Lucene search
K

137 matches found

The Hacker News
The Hacker News
added 2011/10/17 7:30 p.m.9 views

Jynx Kit (LD_PRELOAD) Userland Rootkit Released

Jynx Kit LDPRELOAD Userland Rootkit Released Jynx Kit is a LDPRELOAD userland rootkit. Fully undetectable from chkrootkit and rootkithunter. Includes magic packet SSL reverse back connect shell based on SEQ/ACK numbers in a single packet. Solid building block for further LDPRELOAD rootkits...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2011/10/17 7:30 p.m.2 views

Jynx Kit (LD_PRELOAD) Userland Rootkit Released

Jynx Kit LDPRELOAD Userland Rootkit Released Jynx Kit is a LDPRELOAD userland rootkit. Fully undetectable from chkrootkit and rootkithunter. Includes magic packet SSL reverse back connect shell based on SEQ/ACK numbers in a single packet. Solid building block for further LDPRELOAD rootkits...

7.3AI score
Exploits0
Prion
Prion
added 2011/04/08 3:17 p.m.30 views

Design/Logic Flaw

ld.so in the GNU C Library aka glibc or libc6 2.13 and earlier expands the $ORIGIN dynamic string token when RPATH is composed entirely of this token, which might allow local users to gain privileges by creating a hard link in an arbitrary directory to a 1 setuid or 2 setgid program with this RPA...

3.7CVSS6.8AI score0.08747EPSS
Exploits20References6Affected Software1
Cvelist
Cvelist
added 2011/04/08 3:0 p.m.34 views

CVE-2011-1658

ld.so in the GNU C Library aka glibc or libc6 2.13 and earlier expands the $ORIGIN dynamic string token when RPATH is composed entirely of this token, which might allow local users to gain privileges by creating a hard link in an arbitrary directory to a 1 setuid or 2 setgid program with this RPA...

8.1AI score0.00311EPSS
Exploits0References6
CVE
CVE
added 2011/04/08 3:0 p.m.91 views

CVE-2011-1658

CVE-2011-1658 affects the GNU C Library (glibc) ld.so: when RPATH consists entirely of the special token $ORIGIN, it can enable local privilege escalation by linking a crafted LD_PRELOAD with a setuid/setgid program. Affected are glibc versions 2.13 and earlier. The root cause is expansion of the...

3.7CVSS8AI score0.00311EPSS
Exploits0References6Affected Software1
securityvulns
securityvulns
added 2010/10/26 12:0 a.m.87 views

The GNU C library dynamic linker will dlopen arbitrary DSOs during setuid loads.

The GNU C library dynamic linker will dlopen arbitrary DSOs during setuid loads ------------------------------------------------------------------------------- Czesc, This advisory describes CVE-2010-3856, an addendum to CVE-2010-3847. Please see http://seclists.org/fulldisclosure/2010/Oct/257 fo...

7.2CVSS9AI score0.09454EPSS
Exploits35
securityvulns
securityvulns
added 2010/10/24 12:0 a.m.100 views

The GNU C library dynamic linker expands $ORIGIN in setuid library search path

The GNU C library dynamic linker expands $ORIGIN in setuid library search path ------------------------------------------------------------------------------ Gruezi, This is CVE-2010-3847. The dynamic linker or dynamic loader is responsible for the runtime linking of dynamically linked programs...

7.2CVSS10AI score0.08747EPSS
Exploits22
Exploit DB
Exploit DB
added 2010/10/22 12:0 a.m.86 views

GNU C Library 2.x (libc6) - Dynamic Linker LD_AUDIT Arbitrary DSO Load Privilege Escalation

Source: http://marc.info/?l=full-disclosure&m=128776663124692&w=2 The GNU C library dynamic linker will dlopen arbitrary DSOs during setuid loads ------------------------------------------------------------------------------- Cześć, This advisory describes CVE-2010-3856, an addendum to...

7.2CVSS8.2AI score0.09454EPSS
Exploits24
0day.today
0day.today
added 2010/10/19 12:0 a.m.65 views

GNU C library dynamic linker $ORIGIN expansion Vulnerability

Exploit for linux platform in category local exploits ============================================================ GNU C library dynamic linker $ORIGIN expansion Vulnerability ============================================================ The GNU C library dynamic linker expands $ORIGIN in setuid...

6.8AI score0.08747EPSS
Exploits22
Exploit DB
Exploit DB
added 2010/10/18 12:0 a.m.100 views

GNU C library dynamic linker - '$ORIGIN' Expansion

from: http://marc.info/?l=full-disclosure&m=128739684614072&w=2 The GNU C library dynamic linker expands $ORIGIN in setuid library search path ------------------------------------------------------------------------------ Gruezi, This is CVE-2010-3847. The dynamic linker or dynamic loader is...

6.9CVSS9.1AI score0.08747EPSS
Exploits20
Prion
Prion
added 2009/12/02 6:30 p.m.15 views

Design/Logic Flaw

The rtld function in the Run-Time Link-Editor rtld in libexec/rtld-elf/rtld.c in FreeBSD 7.1, 7.2, and 8.0 does not clear the LDPRELOAD environment variable, which allows local users to gain privileges by executing a setuid or setguid program with a modified LDPRELOAD variable containing an...

7.2CVSS6.6AI score0.03903EPSS
Exploits5References8Affected Software1
NVD
NVD
added 2009/12/02 6:30 p.m.18 views

CVE-2009-4146

The rtld function in the Run-Time Link-Editor rtld in libexec/rtld-elf/rtld.c in FreeBSD 7.1, 7.2, and 8.0 does not clear the LDPRELOAD environment variable, which allows local users to gain privileges by executing a setuid or setguid program with a modified LDPRELOAD variable containing an...

7.2CVSS6.3AI score0.03903EPSS
Exploits4References8
Cvelist
Cvelist
added 2009/12/02 6:0 p.m.22 views

CVE-2009-4146

The rtld function in the Run-Time Link-Editor rtld in libexec/rtld-elf/rtld.c in FreeBSD 7.1, 7.2, and 8.0 does not clear the LDPRELOAD environment variable, which allows local users to gain privileges by executing a setuid or setguid program with a modified LDPRELOAD variable containing an...

6.2AI score0.03903EPSS
Exploits4References8
CVE
CVE
added 2009/12/02 6:0 p.m.84 views

CVE-2009-4146

The CVE-2009-4146 entry concerns FreeBSD's run-time linker (rtld) in libexec/rtld-elf/rtld.c. The underlying issue is that rtld's unsetenv logic does not clear LD_PRELOAD when __findenv() fails, enabling a local user to influence library loading via a modified LD_PRELOAD path and gain privileges ...

7.2CVSS6.2AI score0.03903EPSS
Exploits4References8Affected Software1
seebug.org
seebug.org
added 2009/11/30 12:0 a.m.20 views

FreeBSD Run-Time Link-Editor Local r00t Zeroday

No description provided by source. Discovered & Exploited by Nikolaos Rangos also known as Kingcope. Nov 2009 "BiG TiME" "Go fetch your FreeBSD r00tkitz" // http://www.youtube.com/watch?v=dDnhthI27Fg There is an unbelievable simple local r00t bug in recent FreeBSD versions. I audited FreeBSD for...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2009/11/30 12:0 a.m.7 views

FreeBSD 8.0 Run-Time Link-Editor (RTLD) - Local Privilege Escalation

FreeBSD 8.0 Run-Time Link-Editor RTLD - Local Privilege Escalation Discovered & Exploited by Nikolaos Rangos also known as Kingcope. Nov 2009 "BiG TiME" "Go fetch your FreeBSD r00tkitz" // http://www.youtube.com/watch?v=dDnhthI27Fg There is an unbelievable simple local r00t bug in recent FreeBSD...

0.6AI score
Exploits0
0day.today
0day.today
added 2009/11/30 12:0 a.m.17 views

FreeBSD Run-Time Link-Editor Local r00t Zeroday

Exploit for unknown platform in category local exploits =============================================== FreeBSD Run-Time Link-Editor Local r00t Zeroday =============================================== Title: FreeBSD Run-Time Link-Editor Local r00t Zeroday CVE-ID: OSVDB-ID: Author: Kingcope...

6.8AI score
Exploits0
myhack58
myhack58
added 2009/08/09 12:0 a.m.17 views

Ordinary users by udev vulnerability to elevate to root permissions demo-vulnerability warning-the black bar safety net

Recently exposed by the udev permissions hint of vulnerability, as long as with normal user permissions, you can elevate to root privileges, the experiment a handful, really easy to upgrade. Put the following code saved as test. sh file !/ bin/sh Linux 2.6 bug found by Sebastian Krahmer lame splo...

0.2AI score
Exploits0
NVD
NVD
added 2009/02/20 6:47 a.m.22 views

CVE-2009-0641

systerm.c in telnetd in FreeBSD 7.0-RELEASE and other 7.x versions deletes dangerous environment variables with a method that was valid only in older FreeBSD distributions, which might allow remote attackers to execute arbitrary code by passing a crafted environment variable from a telnet client,...

9.3CVSS7.5AI score0.09355EPSS
Exploits1References5
Cvelist
Cvelist
added 2009/02/18 5:0 p.m.26 views

CVE-2009-0641

systerm.c in telnetd in FreeBSD 7.0-RELEASE and other 7.x versions deletes dangerous environment variables with a method that was valid only in older FreeBSD distributions, which might allow remote attackers to execute arbitrary code by passing a crafted environment variable from a telnet client,...

7.5AI score0.09355EPSS
Exploits1References5
Rows per page
Query Builder