EUVD-2007-4122

Malware in sbrugna...

EUVD-2024-43211

Malicious code in bioql PyPI...

CVE-2024-48651

In ProFTPD through 1.3.8b before cec01cc, supplemental group inheritance grants unintended access to GID 0 because of the lack of supplemental groups from modsql...

CVE-2024-48651

In ProFTPD through 1.3.8b before cec01cc, supplemental group inheritance grants unintended access to GID 0 because of the lack of supplemental groups from modsql...

CVE-2024-48651

CVE-2024-48651 affects ProFTPD up to 1.3.8b prior to the commit cec01cc, where supplemental group inheritance can grant unintended access to GID 0 due to the absence of supplemental groups from mod_sql. Nessus advisories and public references describe the issue in ProFTPD across multiple vendor a...

CVE-2024-48651

In ProFTPD through 1.3.8b before cec01cc, supplemental group inheritance grants unintended access to GID 0 because of the lack of supplemental groups from modsql...

Exploit for Out-of-bounds Write in Polkit_Project Polkit

ez-pwnkit A pure-Go implementation of the CVE-2021-4034 Pwn...

BSD/x86 - Write to /etc/passwd with uid(0) + gid(0) Shellcode (74 bytes)

/ writes the line for user in /etc/passwd with uid&gid == 0 OS: BSD length: 74 written by dev0id email protected rootteam.void.ru rus-sec /Efnet.org greetz: mig nerf BITS 32 main: xor eax,eax push eax push byte 0x64 push word 0x7773 push long 0x7361702f push long 0x6374652f mov ebx,esp mov al,0x0...

Linux/x86 - Write to /etc/passwd with uid(0) + gid(0) Shellcode (74 bytes)

/ This shellcode writes to /etc/passwd the string for the user with uid&gid == 0; written by dev0id email protected rootteam.void.ru rus-sec /Efnet.org greetz: nerf w00w00 BITS 32 jmp short path main: pop esi xor eax,eax push eax mov byte esi+11,al mov al,0x0a push eax push esi mov al,5 push eax...

FreePBX 13/14 - Remote Command Execution / Privilege Escalation

!/usr/bin/env python -- coding, latin-1 -- DESCRIPTION FreePBX 13 remote root 0day - Found and exploited by pgt @ nullsecurity.net AUTHOR pgt - nullsecurity.net DATE 8-12-2016 VERSION freepbx0day.py 0.1 AFFECTED VERSIONS FreePBX 13 & 14 System Recordings Module versions: 13.0.1beta1 - 13.0.26 STA...

Linux Kernel 2.6 < 2.6.19 - (32bit) ip_append_data() ring0 Root Exploit

No description provided by source. / 0x82-CVE-2009-2698 Linux kernel 2.6 2.6.19 32bit ipappenddata local ring0 root exploit Tested White Box 42.6.9-5.ELsmp, CentOS 4.42.6.9-42.ELsmp, CentOS 4.52.6.9-55.ELsmp, Fedora Core 42.6.11-1.1369FC4smp, Fedora Core 52.6.15-1.2054FC5, Fedora Core...

AIX 6.1 TL 1 : swcons (IZ28943)

A file permission/ownership vulnerability exists in the 'bos.rte.console' fileset command listed below whereby a local attacker may create arbitrary contents within a file owned by root using the 'swcons' command. The local attacker must be a member of the 'system' group gid=0 to execute this...

Linux/x86 - Write to /etc/passwd with uid(0) + gid(0) Shellcode (74 bytes)

Linux/x86 - Write to /etc/passwd with uid0 + gid0 Shellcode 74 bytes. Shellcode exploit for Linuxx86 platform / This shellcode writes to /etc/passwd the string for the user with uid&gid == 0; written by dev0id [email protected] rootteam.void.ru rus-sec /Efnet.org greetz: nerf w00w00 BITS 32 jmp shor...

Linux Kernel < 2.6.11.5 BLUETOOTH Stack Local Root Exploit

No description provided by source. / LINUX KERNEL Not tainted VLI EFLAGS: 00010286 2.6.9 EIP is at btsockcreate+0x3d/0x13...

Design/Logic Flaw

zabbixagentd 1.1.4 in ZABBIX before 1.4.3 runs "UserParameter" scripts with gid 0, which might allow local users to gain privileges...

CVE-2007-6210

zabbixagentd 1.1.4 in ZABBIX before 1.4.3 runs "UserParameter" scripts with gid 0, which might allow local users to gain privileges...

CVE-2007-4138

The Winbind nssinfo extension nsswitch/idmapad.c in idmapad.so in Samba 3.0.25 through 3.0.25c, when the "winbind nss info" option is set to rfc2307 or sfu, grants all local users the privileges of gid 0 when the 1 RFC2307 or 2 Services for UNIX SFU primary group attribute is not defined...

CVE-2007-4138

The Winbind nssinfo extension nsswitch/idmapad.c in idmapad.so in Samba 3.0.25 through 3.0.25c, when the "winbind nss info" option is set to rfc2307 or sfu, grants all local users the privileges of gid 0 when the 1 RFC2307 or 2 Services for UNIX SFU primary group attribute is not defined...

Samba nss_info extension privilege escalation

Gid 0 is assigned to user, if "winbind nss info" configuration parameter has value "sfu" or "rfc2307"...

CVE-2006-7094

ftpd, as used by Gentoo and Debian Linux, sets the gid to the effective uid instead of the effective group id before executing /bin/ls, which allows remote authenticated users to list arbitrary directories with the privileges of gid 0 and possibly enable additional attack vectors...