KOL WaveIOX 1.04 (.wav) Local Buffer Overflow PoC

No description provided by source. !/usr/bin/perl Usage--file created--load file--b00m.wav BOOM print \n; print ! KOL WaveIOX 1.04 .wav Local Buffer Overflow PoC\n; print \n; print ! Author: cr4wl3r\n; print ! Mail: cr4wl3r!linuxmail.org\n; print \n; my $boom = http://.\x41 x 1337; my $filename =...

BSD-Games 2.x Mille Local Save Game File Name Buffer Overrun Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10165/info bsd-games mille is prone to a locally exploitable buffer overrun vulnerability. This issue is due to insufficient bounds checking when the user inputs a file name when saving a game. This game is typically...

Mac OS X <= 10.4.7 - Mach Exception Handling Local Exploit (10.3.x 0day)

No description provided by source. / excploit.c - 28 Nov 2005 - [email protected] Exploitable Mach Exception Handling Affected: Mac OS X 10.4.6 darwin 8.6.0 and older When a process executes a setuid executable, all existing rights to the task port are invalidated, to make sure unauthorize...

BSD-Games 2.x Monop Player Name Local Buffer Overrun Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/8501/info Monop included in bsd-games is prone to a locally exploitable buffer overrun vulnerability. This is due to insufficient bounds checking of player names. Monop is typically installed setgid games, so it is possib...

Sun Solaris Netscape Portable Runtime API 4.6.1 - Local Privilege Escalation Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/20471/info The Netscape Portable Runtime API running on Sun Solaris 10 operating system is prone to a local privilege-escalation vulnerability. A successful exploit of this issue allows an attacker to gain superuser...

MagicISO <= 5.4 (build239) - .cue File Heap Overflow PoC

No description provided by source. !/usr/bin/env ruby Credits to n00b for finding this bug. Magic iso has a stacked based buffer over-flow when We pass an overly-long file name inside the .cue file We are able to control alot of the registers so Command execution is possible,But im still learning...

UltraISO <= 8.6.2.2011 (Cue/Bin Files) Local Buffer Overflow PoC

No description provided by source. !/usr/bin/perl Credit:To n00b for finding this bug and writing poc. Ultra ISO stack over flow poc code. Ultra iso is exploitable via opening a specially crafted Cue file..There is A limitation that the user must have the bin file in the same dir as the cue file...

Info2www 1.0/1.1 CGI Input Handling Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1995/info The info2www script allows HTTP access to information stored in GNU EMACS Info Nodes. This script fails to properly parse input and can be used to execute commands on the server with permissions of the web serve...

TIBCO Rendezvous <= 7.4.11 Password Extractor Local Exploit

No description provided by source...

XFree86 4.2 XLOCALEDIR Local Buffer Overflow Vulnerability (3)

No description provided by source. source: http://www.securityfocus.com/bid/7002/info Several XFree86 utilities may be prone to a buffer overflow condition. The vulnerability exists due to insufficient boundary checks performed by these utilities when referencing the XLOCALEDIR environment...

Appfluent Database IDS < 2.1.0.103 (Env Variable) Local Exploit

No description provided by source...

Sendmail 8.12.x Header Processing Buffer Overflow Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/6991/info Sendmail is prone to a remotely buffer-overflow vulnerability in the SMTP header parsing component. Successful attackers may exploit this vulnerability to gain control of affected servers. Reportedly, this...

P2P Share Spy 2.2 - Local Password Disclosure Exploit

No description provided by source. / P2P Share Spy 2.2 Local Exploit by Kozan Application: P2P Share Spy 2.2 Vendor: Rebrand Software - www.rebrandsoftware.com Vulnerable Description: P2P Share Spy 2.2 discloses passwords to local users. Discovered & Coded by: Kozan Credits to ATmaCA Web :...

Linux Kernel 2.4.x/2.6.x Bluetooth Signed Buffer Index Vulnerability (3)

No description provided by source. source: http://www.securityfocus.com/bid/12911/info A local signed-buffer-index vulnerability affects the Linux kernel because it fails to securely handle signed values when validating memory indexes. A local attacker may leverage this issue to gain escalated...

F-Secure Internet Gatekeeper for linux < 2.15.484 Local Root Exploit

No description provided by source. !/usr/bin/env python F-Secure Anti-Virus Internet Gatekeeper for Linux 2.15.484 F-Secure Anti-Virus Linux Gateway 2.16 added line 3-4 for references /str0ke fsigkexp.py: F-Secure Internet Gatekeeper for Linux local root exploit acknowledgements: everyone in...

Mandrake 6.x,RedHat 6.x,Turbolinux 3.5 b2/4.x/6.0.2 userhelper/PAM Path Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/913/info Because of double path vulnerabilities in the binary userhelper and PAM, it is possible to get root locally on RedHat 6.0 and 6.1 systems. Both userhelper and PAM follow .. paths and userhelper allows you to...

Grep < 2.11 Integer Overflow Crash PoC

No description provided by source. Grep 2.11 is vulnerable to int overflow exploitation. http://lists.gnu.org/archive/html/bug-grep/2012-03/msg00007.html Although it is patched in the recent Grep, This update has not been pushed to the Ubuntu repos, or the Redhat repos, leaving 99% of those OS'sa...

Majordomo 1.89/1.90 lists Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2310/info Majordomo is a perl-based Internet e-mail list server. Versions prior to 1.91 are vulnerable to an attack whereby specially crafted e-mail headers are incorrectly processed, yielding the ability to execute...

dislocate 1.3 - Local i386 Exploit

No description provided by source. / MasterSecuritY www.mastersecurity.fr dislocate.c - Local i386 exploit in v1.3 Secure Locate v2.3 Copyright C 2000 Michel MaXX Kaempf [email protected] Updated versions of this exploit and the corresponding advisory will be made available at:...

Qpopper <= 4.0.8 (poppassd) Local Root Exploit (linux)

No description provided by source. !/bin/sh tested and working /str0ke Linux Qpopper poppassd latest version local r00t exploit by kcope August 2005 Confidential - Keep Private! POPPASSDPATH=/usr/local/bin/poppassd echo echo Linux Qpopper poppassd latest version local r00t exploit by kcope echo...