118 matches found
SGI IRIX <= 6.5.4 midikeys Root Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/262/info The setuid root midikeys executable can be used to edit arbitrary files via its graphical user interface. This grants malicious users root access to the system. Running the midikeys application, clicking in sound...
Kloxo Remote Root Exploit
Kloxo remote root exploit that leverages a blind SQL injection and injects a perl connect back shell /bin/sh with root privilege. !/usr/bin/perl Title: Kloxo remote root exploit Author: Simo Ben youssef Contact: SimoatMorxploitcom Coded: 28 January 2014 Published: 26 February 2014 MorXploit...
CVE-2010-0681
ZeusCMS 0.2 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request for admin/backup.sql...
VideoCache 1.9.2 vccleaner root vulnerability
==== SYNOPSIS ===================================================== VideoCache is a Squid URL rewriter plugin written in Python for bandwidth optimization while browsing video sharing websites. Version 1.9.2 allows a user with the privileges of the Squid proxy server to append semi-arbitrary data...
VideoCache 1.9.2 vccleaner root vulnerability
Exploit for unknown platform in category local exploits ============================================= VideoCache 1.9.2 vccleaner root vulnerability ============================================= Title: VideoCache 1.9.2 vccleaner root vulnerability CVE-ID: OSVDB-ID: Author: Dominick LaTrappe...
Gentoo Security Advisory GLSA 200409-11 (star)
The remote host is missing updates announced in advisory GLSA 200409-11. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SCO UnixWare Merge mcd Local Root Exploit
No description provided by source. / 04/2008: public release I have'nt seen any advisory on this; possibly still not fixed. SCO UnixWare Merge mcd Local Root Exploit By qaaz / include stdio.h include stdlib.h include string.h include unistd.h include errno.h include sys/stat.h...
ZyXEL ZyWALL Quagga/Zebra Remote Root Vulnerability
Name: ZyXEL ZyWALL Quagga/Zebra Remote Root Vulnerability Release Date: 10 March 2008 Discover: Pranav Joshi [email protected] Vendor: ZyXEL Products Affected: ZyWALL Status on other affected products & firmwares pending from vendor’s end CVE-2008-1160 BID 28184 ---------------------------...
ZyXEL ZyWALL Quagga/Zebra (default pass) Remote Root Vulnerability
No description provided by source. Name: ZyXEL ZyWALL Quagga/Zebra Remote Root Vulnerability Release Date: 10 March 2008 Discover: Pranav Joshi [email protected] Vendor: ZyXEL Products Affected: ZyWALL Status on other affected products & firmwares pending from vendor’s end CVE-2008-1160 BID...
ZYXEL ZyWALL QuaggaZebra - Default Password Remote Code Execution
ZYXEL ZyWALL QuaggaZebra - Default Password Remote Code Execution Name: ZyXEL ZyWALL Quagga/Zebra Remote Root Vulnerability Release Date: 10 March 2008 Discover: Pranav Joshi Vendor: ZyXEL Products Affected: ZyWALL Status on other affected products & firmwares pending from vendor’s end...
By PHP v4. 0. 2rc1-v4. 0. 7RC2 Trojan program to get the root-vulnerability warning-the black bar safety net
From one is black on the server to find the following tool fun This tool is designed to scan PHP v4. 0. 2rc1-v4. 0. 7RC2 / exploit program. Find the post by the overflow remotely get a shell, get root permissions is even simpler. Usage is as follows: root@linuxserver tmp ./ fun 7350fun - x86/linu...
Improper access control
PHP Upload Center stores password hashes under the web root with insufficient access control, which allows remote attackers to download each password hash via a direct request for the upload/users/USERNAME file...
[SECURITY] [DSA 969-1] New scponly packages fix potential root vulnerability
-------------------------------------------------------------------------- Debian Security Advisory DSA 969-1 [email protected] http://www.debian.org/security/ Martin Schulze February 13th, 2006 http://www.debian.org/security/faq -...
Mandrake Linux Security Advisory : printer-filters-utils (MDKSA-2005:239)
'newbug' discovered a local root vulnerability in the mtink binary, which has a buffer overflow in its handling of the HOME environment variable, allowing the possibility for a local user to gain root privileges. Mandriva encourages all users to upgrade immediately. The updated packages have been...
local root security bug in linux >= 2.4.6 <= 2.4.30-rc1 and 2.6.x.y <= 2.6.11.5
Suresec security advisory 1 Release date: 27th March 2005 CVE ID: CAN-2005-0750 Linux kernel local root vulnerability About the linux kernel: The linux kernel is a widely used kernel which is unix based. Vulnerability summary: The linux kernel has support for bluetooth. A local root security...
CVE-2004-0564
Roaring Penguin pppoe rp-ppoe, if installed or configured to run setuid root contrary to its design, allows local users to overwrite arbitrary files. NOTE: the developer has publicly disputed the claim that this is a vulnerability because pppoe "is NOT designed to run setuid-root." Therefore this...
Possible local root vulnerability in Roxio Toast on Mac OS X
Possible local root vulnerability in Roxio Toast on Mac OS X By fintler [email protected] Summary: There is a format string bug in the binary /Library/Application Support/Roxio/TDIXSupport. It is installed suid root by default and may be exploited by finding the offset and overwriting the stack...
Debian DSA-095-1 : gpm - local root vulnerability
The package 'gpm' contains the gpm-root program, which can be used to create mouse-activated menus on the console. Among other problems, the gpm-root program contains a format string vulnerability, which allows an attacker to gain root privileges. %NASLMINLEVEL 70300 C Tenable Network Security,...
GLSA-200409-18 : cdrtools: Local root vulnerability in cdrecord if set SUID root
The remote host is affected by the vulnerability described in GLSA-200409-18 cdrtools: Local root vulnerability in cdrecord if set SUID root Max Vozeler discovered that the cdrecord utility, when set to SUID root, fails to drop root privileges before executing a user-supplied RSH program. By...
SUS: Local root vulnerability
Background SUS is a utility that allows regular users to be able to execute certain commands as root. Description Leon Juranic found a bug in the logging functionality of SUS that can lead to local privilege escalation. A format string vulnerability exists in the log function due to an incorrect...