16 matches found
EUVD-2000-0150
Malware in sbrugna...
EUVD-2004-2304
Malware in sbrugna...
PSC - E2E Encryption For Multi-Hop Tty Sessions Or Portshells + TCP/UDP Port Forward
DNS lookup and SSH session forwarded across an UART connection to a Pi PSC allows to e2e encrypt shell sessions, single- or multip-hop, being agnostic of the underlying transport, as long as it is reliable and can send/receive Base64 encoded data without modding/filtering. Along with the e2e pty...
BST (Binary String Toolkit) - Quickly And Easily Convert Binary Strings For All Your Exploit Development Needs
The Binary String Toolkit or BST for short is a rather simple utility to convert binary strings to various formats suitable for later inclusions in source codes, such as those used to develop exploits in the security field. Features Dump files content to standard output in a binary string format...
Make 3.81 - Heap Overflow PoC
Exploit for linux platform in category dos / poc =for comment Exploit Title: MAKE Heap Overflow - Pointer dereferencing POC Calloc- X86 X64 Date: 14.07.14 Exploit Author: HyP Vendor Homepage: http://www.gnu.org/software/make/ Software Link: http://ftp.gnu.org/gnu/make/ Version: Make 3.81 Tested o...
GNU Make For IBM AIX 4.3.3 CC Path Local Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/9903/info GNU make for IBM AIX has been reported to be prone to a buffer overflow vulnerability, the issue is reported to exist due to a lack of sufficient boundary checks performed when reading the path to the CC compile...
[SSLsplit] Transparent and scalable SSL/TLS interception
SSLsplit is a tool for man-in-the-middle attacks against SSL/TLS encrypted network connections. Connections are transparently intercepted through a network address translation engine and redirected to SSLsplit. SSLsplit terminates SSL/TLS and initiates a new SSL/TLS connection to the original...
GNU make /tmp 漏洞
GNU make处理通过标准输入提供的makefile内容时存在一个漏洞。GNU make没有检查这些文件是否存在或是这些文件是否是符号连接,就在/tmp目录下创建文件,攻击者可以简单的创建一个指向系统其他文件的符号连接。攻击者可以以运行make用户的身份创建文件,如果这个用户是root,将会获得root权限。 GNU make 3.77-44 S.u.S.E. Linux 6.3 S.u.S.E. Linux 6.1 SuSE已经发布补丁程序: ftp://ftp.suse.com/pub/suse/i386/update for Intel processors...
CVE-2004-2312
CVE-2004-2312 concerns a buffer overflow in GNU make on IBM AIX 4.3.3 when installed setgid, allowing local users to gain privileges via a long CC argument. The vulnerability is specifically tied to GNU make on that AIX version and the overflow arises from the long CC parameter. Documented impact...
CVE-2004-2312
Buffer overflow in GNU make for IBM AIX 4.3.3, when installed setgid, allows local users to gain privileges via a long CC argument...
CVE-2004-2312
Buffer overflow in GNU make for IBM AIX 4.3.3, when installed setgid, allows local users to gain privileges via a long CC argument...
GNU Make For IBM AIX 4.3.3 - CC Path Local Buffer Overflow
source: https://www.securityfocus.com/bid/9903/info GNU make for IBM AIX has been reported to be prone to a buffer overflow vulnerability, the issue is reported to exist due to a lack of sufficient boundary checks performed when reading the path to the CC compiler. Because the GNU make utility is...
GNU Make For IBM AIX 4.3.3 - CC Path Local Buffer Overflow
GNU Make For IBM AIX 4.3.3 - CC Path Local Buffer Overflow source: https://www.securityfocus.com/bid/9903/info GNU make for IBM AIX has been reported to be prone to a buffer overflow vulnerability, the issue is reported to exist due to a lack of sufficient boundary checks performed when reading t...
CVE-2000-0151
CVE-2000-0151 : GNU make reads a Makefile from stdin and follows symlinks, enabling other local users to execute commands. This is a local impact issue with high complexity to exploit; CVSS data shows local access, complete confidentiality/integrity/availability impact. The provided documents do ...
CVE-2000-0151
GNU make follows symlinks when it reads a Makefile from stdin, which allows other local users to execute commands...
CVE-2000-0151
GNU make follows symlinks when it reads a Makefile from stdin, which allows other local users to execute commands...