ASLRay - Linux ELF x32 and x64 ASLR bypass exploit with stack-spraying

Linux ELF x32 and x64 ASLR bypass exploit with stack-spraying. Properties: ASLR bypass Cross-platform Minimalistic Simplicity Unpatchable Dependencies: Linux 2.6.12+ - will work on any x86-64 Debian-based OS BASH - the whole script Limitations: Stack needs to be executable -z execstack Binary has...

USN-3454-2: libffi vulnerability

USN-3454-1 fixed a vulnerability in libffi. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that libffi incorrectly enforced an executable stack. An attacker could possibly use this issue, in combination with another vulnerability, ...

Ubuntu 14.04 LTS : libffi vulnerability (USN-3454-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-3454-1 advisory. It was discovered that libffi incorrectly enforced an executable stack. An attacker could possibly use this issue, in combination with another vulnerability, to...

USN-3454-1: libffi vulnerability

It was discovered that libffi incorrectly enforced an executable stack. An attacker could possibly use this issue, in combination with another vulnerability, to facilitate executing arbitrary code...

USN-3454-1 libffi vulnerability

It was discovered that libffi incorrectly enforced an executable stack. An attacker could possibly use this issue, in combination with another vulnerability, to facilitate executing arbitrary code...

MGASA-2017-0201 Updated libffi packages fix security vulnerability

libffi, a library used to call code written in one language from code written in a different language, was enforcing an executable stack on the i386 architecture. While this might not be considered a vulnerability by itself, this could be leveraged when exploiting other vulnerabilities, such as t...

[SECURITY] [DLA 997-1] libffi security update

Package : libffi Version : 3.0.10-3+deb7u1 CVE ID : CVE-2017-1000376 libffi requests an executable stack allowing attackers to more easily trigger arbitrary code execution by overwriting the stack. Please note that libffi is used by a number of other libraries. For Debian 7 "Wheezy", these proble...

DEBIAN-CVE-2017-1000376

libffi requests an executable stack allowing attackers to more easily trigger arbitrary code execution by overwriting the stack. Please note that libffi is used by a number of other libraries. It was previously stated that this affects libffi version 3.2.1 but this appears to be incorrect. libffi...

CVE-2017-1000376

libffi requests an executable stack allowing attackers to more easily trigger arbitrary code execution by overwriting the stack. Please note that libffi is used by a number of other libraries. It was previously stated that this affects libffi version 3.2.1 but this appears to be incorrect. libffi...

PT-2017-3250 · Gnu +1 · Libffi +1

Name of the Vulnerable Software and Affected Versions: libffi versions prior to 3.1 Description: The issue is caused by libffi requesting an executable stack, allowing attackers to more easily trigger arbitrary code execution by overwriting the stack. This is due to a buffer overflow operation in...

UBUNTU-CVE-2017-1000376

libffi requests an executable stack allowing attackers to more easily trigger arbitrary code execution by overwriting the stack. Please note that libffi is used by a number of other libraries. It was previously stated that this affects libffi version 3.2.1 but this appears to be incorrect. libffi...

Debian: Security Advisory (DSA-3889-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Solaris 8/9 passwd(1) - circ() Stack-Based Buffer Overflow Privilege Escalation Exploit

Exploit for linux platform in category local exploits / $Id: raptorpasswd.c,v 1.1 2004/12/04 14:44:38 raptor Exp $ raptorpasswd.c - passwd circ local, Solaris/SPARC 8/9 Copyright c 2004 Marco Ivaldi Unknown vulnerability in passwd1 in Solaris 8.0 and 9.0 allows local users to gain privileges via...

CVE-2010-1451

The TSB I-TLB load implementation in arch/sparc/kernel/tsb.S in the Linux kernel before 2.6.33 on the SPARC platform does not properly obtain the value of a certain PAGEEXEC4U bit and consequently does not properly implement a non-executable stack, which makes it easier for context-dependent...

Return-into-libc attack and Defense-bug warning-the black bar safety net

This article first analyzes the return-into-libc attack principle, were introduced in different platforms for the traditional return-into-libc attack of the experimental process and results. Then, this paper further introduces and explains the return-oriented programming attacks, this attack can...

linux/x86 Typewriter Shellcode Generator

!/usr/bin/env python Typewriter Shellcode Generator Paw Petersen, SLAE-656 https://www.pawpetersen.dk/typewriter-shellcode-generator-linux-x86/ import sys,struct string = sys.argv1 length = struct.pack"= lenstring: if lenchunk 4: asmstringchunk =...

Mac OS X <= 10.4.6 (launchd) Local Format String Exploit (x86)

No description provided by source. !/usr/bin/perl http://www.digitalmunition.com/FailureToLaunch.pl Code by Kevin Finisterre kflistsatdigitalmunitiondotcom This is a practical application of Non Executable Stack Lovin - http://www.digitalmunition.com/NonExecutableLovin.txt This code currently jum...

Solaris 2.5.1/2.6/7/8 rlogin /bin/login - Buffer Overflow Exploit (SPARC)

No description provided by source. / $Id: raptorrlogin.c,v 1.1 2004/12/04 14:44:38 raptor Exp $ raptorrlogin.c - rlogin, Solaris/SPARC 2.5.1/2.6/7/8 Copyright c 2004 Marco Ivaldi [email protected] Buffer overflow in login in various System V based operating systems allows remote attackers to...

IBM Notes and Domino on x86 Linux specify an executable stack

Overview IBM Notes and Domino on x86 Linux are incorrectly built requesting an executable stack. This can make it easier for attackers to exploit vulnerabilities in Notes, Domino, and any of the child processes that they may spawn. Description The build environment for the x86 Linux versions of I...

Ubuntu 8.04 LTS / 8.10 / 9.04 : nss regression (USN-810-3)

USN-810-1 fixed vulnerabilities in NSS. Jozsef Kadlecsik noticed that the new libraries on amd64 did not correctly set stack memory flags, and caused applications using NSS e.g. Firefox to have an executable stack. This reduced the effectiveness of some defensive security protections. This update...