CVE-2017-5940

Firejail before 0.9.44.6 and 0.9.38.x LTS before 0.9.38.10 LTS does not comprehensively address dotfile cases during its attempt to prevent accessing user files with an euid of zero, which allows local users to conduct sandbox-escape attacks via vectors involving a symlink and the --private optio...

UNIX 7th Edition binmkdir - Local Buffer Overflow

UNIX 7th Edition binmkdir - Local Buffer Overflow / Exploit for /bin/mkdir Unix V7 PDP-11. mkdir has a buffer overflow when checking if the directory in /arg/with/slashes/fname exists. This will run /bin/sh with euid 0, but not uid 0. Since the shell doesn't do anything special about this, we don...

Local Vulnerability in dbsnmp binary in Oracle 8.1.6 - 8.1.7 - 9i

WWW.PLAZASITE.COM Systems & Security Division Title: Local Vulnerability in dbsnmp binary Date: 13-07-2001 Platform: Only tested in Linux but can be exported to others. Impact: Users belonging to oracle group can obtain euid=0 Author: Juan Manuel Pascual Escriba [email protected] Status: Vendor...

BSDi SUIDPerl - Local Stack Buffer Overflow

BSDi SUIDPerl - Local Stack Buffer Overflow / BSDisuidperl buffer overflow, by [email protected]. this is that old buffer overflow in suidperl, but i never saw any version of it for BSDi. so, here it is. this gives euid=0. BSDi/3.0 / define PATH "/usr/bin/suidperl" / path to suidperl on BSDi/3.0....