Mandriva Update for postfix MDKA-2007:079 (postfix)

Check for the Version of postfix OpenVAS Vulnerability Test Mandriva Update for postfix MDKA-2007:079 postfix Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...

Mandriva Update for rpm MDVA-2008:164 (rpm)

Check for the Version of rpm OpenVAS Vulnerability Test Mandriva Update for rpm MDVA-2008:164 rpm Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...

Linux/x86 - setuid / setgid / chroot break

No description provided by source. /----------------------------------------------------------------------/ / s390 shellcode 0x0a / 0x0 free / / setuid / setgid / chroot break / / code [email protected] / /----------------------------------------------------------------------/ char...

BSD/x86 - Break chroot (../ 10x Loop) Shellcode (40 bytes)

BSD/x86 - Break chroot ../ 10x Loop Shellcode 40 bytes. Shellcode exploit for BSDx86 platform / One of the smallest chroot shellcodes it will put '../' 10 times Size 40 bytes OS BSD /rootteam/dev0id rootteam.void.ru [email protected] BITS 32 jmp short callme main: pop esi mov edi,esi xor...

Linux/x86 - setuid(0) + Break chroot (../ 10x Loop) Shellcode (34 bytes)

Linux/x86 - setuid0 + Break chroot ../ 10x Loop Shellcode 34 bytes. Shellcode exploit for Linuxx86 platform / The setuid0+chroot shellcode. It is the one of the smallest shellcodes in the !!world!! it will put '../' 10 times Size 34 bytes OS Linux /rootteam/dev0id rootteam.void.ru...

BSD/x86 - setuid(0) + Break chroot (../ 10x Loop) + Bind TCP (2222/TCP) Shell Shellcode (133 bytes)

BSD/x86 - setuid0 + Break chroot ../ 10x Loop + Bind TCP 2222/TCP Shell Shellcode 133 bytes. Shellcode exploit for BSDx86 platform / The setuid0+chroot+bind shellcode it will: setuid0 put '../' 10 times in chroot open shell on 2222nd port Size 133 bytes OS BSD /rootteam/dev0id rootteam.void.ru...

BSD/x86 - setuid(0) + Break chroot (../ 10x Loop) + execute /bin/sh Shellcode (57 bytes)

BSD/x86 - setuid0 + Break chroot ../ 10x Loop + execute /bin/sh Shellcode 57 bytes. Shellcode exploit for BSDx86 platform / The setuid0+chroot+execve shellcode it will: setuid0 put '../' 10 times in chroot execute /bin/sh Size 57 bytes OS BSD /rootteam/dev0id rootteam.void.ru [email protected]...

BSD/x86 - setuid(0) + Break chroot (../ 10x Loop) Shellcode (34 bytes)

BSD/x86 - setuid0 + Break chroot ../ 10x Loop Shellcode 34 bytes. Shellcode exploit for BSDx86 platform / The setuid0+chroot shellcode. It is the one of the smallest shellcodes in the !!world!! it will put '../' 10 times Size 34 bytes OS BSD /rootteam/dev0id rootteam.void.ru [email protected]...

BSD/x86 - Break chroot (../ 10x Loop) Shellcode (28 bytes)

BSD/x86 - Break chroot ../ 10x Loop Shellcode 28 bytes. Shellcode exploit for BSDx86 platform / One of the smallest chroot shellcodes in the !!world!! it will put '../' 10 times Size 28 bytes OS BSD /rootteam/dev0id rootteam.void.ru [email protected] BITS 32 xor ecx,ecx xor eax,eax push ecx m...

Debian: Security Advisory (DSA-1674-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

FreeBSD : syslog-ng2 -- startup directory leakage in the chroot environment (75f2382e-b586-11dd-95f9-00e0815b8da8)

Florian Grandel reports : I have not had the time to analyze all of syslog-ng code. But by reading the code section near the chroot call and looking at strace results I believe that syslog-ng does not chdir to the chroot jail's location before chrooting into it. This opens up ways to work around...

DEBIAN-CVE-2008-5110

syslog-ng does not call chdir when it calls chroot, which might allow attackers to escape the intended jail. NOTE: this is only a vulnerability when a separate vulnerability is present. This flaw affects syslog-ng versions prior to and including 2.0.9...

CVE-2008-5110

syslog-ng does not call chdir when it calls chroot, which might allow attackers to escape the intended jail. NOTE: this is only a vulnerability when a separate vulnerability is present. This flaw affects syslog-ng versions prior to and including 2.0.9...

CVE-2008-5110

syslog-ng does not call chdir when it calls chroot, which might allow attackers to escape the intended jail. NOTE: this is only a vulnerability when a separate vulnerability is present. This flaw affects syslog-ng versions prior to and including 2.0.9...

Security feature bypass

syslog-ng does not call chdir when it calls chroot, which might allow attackers to escape the intended jail. NOTE: this is only a vulnerability when a separate vulnerability is present. This flaw affects syslog-ng versions prior to and including 2.0.9...

CVE-2008-5110

syslog-ng does not call chdir when it calls chroot, which might allow attackers to escape the intended jail. NOTE: this is only a vulnerability when a separate vulnerability is present. This flaw affects syslog-ng versions prior to and including 2.0.9...

CVE-2008-5110

CVE-2008-5110 affects syslog-ng up to version 2.0.x (=2.0.10 or >=2.1.3 (for the 2.0 and 2.1 lines, respectively). Additional references (GLSA 200907-10) describe the local access risk and remediation, and Fedora advisories similarly indicate updates addressing CVE-2008-5110. No explicit in-th...

CVE-2008-5110

syslog-ng does not call chdir when it calls chroot, which might allow attackers to escape the intended jail. NOTE: this is only a vulnerability when a separate vulnerability is present. This flaw affects syslog-ng versions prior to and including 2.0.9...

CVE-2008-4950

gccross in dpkg-cross 2.3.0 allows local users to overwrite arbitrary files via a symlink attack on the tmp/gccross2.log temporary file. NOTE: the vendor disputes this vulnerability, stating that "There is no sense in this bug - the script ... is called under specific cross-building environments...

Gentoo Security Advisory GLSA 200312-03 (rsync)

The remote host is missing updates announced in advisory GLSA 200312-03. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...