64 matches found
glibc 2.38 Buffer Overflow
This is a local privilege escalation exploit for CVE-2023-4911, also known as "Looney Tunables", caused by a buffer overflow in the glibc dynamic loader's environment variable parsing logic. The vulnerability is triggered by crafting a maliciously long GLIBCTUNABLES string which corrupts internal...
glibc 2.38 - Buffer Overflow
Exploit Title: glibc 2.38 - Buffer Overflow Google Dork: N/A Date: 2025-10-08 Exploit Author: Beatriz Fresno Naumova Vendor Homepage: https://www.gnu.org/software/libc/ Software Link: https://ftp.gnu.org/gnu/libc/glibc-2.35.tar.gz Version: glibc 2.35 specifically 2.35-0ubuntu3.3 on Ubuntu 22.04.3...
MiracleLinux 9 : glibc-2.34-60.el9.7 (AXSA:2023-6486:05)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6486:05 advisory. glibc: buffer overflow in ld.so leading to privilege escalation CVE-2023-4911 glibc: Stack read overflow in getaddrinfo in no-aaaa mode CVE-2023-452...
Oracle Linux 8 : glibc (ELSA-2025-20375)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-20375 advisory. - CVE-2025-4802: static setuid dlopen may search LDLIBRARYPATH RHEL-92685 - CVE-2025-0395: Fix a buffer overflow in assert RHEL-83306 - CVE-2024-33599: nscd:...
TencentOS Server 3: glibc (TSSA-2023:0245)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2023:0245 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
TencentOS Server 4: glibc (TSSA-2024:0038)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0038 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
Security Bulletin: Execution Engine for Apache Hadoop is vulnerable to denial of service, buffer overflow and allow a local authenticated attacker to gain elevated privileges
Summary glibc, gnutls, gnupg are used by Execution Engine for Apache Hadoop in all the components. CVE-2023-0687, CVE-2023-4911, CVE-2021-3998, CVE-2023-5156, CVE-2023-4527, CVE-2023-4813, CVE-2022-3515, CVE-2024-28835, CVE-2024-28834 Vulnerability Details CVEID:CVE-2023-0687 DESCRIPTION: GNU C...
Exploit for Heap-based Buffer Overflow in Gnu Glibc
CVE-2023-4911 This is a PoC Proof Of Concept for the Looney...
Western Digital My Cloud Multiple Products 5.x < 5.30.103 Multiple Vulnerabilities (WDC-25001)
Multiple Western Digital My Cloud products are prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Azure Linux 3.0 Security Update: glibc (CVE-2023-4911)
The version of glibc installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-4911 advisory. - A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBCTUNABLE...
Security Bulletin: IBM Storage Ceph is vulnerable to a Heap-based Buffer Overflow in the RHEL UBI (CVE-2023-4911)
Summary RHEL UBI is used by IBM Storage Ceph as the base operating system. This bulletin identifies the steps to take to address the vulnerability in the RHEL UBI. CVE-2023-4911 Vulnerability Details CVEID:CVE-2023-4911 DESCRIPTION: glibc could allow a local authenticated attacker to gain elevate...
CVE-2023-4911 affecting package glibc for versions less than 2.38-6
CVE-2023-4911 affecting package glibc for versions less than 2.38-6. A patched version of the package is available...
EulerOS Virtualization 2.11.0 : glibc (EulerOS-SA-2024-1426)
According to the versions of the glibc packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulti...
CentOS 9 : glibc-2.34-83.el9.7
The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the glibc-2.34-83.el9.7 build changelog. - potential use-after-free in getaddrinfo RHEL-2426 CVE-2023-4806 - buffer overflow in ld.so leading to privilege escalation RHEL-3000...
EulerOS 2.0 SP11 : glibc (EulerOS-SA-2023-3269)
According to the versions of the glibc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulting in an...
Exploit for Heap-based Buffer Overflow in Gnu Glibc
CVE-2023-4911 - Looney Tunables This is a atm very rough pr...
Metasploit Weekly Wrap-Up
Getting Looney with Privilege Escalation As if Metasploit couldn’t get any loonier, this release adds a brand new exploit module for Glibc Tunables Privilege Escalation aka Looney Tunables. Now, using linux/local/glibctunablesprivesc, you can check your target’s glibc version to see if it’s...
Glibc Tunables Privilege Escalation
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 561, '3602eac894717d56555552c84fc6b0e4d6a4af72' = 561, 'a99db3715218b641780b04323e4ae5953d68a927' = 561, 'a8daca28288575ffc8c7641d40901b0148958fb1...
Glibc Tunables Privilege Escalation Exploit
A buffer overflow exists in the GNU C Library's dynamic loader ld.so while processing the GLIBCTUNABLES environment variable. It has been dubbed Looney Tunables. This issue allows an local attacker to use maliciously crafted GLIBCTUNABLES when launching binaries with SUID permission to execute co...
Glibc Tunables Privilege Escalation CVE-2023-4911 (aka Looney Tunables)
A buffer overflow exists in the GNU C Library's dynamic loader ld.so while processing the GLIBCTUNABLES environment variable. This issue allows an local attacker to use maliciously crafted GLIBCTUNABLES when launching binaries with SUID permission to execute code in the context of the root user...