Lucene search
K

38 matches found

Exploit DB
Exploit DB
added 2018/02/12 12:0 a.m.73 views

glibc - 'LD_AUDIT' Arbitrary DSO Load Privilege Escalation (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core/exploit/local/linux' require 'msf/core/exploit/exe' class MetasploitModule 'glibc LDAUDIT Arbitrary DSO Load Privilege Escalation', 'Description' = %q...

8.3AI score
Exploits0
Packet Storm
Packet Storm
added 2014/11/06 12:0 a.m.125 views

GNU libc 2.12.1 LD_AUDIT libpcprofile.so Local Root

!/bin/sh Exploit Title: GNU libc /tmp/libxpl.c /dev/null cat /tmp/libxpl.so /lib/libxpl.so rm -rf /tmp/libxpl.c /tmp/libxpl.so LDAUDIT="libxpl.so" ping...

7.2CVSS8.6AI score0.09454EPSS
Exploits24
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.63 views

glibc LD_AUDIT arbitrary DSO load Privilege Escalation

No description provided by source. !/bin/sh I Can't Read and I Won't Race You Either by zx2c4 This is an exploit for CVE-2010-3856. A while back, Tavis showed us three ways to exploit flaws in glibc's dynamic linker involving LDAUDIT. 1 2 The first way involved opening a file descriptor and using...

7.2CVSS0.1AI score0.09454EPSS
Exploits24
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.38 views

openSUSE Security Update : glibc (openSUSE-SU-2010:0912-1)

This update of glibc fixes two bugs and security issues : CVE-2010-3847: Decoding of the $ORIGIN special value in various LD environment variables allowed local attackers to execute code in context of e.g. setuid root programs, elevating privileges. This issue does not affect SUSE as an assertion...

7.2CVSS8.4AI score0.09454EPSS
Exploits35References5
Tenable Nessus
Tenable Nessus
added 2013/07/12 12:0 a.m.43 views

Oracle Linux 6 : glibc (ELSA-2010-0872)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2010-0872 advisory. - Require suid bit on audit objects in privileged programs 645679, CVE-2010-3856 Tenable has extracted the preceding description block directly from th...

7.2CVSS8.2AI score0.09454EPSS
Exploits35References3
Tenable Nessus
Tenable Nessus
added 2013/07/12 12:0 a.m.45 views

Oracle Linux 5 : glibc (ELSA-2010-0793)

The remote Oracle Linux 5 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2010-0793 advisory. 2.5-49.el55.7 - Require suid bit on audit objects in privileged programs 645677, CVE-2010-3856 Tenable has extracted the preceding description block directly fr...

7.2CVSS7.7AI score0.09454EPSS
Exploits24References2
0day.today
0day.today
added 2013/05/19 12:0 a.m.70 views

Glibc 2.11.3 / 2.12.x LD_AUDIT libmemusage.so Local Root Exploit

Local root exploit for Glibc versions 2.11.3 and 2.12.x utilizing LDAUDIT libmemusage.so. !/bin/sh + Glibc /tmp/payload.c /dev/null echo "+ Filling the lib file with lib contents." cat /tmp/exploit /lib/sploit.so rm /tmp/payload.c /tmp/exploit echo "+ Executing payload.." LDAUDIT="sploit.so" ping...

7.2CVSS0.3AI score0.09454EPSS
Exploits24
Packet Storm
Packet Storm
added 2013/05/17 12:0 a.m.112 views

Glibc 2.11.3 / 2.12.x LD_AUDIT libmemusage.so Local Root

!/bin/sh + Glibc /tmp/payload.c /dev/null echo "+ Filling the lib file with lib contents." cat /tmp/exploit /lib/sploit.so rm /tmp/payload.c /tmp/exploit echo "+ Executing payload.." LDAUDIT="sploit.so" ping...

7.2CVSS8.6AI score0.09454EPSS
Exploits24
Tenable Nessus
Tenable Nessus
added 2012/08/01 12:0 a.m.48 views

Scientific Linux Security Update : glibc on SL6.x i386/x86_64

It was discovered that the glibc dynamic linker/loader did not handle the $ORIGIN dynamic string token set in the LDAUDIT environment variable securely. A local attacker with write access to a file system containing setuid or setgid binaries could use this flaw to escalate their privileges...

7.2CVSS7.9AI score0.09454EPSS
Exploits35References5
exploitpack
exploitpack
added 2011/11/10 12:0 a.m.37 views

glibc - LD_AUDIT Arbitrary DSO Load Privilege Escalation

glibc - LDAUDIT Arbitrary DSO Load Privilege Escalation !/bin/sh I Can't Read and I Won't Race You Either by zx2c4 This is an exploit for CVE-2010-3856. A while back, Tavis showed us three ways to exploit flaws in glibc's dynamic linker involving LDAUDIT. 1 2 The first way involved opening a file...

7.2CVSS0.4AI score0.09454EPSS
Exploits24
Packet Storm
Packet Storm
added 2011/11/10 12:0 a.m.51 views

glibc LD_AUDIT Privilege Escalation

!/bin/sh I Can't Read and I Won't Race You Either by zx2c4 This is an exploit for CVE-2010-3856. A while back, Tavis showed us three ways to exploit flaws in glibc's dynamic linker involving LDAUDIT. 1 2 The first way involved opening a file descriptor and using fexecve to easily win a race with...

7.2CVSS0.8AI score0.09454EPSS
Exploits24
OpenVAS
OpenVAS
added 2011/08/09 12:0 a.m.32 views

CentOS Update for glibc CESA-2010:0793 centos5 i386

Check for the Version of glibc OpenVAS Vulnerability Test CentOS Update for glibc CESA-2010:0793 centos5 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...

7.2CVSS8.6AI score0.09454EPSS
Exploits24References2
OpenVAS
OpenVAS
added 2011/08/09 12:0 a.m.40 views

CentOS Update for glibc CESA-2010:0793 centos5 i386

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

7.2CVSS7.8AI score0.09454EPSS
Exploits24References2
OpenVAS
OpenVAS
added 2011/03/07 12:0 a.m.41 views

Debian Security Advisory DSA 2122-2 (glibc)

The remote host is missing an update to glibc announced via advisory DSA 2122-2. OpenVAS Vulnerability Test $Id: deb21222.nasl 6613 2017-07-07 12:08:40Z cfischer $ Description: Auto-generated from advisory DSA 2122-2 glibc Authors: Thomas Reinke Copyright: Copyright c 2011 E-Soft Inc...

7.2CVSS0.7AI score0.09454EPSS
Exploits35
Tenable Nessus
Tenable Nessus
added 2011/01/12 12:0 a.m.63 views

Ubuntu 8.04 LTS / 9.10 / 10.04 LTS / 10.10 : eglibc, glibc vulnerability (USN-1009-2)

USN-1009-1 fixed vulnerabilities in the GNU C library. Colin Watson discovered that the fixes were incomplete and introduced flaws with setuid programs loading libraries that used dynamic string tokens in their RPATH. If the 'man' program was installed setuid, a local attacker could exploit this ...

7.2CVSS6.1AI score0.09454EPSS
Exploits35References4
OSV
OSV
added 2011/01/07 7:0 p.m.15 views

CVE-2010-3856

ld.so in the GNU C Library aka glibc or libc6 before 2.11.3, and 2.12.x before 2.12.2, does not properly restrict use of the LDAUDIT environment variable to reference dynamic shared objects DSOs as audit objects, which allows local users to gain privileges by leveraging an unsafe DSO located in a...

7.8AI score
Exploits0References24
d2
d2
added 2011/01/07 7:0 p.m.65 views

DSquare Exploit Pack: D2SEC_CVE_2010_3856

Name| d2seccve20103856 ---|--- CVE| CVE-2010-3856 Exploit Pack| D2ExploitPack Description| D2SEC CVE20103856 Notes|...

7.2CVSS1.7AI score0.09454EPSS
Exploits24
canvas
canvas
added 2011/01/07 7:0 p.m.54 views

Immunity Canvas: CVE_2010_3856

Name| CVE20103856 ---|--- CVE| CVE-2010-3856 Exploit Pack| CANVAS Description| CVE20103856 Notes| CVE Name: CVE-2010-3856 VENDOR: Linux NOTES: See the FD post for a ton of details, try this exploit on RedHat derived distributions, this may also work against Ubuntu. If it fails but you think the...

7.2CVSS8.5AI score0.09454EPSS
Exploits24
CVE
CVE
added 2011/01/07 6:0 p.m.299 views

CVE-2010-3856

CVE-2010-3856 affects glibc's dynamic linker (ld.so). Local users can escalate privileges by abusing LD_AUDIT to load an unsafe DSO from a trusted library directory. Concrete details: affected components are ld.so in glibc before 2.11.3 and 2.12.x before 2.12.2; the underlying issue is improper L...

7.2CVSS7.4AI score0.09454EPSS
Exploits24References24Affected Software1
Tenable Nessus
Tenable Nessus
added 2011/01/06 12:0 a.m.46 views

VMSA-2011-0001 : VMware ESX third-party updates for Service Console packages glibc, sudo, and openldap

a. Service Console update for glibc The service console packages glibc, glibc-common, and nscd are each updated to version 2.5-34.4908.vmw. The Common Vulnerabilities and Exposures project cve.mitre.org has assigned the names CVE-2010-3847 and CVE-2010-3856 to the issues addressed in this update...

9.8CVSS6.3AI score0.29238EPSS
Exploits37References7
Rows per page
Query Builder