792 matches found
Qpopper 4.0.x - poppassd Privilege Escalation
Qpopper 4.0.x - poppassd Privilege Escalation / Title: Qpopper v4.0.x poppassd local root exploit. Exploit code: 0x82-Local.Qp0ppa55d.c -- ./0x82-Local.Qp0ppa55d -u x82 -p mypasswd Qpopper v4.0.x poppassd local root exploit. by Xpl017Elz / include include include include define BUFSZ 0x82 define...
Important: Red Hat Security Advisory: mysql security update
Updated packages are available that fix both a double-free security vulnerability and a remote root exploit security vulnerability found in the MySQL server. Updated 11 Aug 2003 Updated mysqlclient9 packages are now included. These were previously missing from this erratum. MySQL is a multi-user,...
PoPToP PPTP <= 1.1.4-b3 Remote Root Exploit (poptop-sane.c)
No description provided by source. / Fixed Exploit against PoPToP in Linux poptop-sane.c ./r4nc0rwh0r3 of blightninjas [email protected] blightninjas: bringing pain, suffering, and humiliation to the security world Expect more great release like helloworld-annotated.c and cd explained...
PoPToP PPTP <= 1.1.4-b3 Remote Root Exploit
Exploit for linux platform in category remote exploits =========================================== PoPToP PPTP include include define uint8t char define uint16t WORD define uint32t DWORD char shellcode = "\x1a\x76\xa2\x41\x21\xf5\x1a\x43\xa2\x5a\x1a\x58\xd0\x1a\xce\x6b"...
Mac OS X <= 10.2.4 DirectoryService (PATH) Local Root Exploit
Exploit for macOS platform in category local exploits ============================================================= Mac OS X include include include int mainint argc, char argv char ORIGPATH; int temp; if argc 2 if geteuid == 0 printf"euid is root.\n"; setuid0; execl"/bin/bash", "bash", NULL;...
PoPToP PPTP <= 1.1.4-b3 Remote Root Exploit
No description provided by source. / exploit for a recently discovered vulnerability in PoPToP PPTP server under Linux. Versions affected are all prior to 1.1.4-b3 and 1.1.3-20030409. The exploit is capable of bruteforcing the RET address to find our buffer in the stack. Upon a successfull run it...
[SECURITY] [DSA 267-2] New lpr packages fix local root exploit (potato)
-------------------------------------------------------------------------- Debian Security Advisory DSA 267-2 [email protected] http://www.debian.org/security/ Martin Schulze April 15th, 2003 http://www.debian.org/security/faq -...
xfsdump creates files insecurely on IRIX
-----BEGIN PGP SIGNED MESSAGE----- SGI Security Advisory Title : xfsdump creates files insecurely Number : 20030404-01-P Date : April 10, 2003 Reference: CVE CAN-2003-0173 Reference: SGI BUG 885222 Fixed in : IRIX 6.5.20 when available or patches 5059 and 5060 - ----------------------- - --- Issu...
Apple Mac OSX 10.x - DirectoryService Denial of Service
Apple Mac OSX 10.x - DirectoryService Denial of Service // source: https://www.securityfocus.com/bid/7323/info MacOSX DirectoryService has been reported prone to a denial of service vulnerability. It has been reported that a remote attacker may trigger an exception in DirectoryService by repeated...
Samba 2.2.8 Remote Root Exploit - sambal.c
Exploit for linux platform in category remote exploits ========================================== Samba 2.2.8 Remote Root Exploit - sambal.c ========================================== / Remote root exploit for Samba 2.2.x and prior that works against Linux all distributions, FreeBSD 4.x, 5.x,...
[SECURITY] [DSA 277-1] New apcupsd packages fix remote root exploit
-------------------------------------------------------------------------- Debian Security Advisory DSA 277-1 [email protected] http://www.debian.org/security/ Martin Schulze April 3rd, 2003 http://www.debian.org/security/faq -...
[SECURITY] [DSA 270-1] New Linux kernel packages (mips + mipsel) fix local root exploit
-------------------------------------------------------------------------- Debian Security Advisory DSA 270-1 [email protected] http://www.debian.org/security/ Martin Schulze March 27sh, 2003 http://www.debian.org/security/faq -...
XFree86 4.2 - XLOCALEDIR Local Buffer Overflow (2)
XFree86 4.2 - XLOCALEDIR Local Buffer Overflow 2 // source: https://www.securityfocus.com/bid/7002/info Several XFree86 utilities may be prone to a buffer overflow condition. The vulnerability exists due to insufficient boundary checks performed by these utilities when referencing the XLOCALEDIR...
XFree86 4.2 - 'XLOCALEDIR' Local Buffer Overflow (3)
// source: https://www.securityfocus.com/bid/7002/info Several XFree86 utilities may be prone to a buffer overflow condition. The vulnerability exists due to insufficient boundary checks performed by these utilities when referencing the XLOCALEDIR environment variable. A local attacker can exploi...
Darwin Streaming Server <= 4.1.2 (parse_xml.cgi) Code Execution Expl
Exploit for macOS platform in category remote exploits ======================================================================= Darwin Streaming Server 'filename'; $templatefile = $query-'template'; Based on http://wbyte.ath.cx/wbyte/researches/qtss-core.txt use IO::Socket; use LWP::Simple; use LW...
Darwin Streaming Server 4.1.2 - 'parse_xml.cgi' Code Execution
!/usr/bin/perl QTTS REMOTE ROOT exploit by FOXMULDER [email protected] FOXMULDER PRESENTS foxmulderatabv.bg DarwinOSX4.x? 5.X QTSSQuick Time Stream Server 3.X The bug in Darwin 5.X with unpatched QTSS in parsexml.cgi which lead to remote root compromise: $filename = $query-'filename'; $templatefil...
[SECURITY] [DSA 252-1] New slocate packages fix local root exploit
-------------------------------------------------------------------------- Debian Security Advisory DSA 252-1 [email protected] http://www.debian.org/security/ Martin Schulze February 21st, 2003 http://www.debian.org/security/faq -...
Local root vuln in SuSE 8.0 plptools package
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Security Vulnerability Advisory Distribution: SuSE 8.0 possibly other versions, eg. 7.x/8.1 Package name: plptools-0.6mjg-161.i386.rpm Impact: Local root Advisory ID: CLIVITT-2003-2 Author: Carl Livitt carl at learningshophull.co.uk Date: January 29th...
grpck-expl.pl
Hi packetstorm dudez! --- start here --- !/usr/bin/perl www.uhagr.org - [email protected] This is only a Proof of concept. /usr/sbin/grpck is not suid root by default. castle: /usr/sbin/grpck perl -e 'print "X"x2900' Segmentation fault castle: my $usage = Example: ./grpck-expl.pl 1 TARGETS: 1...
[SECURITY] [DSA 189-1] New luxman packages fix local root exploit
-------------------------------------------------------------------------- Debian Security Advisory DSA 189-1 [email protected] http://www.debian.org/security/ Martin Schulze November 6th, 2002 http://www.debian.org/security/faq -...