22 matches found
Linux Kernel <= 2.2.25, <= 2.4.24, <= 2.6.2 - "mremap()" Missing "do_munmap" Exploit
No description provided by source. / mremap missing domunmap return check kernel exploit gcc -O3 -static -fomit-frame-pointer mremappte.c -o mremappte ./mremappte suid shell Vulnerable kernel versions are all = 2.2.25, = 2.4.24 and = 2.6.2 Copyright c 2004 iSEC Security Research. All Rights...
Internet Explorer 'winhlp32.exe' 'MsgBox()' Remote Code Execution Vulnerability
No description provided by source. Microsoft Internet Explorer is prone to a remote code execution vulnerability. Source iSEC Security Research: http://isec.pl/vulnerabilities10.html Attackers can exploit this issue to execute arbitrary code in the context of the user running the application...
Linux Kernel <= 2.4.28 and <= 2.6.9 scm_send local DoS Exploit
No description provided by source. / Linux kernel 2.4 & 2.6 scmsend DoS Warning! this code will hang your machine gcc -O2 scmbang.c -o scmbang Copyright c 2004 iSEC Security Research. All Rights Reserved. THIS PROGRAM IS FOR EDUCATIONAL PURPOSES ONLY IT IS PROVIDED AS IS AND WITHOUT ANY WARRANTY...
Linux Kernel (<= 2.4.27 , 2.6.8) binfmt_elf Executable File Read Exploit
No description provided by source. / binfmtelf executable file read vulnerability gcc -O3 -fomit-frame-pointer elfdump.c -o elfdump Copyright c 2004 iSEC Security Research. All Rights Reserved. THIS PROGRAM IS FOR EDUCATIONAL PURPOSES ONLY IT IS PROVIDED AS IS AND WITHOUT ANY WARRANTY. COPYING,...
Linux Kernel 2.2.x<= 25 – 2.4.x<21 ptrace/kmod Local Root Exploit
No description provided by source. / Linux kernel ptrace/kmod local root exploit This code exploits a race condition in kernel/kmod.c, which creates kernel thread in insecure manner. This bug allows to ptrace cloned process, allowing to take control over privileged modprobe binary. Should work...
Microsoft Internet Explorer 6/7/8 - 'winhlp32.exe MsgBox()' Remote Code Execution
Microsoft Internet Explorer is prone to a remote code execution vulnerability. Source iSEC Security Research: http://isec.pl/vulnerabilities10.html Attackers can exploit this issue to execute arbitrary code in the context of the user running the application. Successful exploits will compromise th...
Microsoft Internet Explorer 678 - winhlp32.exe MsgBox() Remote Code Execution
Microsoft Internet Explorer 678 - winhlp32.exe MsgBox Remote Code Execution Microsoft Internet Explorer is prone to a remote code execution vulnerability. Source iSEC Security Research: http://isec.pl/vulnerabilities10.html Attackers can exploit this issue to execute arbitrary code in the context...
Linux Kernel 2.x mremap missing do_munmap Exploit
No description provided by source. / mremap missing domunmap return check kernel exploit gcc -O3 -static -fomit-frame-pointer mremappte.c -o mremappte ./mremappte suid shell Vulnerable kernel versions are all = 2.2.25, = 2.4.24 and = 2.6.2 Copyright c 2004 iSEC Security Research. All Rights...
Linux Kernel 2.2.x - 2.4.x ptrace/kmod Local Root Exploit
No description provided by source. / Linux kernel ptrace/kmod local root exploit This code exploits a race condition in kernel/kmod.c, which creates kernel thread in insecure manner. This bug allows to ptrace cloned process, allowing to take control over privileged modprobe binary. Should work...
Linux Kernel 2.4.x mremap() bound checking Root Exploit
No description provided by source. / Linux kernel mremap bound checking bug exploit. Bug found by Paul Starzetz paul isec pl Copyright c 2004 iSEC Security Research. All Rights Reserved. THIS PROGRAM IS FOR EDUCATIONAL PURPOSES ONLY IT IS PROVIDED "AS IS" AND WITHOUT ANY WARRANTY. COPYING,...
isec-0023-coredump.txt
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, since it became clear from the discussion in January about the uselib vulnerability, that the Linux community prefers full, non-embargoed disclosure of kernel bugs, I release full details right now. However to follows at least some of the...
Heap overrun handling malicious news: URL — Mozilla
Maurycy Prodeus of iSEC Security Research reports a heap overrun in processing certain news: URLs. Thunderbird and the Mozilla Suite are affected; Firefox does not support the news: scheme...
Linux Kernel (<= 2.6.9 2.4.22-28) (igmp.c) Local Denial of Service Exploit
No description provided by source. / Linux igmp.c local DoS Warning: this code will crash your machine! gcc -O2 mreqfck.c -o mreqfck Copyright c 2004 iSEC Security Research. All Rights Reserved. THIS PROGRAM IS FOR EDUCATIONAL PURPOSES ONLY IT IS PROVIDED "AS IS" AND WITHOUT ANY WARRANTY. COPYING...
Linux Kernel 2.4.27/2.6.8 - 'binfmt_elf' Executable File Read
/ binfmtelf executable file read vulnerability gcc -O3 -fomit-frame-pointer elfdump.c -o elfdump Copyright c 2004 iSEC Security Research. All Rights Reserved. THIS PROGRAM IS FOR EDUCATIONAL PURPOSES ONLY IT IS PROVIDED "AS IS" AND WITHOUT ANY WARRANTY. COPYING, PRINTING, DISTRIBUTION, MODIFICATI...
Linux Kernel (<= 2.4.27 2.6.8) binfmt_elf Executable File Read Exploit
No description provided by source. / binfmtelf executable file read vulnerability gcc -O3 -fomit-frame-pointer elfdump.c -o elfdump Copyright c 2004 iSEC Security Research. All Rights Reserved. THIS PROGRAM IS FOR EDUCATIONAL PURPOSES ONLY IT IS PROVIDED "AS IS" AND WITHOUT ANY WARRANTY. COPYING,...
Linux Kernel 2.4.272.6.8 - binfmt_elf Executable File Read
Linux Kernel 2.4.272.6.8 - binfmtelf Executable File Read / binfmtelf executable file read vulnerability gcc -O3 -fomit-frame-pointer elfdump.c -o elfdump Copyright c 2004 iSEC Security Research. All Rights Reserved. THIS PROGRAM IS FOR EDUCATIONAL PURPOSES ONLY IT IS PROVIDED "AS IS" AND WITHOUT...
Linux Kernel 2.4.26 - File Offset Pointer Handling Memory Disclosure
/ CAN-2004-0415 / gcc -O3 prockmemdump.c -o prockmemdump Copyright c 2004 iSEC Security Research. All Rights Reserved. THIS PROGRAM IS FOR EDUCATIONAL PURPOSES ONLY IT IS PROVIDED "AS IS" AND WITHOUT ANY WARRANTY. COPYING, PRINTING, DISTRIBUTION, MODIFICATION WITHOUT PERMISSION OF THE AUTHOR IS...
Linux Kernel File Offset Pointer Handling Memory Disclosure Exploit
Exploit for linux platform in category local exploits =================================================================== Linux Kernel File Offset Pointer Handling Memory Disclosure Exploit =================================================================== / CAN-2004-0415 / gcc -O3 prockmemdump....
SUSE-SA:2003:032: wuftpd
The remote host is missing the patch for the advisory SUSE-SA:2003:032 wuftpd. Janusz Niewiadomski and Wojciech Purczynski of iSEC Security Research have found a single byte buffer overflow in the Washington University ftp daemon wuftpd, a widely used ftp server for Linux-like systems. It is yet...
RHEL 3 : kernel (RHSA-2004:183)
Updated kernel packages that fix two privilege escalation vulnerabilities are now available. The Linux kernel handles the basic functions of the operating system. iSEC Security Research discovered a flaw in the ipsetsockopt function code of the Linux kernel versions 2.4.22 to 2.4.25 inclusive. Th...