619 matches found
Sniffit Root Shell
CVE-2014-5439 - Root shell on Sniffit Authors: Ismael Ripoll & Hector Marco CVE: CVE-2014-5439 Dates: July 2014 - Discovered the vulnerability Description Sniffit is a packet sniffer and monitoring tool. A bug in sniffit prior to 0.3.7 has been found. The bug is caused by an incorrect...
Cisco IOS XE Software Challenge/Response Bypass Vulnerability
A vulnerability in the request system shell command supported by specific Cisco IOS XE platforms WS-C3850, WS-C3650, AIR-CT5760, and WS-C4500X could allow an authenticated, local attacker with administrative privilege 15 to access the underlying Linux root shell. The vulnerability is due to...
ALCASAR 2.8.1 - Remote Code Execution
ALCASAR 2.8.1 - Remote Code Execution !/usr/bin/env python -- coding: utf-8 -- ALCASAR = 2.8.1 Remote Root Code Execution Vulnerability Author: eF Date : 2014-09-12 URL : http://www.alcasar.net/ This is not a responsible disclosure coz' I have no sense of ethics and I don't give a fck. db 88...
MyAuth3 - Blind SQL Injection
No description provided by source. Exploit Title: MyAuth3 Blind SQL Injection / Root Shell Access 0day exploit Google Dork: allinurl:1881/?console=panel Date: 09/06/2011 Author: Marcio Almeida marcioatalligatorteamdot org | @marcioalm Version: 3.0 Tested on: Linux EDB-Note: apparently no true...
Qualcomm qpopper 3.0/3.0 b20 Remote Buffer Overflow Vulnerability (1)
No description provided by source. source: http://www.securityfocus.com/bid/830/info There is a buffer overflow vulnerability present in current 3.x versions of Qualcomm popper daemon. These vulnerabilities are remotely exploitable and since the daemon runs as root, the host running qpopper can b...
Solaris 2.6/7.0/8 netpr Buffer Overflow Vulnerability (2)
No description provided by source. source: http://www.securityfocus.com/bid/1200/info A buffer overrun exists in the 'netpr' program, part of the SUNWpcu LP package included with Solaris, from Sun Microsystems. Versions of netpr on Solaris 2.6 and 7, on both Sparc and x86 have been confirmed as...
Sitecom MD-25x Multiple Vulnerabilities Reverse Root Shell Exploit
No description provided by source. !/usr/bin/python Exploit Title: Sitecom MD-253 and MD-254 Network Storage Reverse Shell Exploit Date: 09/11/12 Exploit Author: Mattijs van Ommeren mattijs at alcyon dot nl Vendor Homepage: http://www.sitecom.com Software Link:...
SCO OpenServer 5.0.x 'mana' PATH_INFO Privilege Escalation Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8618/info It has been reported that SCO OpenServer Inertnet Manager 'mana' process is prone to a privilege escalation issue allow local users to execute arbitrary code with elevated privileges. mana normally requires...
Xcode OpenBase <= 9.1.5 (root file create) Local Root Exploit (OSX)
No description provided by source. !/usr/bin/perl http://www.digitalmunition.com written by kf kflistsatdigitalmunitiondotcom http://docs.info.apple.com/article.html?artnum=61798 This won't help ftp://www.openbase.com/pub/OpenBase10.0 This will Create a new file anywhere on the filesystem with...
LogWatch 2.1.1/2.5 Insecure Temporary Directory Creation Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/4374/info LogWatch is a freely available, open source script for monitoring log files. It may be used with the Linux and Unix Operating systems. Upon execution, LogWatch creates a directory in /tmp. This directory uses th...
Sun VirtualBox <= 3.0.6 - Privilege Escalation
No description provided by source. !/bin/sh CVE-2009-3692 Sun VirtualBox = 3.0.6 local root exploit ======================================================== Exploits popen meta char shell injection vulnerability in Sun VirtualBox. E.g. admin@sundevil:/test$ id uid=101admin gid=10staff...
X.Org xorg-x11-xfs <= 1.0.2-3.1 - Local Race Condition Exploit
No description provided by source. !/bin/sh Xorg-x11-xfs Race Condition Vuln local root exploit CVE-2007-3103 Another lame xploit by vl4dZ : works on redhat el5 and before $ id uid=1001kecos gid=1001user groups=1001user $ sh xfs-RaceCondition-root-exploit.sh Generate large data file in...
libvirt_proxy <= 0.5.1 - Local Privilege Escalation Exploit
No description provided by source. / cve-2009-0036.c libvirtproxy = 0.5.1 Local Privilege Escalation Exploit Jon Oberheide [email protected] http://jon.oberheide.org Information: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0036 Buffer overflow in the proxyReadClientSocket function in...
IBM AIX 4.3.x/5.1 ERRPT Local Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/5885/info The IBM AIX errpt command is prone to a locally exploitable buffer overflow condition. It is possible to exploit this condition to execute arbitrary attacker-supplied instructions with root privileges...
RedHat Linux 6.0 Single User Mode Authentication Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/1005/info A vulnerability exists in the manner in which RedHat Linux 6.0 protects the obtaining of a shell by booting single user mode. RedHat will prompt for the root password upon entering single user mode. Pressing ^C...
Rosewill RSVA11001 - Remote Command Injection
No description provided by source. I have been hacking on a Rosewill RSVA11001 for a while now, something to suck up my free time. I had pulled apart the firmware previously but did not succeed in finding a way to get a shell on the device. The box is Hi3515 based, I found an exploit for another...
TRENDnet Shell
Added: 06/24/2014 Background TRENDnet routers are vulnerable to a range of SQL injection, command injection, and buffer overflow vulnerabilities. Current supported devices include: TEW-654TR - Remote Root Shell TEW-732BR - Remote Root Shell Problem A SQL injection vulnerability allows the attacke...
Yealink VoIP Phone SIP-T38G - Privilege Escalation
Yealink VoIP Phone SIP-T38G - Privilege Escalation Title: Yealink VoIP Phone SIP-T38G Privileges Escalation Author: Mr.Un1k0d3r & Doreth.Z10 From RingZer0 Team Vendor Homepage: http://www.yealink.com/Companyprofile.aspx Version: VoIP Phone SIP-T38G CVE: CVE-2013-5759 Description: Using the fact...
Yealink VoIP Phone SIP-T38G Privilege Escalation
Title: Yealink VoIP Phone SIP-T38G Privileges Escalation Author: Mr.Un1k0d3r & Doreth.Z10 From RingZer0 Team Vendor Homepage: http://www.yealink.com/Companyprofile.aspx Version: VoIP Phone SIP-T38G CVE: CVE-2013-5759 Description: Using the fact that cgiServer.exx run under the root privileges we...
Quantum vmPRO后门未授权访问漏洞
Bugtraq ID:66274 Quantum vmPRO是一款适用于保护虚拟机数据的解决方案。 Quantum vmPRO "/usr/local/pancetera/bin/cmdprocessor.py"存在一个隐藏命令可获得root shell,允许通过验证的远程攻击者利用漏洞提交恶意命令获得root shell。 0 Quantum vmPRO 3.1.2 Quantum vmPRO 2.3.0.1已经修复该漏洞,建议用户下载更新: http://quantum.com/...