linux/x86 if(read(fd,buf,512)<=2) _exit(1) else buf(); 29 bytes

Exploit for linux/x86 platform in category shellcode =============================================================== linux/x86 ifreadfd,buf,512 I made this as a chunk you can paste in to make modular remote exploits. I use it as a first stage payload when I desire to follow up with a real large...

CVE-2002-1446

The error checking routine used for the CVerify call on a symmetric verification key in the nCipher PKCS11 library 1.2.0 and later returns the CKROK status even when it detects an invalid signature, which could allow remote attackers to modify or forge messages...

CVE-2004-0077

The domremap function for the mremap system call in Linux 2.2 to 2.2.25, 2.4 to 2.4.24, and 2.6 to 2.6.2, does not properly check the return value from the domunmap function when the maximum number of VMA descriptors is exceeded, which allows local users to gain root privileges, a different...

Mandrake Linux Security Advisory : sane (MDKSA-2003:099)

Several vulnerabilities were discovered in the saned daemon, a part of the sane package, which allows for a scanner to be used remotely. The IP address of the remote host is only checked after the first communication occurs, which causes the saned.conf restrictions to be ignored for the first...

RHEL 2.1 : sane-backends (RHSA-2003:285)

Updated SANE packages that resolve a number of vulnerabilities with the saned daemon are now available. SANE is a package for using document scanners. Sane includes a daemon program called saned that enables a single machine connected to a scanner to be used remotely. This program contains severa...

Moderate: Red Hat Security Advisory: sane-backends security update

Updated SANE packages that resolve a number of vulnerabilities with the saned daemon are now available. SANE is a package for using document scanners. Sane includes a daemon program called saned that enables a single machine connected to a scanner to be used remotely. This program contains severa...

CVE-1999-1434

Slackware Linux 3.2–3.5 is affected by CVE-1999-1434: the login process does not properly handle the error when /etc/group is missing, failing to drop privileges and potentially assigning root privileges to any local user who logs in. The connected documents confirm the affected OS versions and t...

win98explorer.txt

Date: Mon, 9 Feb 1998 17:49:45 -0800 From: Scott To: [email protected] Subject: Another Windows98 Bug... I'm not sure about the details of this problem, but when testing another buffer overflow, I created a long filename called "testfile.txt " note the chr160's at the end It is 235 characters ...