvanced 1.7.x - Non SUID Local Shell / VisualBoyAdvanced 1.7.x BufferOver Flow exploit VBA - WEBSITE : vba.ngemu.com Found & coded by Qnix - Qnixatbsdmaildotorg / include char shellcode = "\x31\xc0\x31\xdb\xb0\x17\xcd\x80" / setuid /...
Frox 0.7.18 - Arbitrary Configuration File Access
Frox 0.7.18 - Arbitrary Configuration File Access source: https://www.securityfocus.com/bid/14711/info Frox is prone to a vulnerability that permits read access to arbitrary files. Successful exploitation of this vulnerability will grant the attacker read access to arbitrary files on the system i...
Frox 0.7.18 - Arbitrary Configuration File Access
source: https://www.securityfocus.com/bid/14711/info Frox is prone to a vulnerability that permits read access to arbitrary files. Successful exploitation of this vulnerability will grant the attacker read access to arbitrary files on the system in the security context of the Frox process...
iDEFENSE Security Advisory 08.29.05: Adobe Version Cue VCNative Arbitrary Library Loading Vulnerability
Adobe Version Cue VCNative Arbitrary Library Loading Vulnerability iDEFENSE Security Advisory 08.29.05 www.idefense.com/application/poi/display?id=296&type=vulnerabilities August 29, 2005 I. BACKGROUND Adobe Version Cue is a software version tracking system for Adobe products distributed with Ado...
Adobe Version Cue 1.0/1.0.1 (-lib) Local Root Exploit (OSX)
Exploit for macOS platform in category local exploits =========================================================== Adobe Version Cue 1.0/1.0.1 -lib Local Root Exploit OSX =========================================================== / Adobe Version Cue VCNativeOSX: local root exploit. dyld by:...
Adobe Version Cue 1.01.0.1 (OSX) - -lib Local Privilege Escalation
Adobe Version Cue 1.01.0.1 OSX - -lib Local Privilege Escalation / Adobe Version Cue VCNativeOSX: local root exploit. dyld by: vade79/v9 [email protected] fakehalo/realhalo Adobe Version Cue's VCNative program allows un-privileged local users to load arbitrary libraries"bundles" while running setuid...
Adobe Version Cue 1.0/1.0.1 (OSX) - '-lib' Local Privilege Escalation
/ Adobe Version Cue VCNativeOSX: local root exploit. dyld by: vade79/v9 [email protected] fakehalo/realhalo Adobe Version Cue's VCNative program allows un-privileged local users to load arbitrary libraries"bundles" while running setuid root. this is done via the "-lib" command-line option. note:...
[Full-disclosure] Operator Shell (osh) Stack-based Buffer Overflow
!/usr/bin/perl OSH 1.7 Exploit 2 Gonna bang away at this until it's removed ;- EDUCATIONAL purposes only.... :- by Charles Stevenson core [email protected] Description: The Operator Shell Osh is a setuid root, security enhanced, restricted shell. It allows the administrator to carefully limit the...
[EXPL] Iwconfig Buffer Overflow
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...
x_osh2.pl.txt
!/usr/bin/perl OSH 1.7 Exploit 2 Gonna bang away at this until it's removed ;- EDUCATIONAL purposes only.... :- by Charles Stevenson core Description: The Operator Shell Osh is a setuid root, security enhanced, restricted shell. It allows the administrator to carefully limit the access of special...