Elevation of Privilege Vulnerability in Multiple NUUO and NetGear Products

NUUO NVRmini 2 and NVRsolo are network video recorders.NetGear ReadyNAS Surveillance is a comprehensive IP video surveillance solution that integrates video surveillance software, storage, switching, and network management.NUUO Crystal is a Linux-based enterprise VMS Virtual Memory System NUUO...

samba: crash in dcesrv_auth_bind_ack due to missing error check

Multiple flaws were found in Samba's DCE/RPC protocol implementation. A remote, authenticated attacker could use these flaws to cause a denial of service against the Samba server high CPU load or a crash or, possibly, execute arbitrary code with the permissions of the user running Samba root. Thi...

Cisco Virtualization Experience Client Input Validation Elevation of Privilege Vulnerability

Cisco Virtualization Experience Client is a thin client for integrated virtualization infrastructure from Cisco USA. An input validation vulnerability in the subsystem that manages the WEB interface, included in firmware version 11.2 27.4 of the Cisco Virtualization Experience Client 6000 series,...

xorg-x11-server: integer overflow in X11 core protocol requests when calculating memory needs for requests

Multiple integer overflow flaws were found in the way the X.Org server calculated memory requirements for certain X11 core protocol requests. A malicious, authenticated client could use either of these flaws to crash the X.Org server or, potentially, execute arbitrary code with root privileges...

ALCASAR <= 2.8.1 - Remote Root Code Execution Vulnerability

Exploit for php platform in category web applications !/usr/bin/env python -- coding: utf-8 -- ALCASAR = 2.8.1 Remote Root Code Execution Vulnerability Author: eF Date : 2014-09-12 URL : http://www.alcasar.net/ This is not a responsible disclosure coz' I have no sense of ethics and I don't give a...

ALCASAR-Remote

By sending a specially crafted value in the "host" HTTP header, it is possible to inject the exec function in order to execute commands as Apache user. !/usr/bin/env python -- coding: utf-8 -- ALCASAR = 2.8 Remote Root Code Execution Vulnerability Author: eF Date : 2014-02-10 db 88 ,ad8888ba, db...

F5 rsync daemon ConfigSync interface cmi module vulnerability

Added: 09/02/2014 CVE: CVE-2014-2927 BID: 69461 OSVDB: 110595 Background F5 BIG-IP is a suite of security, availability and acceleration products. Problem When configured to support failover, multiple BIG-IP products are vulnerable to an unauthenticated rsync access vulnerability that can be...

McAfee LinuxShield <= 1.5.1 - Local/Remote Root Code Execution

No description provided by source. !/usr/bin/perl Title: McAfee LinuxShield = 1.5.1 Local/Remote Root Exploit Name: nailsRoot.pl Author: Nikolas Sotiriu lofi lofiatsotiriu.de WARNING: This Exploit deletes the default Update Server Use it only for education or ethical pentesting! The author accept...

CFME: SSH Utility insecure tmp file creation leading to code execution as root

The 1 shellexec function in lib/util/MiqSshUtilV1.rb and 2 tempcmdfile function in lib/util/MiqSshUtilV2.rb in Red Hat CloudForms 3.0 Management Engine CFME before 5.2.4.2 allow local users to execute arbitrary commands via a symlink attack on a temporary file with a predictable name...

bcfg2 shell chatacters vulnerability

It's possible to execute code as a root...

FreeBSD 7.0-RELEASE Telnet Daemon Local Privilege Escalation Exploit

Exploit for freebsd platform in category local exploits ==================================================================== FreeBSD 7.0-RELEASE Telnet Daemon Local Privilege Escalation Exploit ==================================================================== FreeBSD 7.0-RELEASE telnet daemon...

KDE start_kdeinit privilege escalation

It's possible to execute code with root privileges or send signals to privileged processes...

FreeBSD : NVIDIA UNIX driver -- arbitrary root code execution vulnerability (a6d9da4a-5d5e-11db-8faf-000c6ec775d9)

Rapid7 reports : The NVIDIA Binary Graphics Driver for Linux is vulnerable to a buffer overflow that allows an attacker to run arbitrary code as root. This bug can be exploited both locally or remotely via a remote X client or an X client which visits a malicious web page. A working...

DEBIAN-CVE-2004-0579

Format string vulnerability in super before 3.23 allows local users to execute arbitrary code as root...

Real Server/Helix Universal Server array overflow

Pointers array overflow leads to remote root code execution...

LPRng (RedHat 7.0) lpd Remote Root Format String Exploit

Exploit for linux platform in category remote exploits ======================================================== LPRng RedHat 7.0 lpd Remote Root Format String Exploit ======================================================== / Copyright c 2000 - Security.is The following material may be freely...

clientagent662.txt

Client Agent 6.62 for Unix Vulnerability Tested on a Debian 2.2.14 Introduction -------------- Client Agent has a hole allowing to execute an arbitrary code by root without its knowing. In the meantime, some conditions are necessary to exploit this vulnerability. Description ------------ Client...

Stelian Pop dump 0.4 - restore Buffer Overflow

Stelian Pop dump 0.4 - restore Buffer Overflow // source: https://www.securityfocus.com/bid/1330/info A buffer overflow exists in the 'restore' program, part of the dump 0.4b15-1 package, distributed with RedHat Linux 6.2. By supplying a long string containing machine executable code at the promp...

Solaris 2.6/7.0 - lp -d Option Buffer Overflow

// source: https://www.securityfocus.com/bid/1143/info A buffer overrun has been discovered in the lp program, as included with Sun's Solaris 7 operating system. By passing well crafted, machine executable code of sufficient length to the -d option of lp, it becomes possible to execute arbitrary...

Sun Solaris 7.0 - usrdtbindtprintinfo Local Buffer Overflow

Sun Solaris 7.0 - usrdtbindtprintinfo Local Buffer Overflow / source: https://www.securityfocus.com/bid/249/info The dtprintinfo is a setuid commands open the CDE Print Manager window. A stack based buffer overflow in the handling of the "-p" option allow the execution of arbitrary code as root...