CVE-2008-5374

bash-doc 3.2 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/cb.? temporary file, related to the 1 aliasconv.sh, 2 aliasconv.bash, and 3 cshtobash scripts...

DEBIAN-CVE-2008-5374

bash-doc 3.2 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/cb.? temporary file, related to the 1 aliasconv.sh, 2 aliasconv.bash, and 3 cshtobash scripts...

CVE-2008-5374

bash-doc 3.2 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/cb.? temporary file, related to the 1 aliasconv.sh, 2 aliasconv.bash, and 3 cshtobash scripts...

CVE-2008-5374

bash-doc 3.2 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/cb.? temporary file, related to the 1 aliasconv.sh, 2 aliasconv.bash, and 3 cshtobash scripts...

CVE-2008-5374

CVE-2008-5374 affects Bash 3.2 where bash-doc allows local users to overwrite arbitrary files via a symlink attack on a /tmp/cb#####.? temporary file, related to aliasconv.sh, aliasconv.bash, and cshtobash. The vulnerability arises from insecure temporary file handling in the Bash documentation/s...

Linux each version of the local root password cracking method-vulnerability warning-the black bar safety net

This time the old met was asked and the various linux versions of the local root password cracking method, I here own and on the network to collect some information, we want to see this article and just used to give the art a little help: A RedHat/CentOS/Fedora system password cracking 1. In the...

wp-bruteforcer.txt

!/usr/bin/env bash wordpress BruteForce v1.0 coded By 0x90 2008 0x90atbsdmail.org I do not take any reponsibilty for what you do with this tool Hopefully it will make your life easier rather then making other peoples lives more difficult! echo ".::Wordpress BruteForce By 0x90::." echo "use a good...

Provide the right to use a skills-vulnerability warning-the black bar safety net

Author: xi4oyu A linux mention of the right to use the tips, release to full when looking for a job to save RP. OK, under normal circumstances, we in the implementation of the bash script, there is an implementation process in which there is a little more important:if BASHENV is set, it will...

FreeBSD Ports: sudo

The remote host is missing an update to the system as announced in the referenced advisory. VID 1b725079-9ef6-11da-b410-000e0c2e438a OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

bash bug fix update

2.05b-41.7.0.2 - Removed the dependency on libncurses.so...

dlink.txt

!/bin/bash Coded Bt Ph3mt Of K-Security Team This Code is private, pls do not redistribute Release Date 25/11/2007 Code function dow echo 'POST /cgi-bin/firmwarecfg HTTP/1.1' richiesta echo 'Host: $IP' richiesta echo 'User-Agent: veryprivateacsor' richiesta echo 'Accept:...

Send ICMP Nasty Garbage (sing) Append File Logrotate Exploit

No description provided by source. / sing file append exploit by bannedit 12/05/2007 The original reporter of this issue included an example session which added an account to the machine. The method for this exploit is slightly different and much more quiet. Although it relies upon logrotate for...

BlueCat Networks Adonis 5.0.2.8 - CLI Privilege Escalation

source: https://www.securityfocus.com/bid/25342/info BlueCat Networks Adonis devices are prone to a remote privilege-escalation vulnerability because the software fails to properly sanitize user-supplied input. An attacker with administrative privileges can exploit this issue to execute arbitrary...

AsteriDex 3.0 - callboth.php Remote Code Execution

AsteriDex 3.0 - callboth.php Remote Code Execution Begin exploit !/bin/bash echo Asteridex PoC Exploit callboth.php vulnerability echo By Carl Livitt / Hoku Security / June 2007 echo This has to be a a valid SIP address, and b must answer when dialled. The exploit will fail without these conditio...

openssh43p1DoS.txt

!/bin/bash OpenSSH CRC compensation attack detection DoS PoC. Tavis Ormandy Yes, I really did implement crc-32 in bash. usage: script victim hostname hostname=$1:-localhost port=$2:-22 where the fifo is created to communicate with netcat fifo=/tmp/nc.$$ make the fifos mkfifo $fifo.in mkfifo...

OpenSSH 4.3 p1 - Duplicated Block Remote Denial of Service

!/bin/bash OpenSSH CRC compensation attack detection DoS PoC. Tavis Ormandy Yes, I really did implement crc-32 in bash. usage: script victim hostname hostname=$1:-localhost port=$2:-22 where the fifo is created to communicate with netcat fifo=/tmp/nc.$$ make the fifos mkfifo $fifo.in mkfifo...

OpenSSH <= 4.3 p1 (Duplicated Block) Remote Denial of Service Exploit

No description provided by source. !/bin/bash OpenSSH CRC compensation attack detection DoS PoC. Tavis Ormandy [email protected] Yes, I really did implement crc-32 in bash. usage: script hostname victim hostname hostname=$1:-localhost port=$2:-22 where the fifo is created to communicate with netc...

Linux Kernel 2.6.13 2.6.17.4 - logrotate prctl() Local Privilege Escalation

Linux Kernel 2.6.13 2.6.17.4 - logrotate prctl Local Privilege Escalation / $Id: raptorprctl2.c,v 1.3 2006/07/18 13:16:45 raptor Exp $ raptorprctl2.c - Linux 2.6.x suiddumpable2 logrotate Copyright c 2006 Marco Ivaldi The suiddumpable support in Linux kernel 2.6.13 up to versions before 2.6.17.4,...

Open Exchange default account

mailadmin/secret LDAP account is created during installation with /bin/bash login shell...

Wavecon Advisory: Open-Xchange <= 0.8.2 defaultuser with /bin/bash and default password

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Advisory Name Open-Xchange defaultuser with /bin/bash Vendor Open-Xchange Inc. Product Open-Xchange Version 0.8.2 Author Cemil Degirmenci Risk high o Description: ======================= The OPEN-XCHANGE Collaboration and Integration Server Environmen...