WinAmp 5.63 (winamp.ini) - Local Exploit

No description provided by source. Exploit Title: winampevilskin.py Date: 25 August 2013 Exploit Author: Ayman Sagy [email protected] Vendor Homepage: http://www.winamp.com/ Version: 5.63 Tested on: Windows XP Professional SP3 Version 2002 CVE : 2013-4694 Ayman Sagy [email protected] August...

TP-Link TL-SC3171 IP Cameras - Multiple Vulnerabilities

Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Multiple Vulnerabilities in TP-Link TL-SC3171 IP Cameras 1. Advisory Information Title: Multiple Vulnerabilities in TP-Link TL-SC3171 IP Cameras Advisory ID: CORE-2013-0618 Advisory URL:...

IRCnet IRCD 2.10 Local Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8817/info IRCnet IRCD has been reported prone to a buffer overflow vulnerability that may be exploited by local users. This issue may be exploited to crash the affected server. Although unconfirmed, due to the nature of...

CVE-2014-0012

CVE-2014-0012 affects Jinja2 2.7.2: FileSystemBytecodeCache does not securely create temporary directories, allowing a local user to gain privileges by pre-creating a temp directory with that user’s UID. The issue exists due to an incomplete prior fix for CVE-2014-1402. Several connected advisori...

CVE-2014-0135

CVE-2014-0135 affects Kafo before 0.3.17 and 0.4.x before 0.5.2 (as used by Foreman). The issue is that default_values.yaml is world-readable, allowing local users to read passwords and other sensitive information. Remediation is to upgrade Kafo to 0.3.17+ or 0.4.x to 0.5.2+ (where fixed). If not...

CVE-2014-0470

CVE-2014-0470 affects the Super package (version 3.30.0) where the setuid() return value is not checked when the -F flag is used, enabling local privilege escalation via an RLIMIT_NPROC scenario. Root cause: failure to verify setuid() result. Public references (e.g., Debian security advisory DSA-...

CVE-2011-4089

The CVE-2011-4089 entry concerns the bzexe command in bzip2 1.0.5 and earlier. The vulnerability arises because extraction does not properly handle temporary files, allowing a local attacker to execute arbitrary code by precreating a temporary directory. Affected component: bzexe (bzip2). Root ca...

DEBIAN-CVE-2014-2678

The rdsiwladdrcheck function in net/rds/iw.c in the Linux kernel through 3.14 allows local users to cause a denial of service NULL pointer dereference and system crash or possibly have unspecified other impact via a bind system call for an RDS socket on a system that lacks RDS transports...

CVE-2014-1496

CVE-2014-1496 affects Mozilla Firefox (up to 28.0) and related Mozilla suite components (Firefox ESR 24.x up to 24.4, Thunderbird up to 24.4, SeaMonkey up to 2.25). The vulnerability allows local users to gain privileges by modifying the extracted Mar contents during an update, constituting a loc...

exploit for old rlpdaemon bug

!/opt/perl5/bin/perl -w HP-UX rlpdaemon local exploit Bulletin HPSBUX0111-176 November 2001 For use only on machines where you have legitimate root. This attempts to add junk including "localhost +" to /.rhosts. Obvious variants could include /etc/passwd. use IO::Socket; $PORT = 9000; pick...

QNX 6.5.0 x86 phfont - Local Privilege Escalation

QNX 6.5.0 x86 phfont - Local Privilege Escalation / QNX 6.5.0 x86 phfont local root exploit by cenobyte 2013 - vulnerability description: Setuid root /usr/photon/bin/phfont on QNX is prone to a buffer overflow. The vulnerability is due to insufficent bounds checking of the PHOTONHOME environment...

iCAM Workstation Control 4.8.0.0 - Authentication Bypass

Exploit Title: iCAM Workstation Control Software Local Authentication Bypass Google Dork: Vendor: Insight Media Internet Limited is based in the North West of England, and has 10 years experience in developing both internet and software solutions. Our staff are focused and committed to offering t...

Linux Kernel < 3.4.5 (Android 4.2.2/4.4 ARM) - Local Privilege Escalation

/ Just a lame binder local root exploit stub. Somewhat messy but whatever. The bug was reported in CVE-2013-6282. Tested on Android 4.2.2 and 4.4. Kernels 3.0.57, 3.4.5 and few more. All up to 3.4.5 unpatched should be vulnerable. You need to customize the addresses so that they match the target...

Design/Logic Flaw

The wanxlioctl function in drivers/net/wan/wanxl.c in the Linux kernel before 3.11.7 does not properly initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory via an ioctl call...

CVE-2013-7271

The CVE-2013-7271 issue affects the Linux kernel up to versions before 3.12.4. The vulnerability exists in x25_recvmsg (net/x25/af_x25.c), where a length value is updated without ensuring the associated data structure is initialized, enabling local attackers to disclose kernel memory content via ...

CORE-2013-0807 - Divide Error in Windows Kernel

Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Divide Error in Windows Kernel 1. Advisory Information Title: Divide Error in Windows Kernel Advisory ID: CORE-2013-0807 Advisory URL: http://www.coresecurity.com/advisories/divide-error-in-windows-kernel Date published: 2013-12-...

KLA10307 LPE vulnerability in RealVNC

An unspecified vulnerability was found in RealVNC. By exploiting this vulnerability malicious users can gain privileges. This vulnerability can be exploited locally via a specially designed argument. Original advisories - Related products RealVNC-Viewer CVE list CVE-2013-6886 high Solution Update...

Windows Live Movie Maker 2011 Denial Of Service

!/usr/bin/env ruby Title: Windows Live Movie Maker 2011 .wav DoS Local Exploit Version: Version 2011 Build 15.4.53508.1109 Tested on: Windows 7 Professional 32-bit SP1 E-Mail: [email protected] Exploit-Author: Osanda Malith Jayathissa Video: https://www.youtube.com/watch?v=SBJYzSNdY6k /!...

QuickHeal AntiVirus 7.1 PRO - Stack Overflow Vulnerability

Document Title: =============== QuickHeal AntiVirus 7.1 PRO - Stack Overflow Vulnerability References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1173 View: http://www.youtube.com/watch?v=6aQR8H6HoCs http://www.vulnerability-lab.com/getcontent.php?id=1171 Resources:...

IcoFX Buffer Overflow Vulnerability

Advisory ID Internal CORE-2013-1107 1. Advisory Information Title: IcoFX Buffer Overflow Vulnerability Advisory ID: CORE-2013-1107 Date published: 2013-12-10 Date of last update: 2013-12-10 Vendors contacted: IcoFX Software Release mode: User release 2. Vulnerability Information Class: Buffer...