FBZX 2.10 - Local Stack Buffer Overflow

Exploit Author: Juan Sacco - http://www.exploitpack.com Program: fbzx - ZX Spectrum Emulator for X Tested on: GNU/Linux - Kali Linux 2.0 x86 Description: FBZX v2.10 and prior is prone to a stack-based buffer overflow vulnerability because the application fails to perform adequate boundary-checks ...

CVE-2009-5082

The 1 configure and 2 config.guess scripts in GNU troff aka groff 1.20.1 on Openwall GNU//Linux aka Owl improperly create temporary files upon a failure of the mktemp function, which makes it easier for local users to overwrite arbitrary files via a symlink attack on a temporary file...

CVE-2006-7236

The default configuration of xterm on Debian GNU/Linux sid and possibly Ubuntu enables the allowWindowOps resource, which allows user-assisted attackers to execute arbitrary code or have unspecified other impact via escape sequences...

CVE-2008-3234

sshd in OpenSSH 4 on Debian GNU/Linux, and the 20070303 OpenSSH snapshot, allows remote authenticated users to obtain access to arbitrary SELinux roles by appending a :/ colon slash sequence, followed by the role name, to the username...

FENIX 0.92 Buffer Overflow

Exploit Author: Juan Sacco - http://www.exploitpack.com Program: fenix - development environment for making 2D games Tested on: GNU/Linux - Kali Linux 2.0 Description: FENIX v0.92 and prior is prone to a stack-based buffer overflow vulnerability because the application fails to perform adequate...

FENIX 0.92 - Local Buffer Overflow

Exploit Author: Juan Sacco - http://www.exploitpack.com Program: fenix - development environment for making 2D games Tested on: GNU/Linux - Kali Linux 2.0 Description: FENIX v0.92 and prior is prone to a stack-based buffer overflow vulnerability because the application fails to perform adequate...

ZSNES 1.51 - Local Buffer Overflow

ZSNES 1.51 - Local Buffer Overflow Exploit Author: Juan Sacco - http://www.exploitpack.comp Tested on: GNU/Linux - Kali Linux 2.0 Description: ZSNES v1.51 and prior is prone to a stack-based buffer overflow vulnerability because the application fails to perform adequate boundary-checks on...

ZSNES 1.51 Stack-Based Buffer Overflow

Exploit Author: Juan Sacco - http://www.exploitpack.comp Tested on: GNU/Linux - Kali Linux 2.0 Description: ZSNES v1.51 and prior is prone to a stack-based buffer overflow vulnerability because the application fails to perform adequate boundary-checks on user-supplied input. An attacker could...

ZSNES 1.51 - Local Buffer Overflow

Exploit Author: Juan Sacco - http://www.exploitpack.comp Tested on: GNU/Linux - Kali Linux 2.0 Description: ZSNES v1.51 and prior is prone to a stack-based buffer overflow vulnerability because the application fails to perform adequate boundary-checks on user-supplied input. An attacker could...

ZSNES 1.51 - Buffer Overflow Exploit

Exploit for linux platform in category local exploits Exploit Author: Juan Sacco - http://www.exploitpack.comp Tested on: GNU/Linux - Kali Linux 2.0 Description: ZSNES v1.51 and prior is prone to a stack-based buffer overflow vulnerability because the application fails to perform adequate...

Incident Response Malware Analysis: IRMA

Incident Response Malware Analysis: IRMA is an asynchronous and customizable analysis platform for suspicious files! IRMA intends to be an open-source platform designed to help identifying and analyzing malicious files. However, today’s defense is not only about learning about a file, but it is...

General Purpose Fuzzing: Honggfuzz

Honggfuzz is a general-purpose fuzzing tool. Given a starting corpus of test files, Hongfuzz supplies and modifies input to a test program and utilize the ptrace API / POSIX signal interface to detect and log crashes. Features Easy setup : No complicated configuration files or setup necessary —...

linux/x86 - /bin/nc -le /bin/sh -vp 17771 Shellcode - 58 Bytes

/ Linux x86 /bin/nc -le /bin/sh -vp 17771 shellcode This shellcode will listen on port 17771 and give you /bin/sh Shellcode Author: Oleg Boytsev Tested on: Debian GNU/Linux 7/i686 Shellcode Length: 58 Command: gcc -m32 -z execstack x86Linuxnetcatshellcode.c -o x86Linuxnetcatshellcode global start...

VFU 4.10-1.1 - Move Entry Buffer Overflow Exploit

Exploit for linux platform in category local exploits Exploit Title: VFU Move Entry Buffer Overflow Date: 2015-02-25 Exploit Author: Bas van den Berg -- @barrebas Vendor Homepage: http://cade.datamax.bg/ Software Link: http://cade.datamax.bg/vfu/download Version: 4.10-1.1 Tested on: GNU/Linux Kal...

VFU 4.10-1.1 - Move Entry Buffer Overflow

Exploit Title: VFU Move Entry Buffer Overflow Date: 2015-02-25 Exploit Author: Bas van den Berg -- @barrebas Vendor Homepage: http://cade.datamax.bg/ Software Link: http://cade.datamax.bg/vfu/download Version: 4.10-1.1 Tested on: GNU/Linux Kali 1.09 32-bit & Crunchbang 11 Waldorf based on Debian...

Henry Spencer regular expressions (regex) library contains a heap overflow vulnerability

Overview A regular expressions C library originally written by Henry Spencer is vulnerable to a heap overflow in some circumstances. Description CWE-122: Heap-based Buffer Overflow From the researcher, the variable len that holds the length of a regular expression string is "enlarged to such an...

GNU C Library (glibc) __nss_hostname_digits_dots() function vulnerable to buffer overflow

Overview The nsshostnamedigitsdots function of the GNU C Library glibc allows a buffer overflow condition in which arbitrary code may be executed. This vulnerability has been assigned CVE-2015-0235, and is referred to in the media by the name "GHOST". Description According to Qualys, the...

Oracle Solaris Third-Party Patch Update : lighttpd (cve_2014_2469_denial_of)

The remote Solaris system is missing necessary patches to address security updates : - lighttpd before 1.4.26, and 1.5.x, allocates a buffer for each read operation that occurs for a request, which allows remote attackers to cause a denial of service memory consumption by breaking a request into...

VFU-4.10-1.1---Buffer-Overflow

VFU v4.10-1.1 is prone to a stack-based buffer overflow vulnerability because the application fails to perform adequate boundary-checks on user-supplied input. An attacker can exploit this issue to execute arbitrary code in the context of the application. Failed exploit attempts will result in a...

x64 Linux reverse TCP connect 77 to 85 bytes, 90 to 98 with password

x64 Linux reverse TCP connect 77 to 85 bytes, 90 to 98 with password. Shellcode exploit for linx86-64 platform / Author: Sean Dillon Copyright: c 2014 CAaNES, LLC. http://caanes.com Release Date: December 19, 2014 Description: x64 Linux null-free reverse TCP shellcode, optional 4 byte password...