18 matches found
CVE-2019-1010218
Cherokee Webserver Latest Cherokee Web server Upto Version 1.2.103 Current stable is affected by: Buffer Overflow - CWE-120. The impact is: Crash. The component is: Main cherokee command. The attack vector is: Overwrite argv0 to an insane length with execl. The fixed version is: There's no fix ye...
CVE-2019-1010218
Cherokee Webserver Latest Cherokee Web server Upto Version 1.2.103 Current stable is affected by: Buffer Overflow - CWE-120. The impact is: Crash. The component is: Main cherokee command. The attack vector is: Overwrite argv0 to an insane length with execl. The fixed version is: There's no fix ye...
Buffer overflow
Cherokee Webserver Latest Cherokee Web server Upto Version 1.2.103 Current stable is affected by: Buffer Overflow - CWE-120. The impact is: Crash. The component is: Main cherokee command. The attack vector is: Overwrite argv0 to an insane length with execl. The fixed version is: There's no fix ye...
FreeBSD rtld execl elevation of privilege vulnerability
FreeBSD is a set of Unix-like operating systems from the FreeBSD Foundation. An elevation of privilege vulnerability exists in FreeBSD versions 7.1, 7.2, and 8.0. The vulnerability stems from a lack of effective permission and access control measures in a network system or product. An attacker ca...
IWConfig Local ARGV Command Line Buffer Overflow Vulnerability (2)
No description provided by source. source: http://www.securityfocus.com/bid/8901/info A problem has been identified in the iwconfig program when handling strings on the commandline. Because of this, a local attacker may be able to gain elevated privileges. / Name: iw-config.c Copyright: !sh2k+!tc...
XBlast 2.6.1 HOME Environment Variable Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8296/info XBlast is contains a locally exploitable buffer overflow vulnerability due to insufficient bounds checking of data supplied via the HOME environment variable. Successful exploitation would allow a local user to...
Mac OS X <= 10.2.4 DirectoryService (PATH) Local Root Exploit
No description provided by source. / OS X = 10.2.4 DirectoryService local root PATH exploit DirectoryService must be crashed prior to execution, per @stake advisory. If you discover how to crash DirectoryService e-mail me at [email protected] Neeko Oni -- Assuming DirectoryService has been...
Linux kernel 2.2/2.4 procfs Stream Redirection to Process Memory Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/2937/info The Linux /proc filesystem is a virtual filesystem provided by the Linux Kernel as an interface to some process and system information and parameters. Under certain circumstances, an access validation error may...
Linux Kernel 2.6 < 2.6.19 - (32bit) ip_append_data() ring0 Root Exploit
No description provided by source. / 0x82-CVE-2009-2698 Linux kernel 2.6 2.6.19 32bit ipappenddata local ring0 root exploit Tested White Box 42.6.9-5.ELsmp, CentOS 4.42.6.9-42.ELsmp, CentOS 4.52.6.9-55.ELsmp, Fedora Core 42.6.11-1.1369FC4smp, Fedora Core 52.6.15-1.2054FC5, Fedora Core...
OpenLDAP <= 2.4.3 (KBIND) Remote Buffer Overflow Exploit
No description provided by source. / openldap-kbind-p00f.c - OpenLDAP kbind remote exploit Only works on servers compiled with --enable-kbind enable LDAPv2+ Kerberos IV bind deprecated no by Solar Eclipse [email protected] Shoutouts to LSD for their l33t asm code and to all 0dd people...
Linux Kernel < 3.8.9 - x86_64 perf_swevent_init Local Root Exploit
No description provided by source. / CVE-2013-2094 exploit x8664 Linux 3.8.9 by sorbo [email protected] June 2013 Based on sd's exploit. Supports more targets. / define GNUSOURCE include string.h include stdio.h include unistd.h include stdlib.h include stdint.h include sys/syscall.h include...
BSD mailx 8.1.1 -10 Buffer Overflow Vulnerability (2)
No description provided by source. source: http://www.securityfocus.com/bid/1305/info Some Linux distributions ship with BSD mailx 8.1.1-10 On Slackware 7.x it can be found as /usr/bin/Mail. A vulnerability exists in the 'mail' program, part of the Berkeley mailx package. The 'mail' program...
FreeBSD <= 6.1 kqueue() NULL pointer dereference
FreeBSD = 6.1 suffers from classical check/use race condition on SMP systems in kevent syscall, leading to kernel mode NULL pointer dereference. It can be triggered by spawning two threads: 1st thread looping on open and close syscalls, and the 2nd thread looping on kevent, trying to add possibly...
OpenLDAP <= 2.4.3 (KBIND) Remote Buffer Overflow Exploit
No description provided by source. / openldap-kbind-p00f.c - OpenLDAP kbind remote exploit Only works on servers compiled with --enable-kbind enable LDAPv2+ Kerberos IV bind deprecated no by Solar Eclipse [email protected] Shoutouts to LSD for their l33t asm code and to all 0dd people...
OpenLDAP 2.4.3 - 'KBIND' Remote Buffer Overflow
/ openldap-kbind-p00f.c - OpenLDAP kbind remote exploit Only works on servers compiled with --enable-kbind enable LDAPv2+ Kerberos IV bind deprecated no by Solar Eclipse Shoutouts to LSD for their l33t asm code and to all 0dd people Private 0dd code. / include include include include include...
rocksmountdirty.txt
!/bin/sh rocksmountdirty.sh: Rocks release =4.1 local root exploit make sure 'mount-loop' is in your path for this to work. coded by: [email protected] http://xavsec.blogspot.com echo "Rocks Clusters =4.1 mount-loop local root exploit by [email protected] http://xavsec.blogspot.com" echo...
Xmame 0.102 (-lang) Local Buffer Overflow Exploit
No description provided by source. !/usr/bin/ruby One of the PoC code for xmame "-lang" options. Advisory is base on : http://kerneltrap.org/node/6055 by xwings at mysec dot org url : http://www.mysec.org , new website Tested on : Linux debian24 2.4.27-2-386 1 Mon May 16 16:47:51 JST 2005 i686...
VisualBoyAdvanced 1.7.x Local Shell Exploit (non suid) (updated)
Exploit for linux platform in category local exploits ================================================================ VisualBoyAdvanced 1.7.x Local Shell Exploit non suid updated ================================================================ / VisualBoyAdvanced 1.7.x BufferOver Flow exploit VB...