70 matches found
locale_sol.txt
----/ Exploiting the Libc Locale Subsystem Format String Vulnerability on Solaris/SPARC ---/ 10/10/2000 -/ Solar Eclipse ---/ I. Introduction This paper describes in detail the exploitation of the libc locale format strin g vulnerability on Solaris/SPARC. The full source code for the exploit is...
Solaris/SPARC 2.7 / 7 locale Format String Exploit
Exploit for solaris platform in category local exploits ================================================== Solaris/SPARC 2.7 / 7 locale Format String Exploit ================================================== / Exploit for the locale format string vulnerability in Solaris/SPARC 2.7 / 7 Based on t...
SolarisSPARC 2.7 7 locale - Format String
SolarisSPARC 2.7 7 locale - Format String / Exploit for the locale format string vulnerability in Solaris/SPARC 2.7 / 7 Based on the exploit by Warning3 For additional information see http://www.phreedom.org/solar/localesol.txt By Solar Eclipse Assistant Editor, Phreedom Magazine...
Solaris/SPARC 2.7 / 7 locale - Format String
/ Exploit for the locale format string vulnerability in Solaris/SPARC 2.7 / 7 Based on the exploit by Warning3 For additional information see http://www.phreedom.org/solar/localesol.txt By Solar Eclipse Assistant Editor, Phreedom Magazine http://www.phreedom.org 10 Oct 2000 / include include defi...
solaris/SPARC portbinding shellcode
solaris/SPARC portbinding shellcode. Shellcode exploit for solarissparc platform / Solaris - Sparc - www.dopesquad.net / char shellcode = "\xa0\x23\xa0\x10" / sub %sp, 16, %l0 / "\xae\x23\x80\x10" / sub %sp, %l0, %l7 / "\xee\x23\xbf\xec" / st %l7, %sp - 20 / "\x82\x05\xe0\xd6" / add %l7, 214, %g1...
solaris/SPARC portbinding shellcode
Exploit for solaris/sparc platform in category shellcode =================================== solaris/SPARC portbinding shellcode =================================== / Solaris - Sparc - www.dopesquad.net / char shellcode = "\xa0\x23\xa0\x10" / sub %sp, 16, %l0 / "\xae\x23\x80\x10" / sub %sp, %l0,...
Solaris/SPARC 2.7 lpset exploit (well not likely !)
Hi, lpset seems to use strcat to pass the argument for -r flag /usr/lib/print/lib/../../../../tmp/foo and appends .so to the end. in this case /tmp/foo.so is going to be dlopen but there is a special case /usr/lib/print/lib directory has to exist. xploit shell script is attached. $ uname -a SunOS...
Solaris 2.52.67.08 - kcms_configure KCMS_PROFILES Buffer Overflow (2)
Solaris 2.52.67.08 - kcmsconfigure KCMSPROFILES Buffer Overflow 2 / source: https://www.securityfocus.com/bid/2605/info The Kodak Color Management System configuration tool 'kcmsconfigure' is vulnerable to a buffer overflow that could yield root privileges to an attacker. The bug exists in the...
Solaris 2.5/2.6/7.0/8 - kcms_configure KCMS_PROFILES Buffer Overflow (2)
/ source: https://www.securityfocus.com/bid/2605/info The Kodak Color Management System configuration tool 'kcmsconfigure' is vulnerable to a buffer overflow that could yield root privileges to an attacker. The bug exists in the KCMSPROFILES environment variable parser in a shared library...
Solaris 2.5/2.6/7.0/8 - kcms_configure KCMS_PROFILES Buffer Overflow (1)
/ source: https://www.securityfocus.com/bid/2605/info The Kodak Color Management System configuration tool 'kcmsconfigure' is vulnerable to a buffer overflow that could yield root privileges to an attacker. The bug exists in the KCMSPROFILES environment variable parser in a shared library...