FreeBSD rtld Local Root Exploit

FreeBSD local r00t 0day Discovered & Exploited by Nikolaos Rangos also known as Kingcope. Nov 2009 "BiG TiME" "Go fetch your FreeBSD r00tkitz" // http://www.youtube.com/watch?v=dDnhthI27Fg There is an unbelievable simple local r00t bug in recent FreeBSD versions. I audited FreeBSD for local r00t...

Microsoft GDI+ TIFF Memory Corruption (MS09-062; CVE-2009-2503)

The Microsoft Windows graphics device interface GDI enables applications to use graphics and formatted text on the video display and on the printer.A remote code execution vulnerability has been discovered in the way that GDI+ allocates memory.The vulnerability is due to the way that GDI+ renders...

[SECURITY] Fedora 10 Update: kdebase-workspace-4.3.1-1.fc10

The KDE Workspace consists of what is the desktop of the KDE Desktop Environment. This package contains: khotkeys a hotkey daemon klipper a cut & paste history utility kmenuedit the menu editor krandrtray resize and rotate X screens krunner a command run interface ksysguard a performance monitor...

HTMLDOC 1.8.27 - .html File Handling Stack Buffer Overflow

HTMLDOC 1.8.27 - .html File Handling Stack Buffer Overflow / HTMLDOC 'html' File Handling Remote Stack Buffer Overflow Exploit Linux Reference: https://www.securityfocus.com/bid/35727 Tested on HTMLDOC 1.8.27 on Debian 5.0 +ASLR Credit: ANTHRAX666 for finding the vulnerability Coded by Pankaj Koh...

Fedora 10 : firebird-2.1.3.18185.0-2.fc10 (2009-8317)

Upgrade from previous package version may be a problem since previous version remove /var/run/firebird and it shouldn't This release fix this problem for future updates If you are in that case no longer /var/run/firebird directory after upgrade, just reinstall firebird-2.1.3.18185.0-2 package or...

Fedora 11 : firebird-2.1.3.18185.0-2.fc11 (2009-8340)

Upgrade from previous package version may be a problem since previous version remove /var/run/firebird and it shouldn't This release fix this problem for future updates If you are in that case no longer /var/run/firebird directory after upgrade, just reinstall firebird-2.1.3.18185.0-2 package or...

SQL query result set for injecting the effects and use-vulnerability and early warning-the black bar safety net

For injection purposes, the error message is extremely important. The so-called error message refers to and the correct page different results back, the master is very attention to this point, which injection point the precise judgment is essential. The ask discussed under several categories of...

AiO (All into One) Flash Mixer 3 - '.afp' Crash (PoC)

!/usr/bin/perl + Bug : AiO All into One Flash Mixer 3 .afp File Crash Vulnerability Exploit + program Download : http://www.goztun.com/download/AiOFlashMixerSetup.exe + Author : theEdit0r Contact me : the3dit0ratYahoodotcoM + Greetz to all my friends + Tested on: Windows XP Pro SP3 + web site:...

PCI DSS compliance : options settings

This plugin reports the values of a few important scan settings if PCI DSS compliance checks are enabled. These scan settings are preset based on the scan template you have selected, but in some cases may be overriden. C Tenable Network Security, Inc. include"compat.inc"; ifdescription...

Firefox browser engine crashes

The browser engine in Mozilla Firefox 3 before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 allows remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via vectors related to 1...

CGI Generic Tests Timeout

Some generic CGI tests ran out of time during the scan. The results may be incomplete. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; ifdescription scriptid39470; scriptversion"1.15"; scriptsetattributeattribute:"pluginmodificationdate"...

CGI Generic Remote File Inclusion

The remote web server hosts CGI scripts that fail to adequately sanitize request strings. By leveraging this issue, an attacker may be able to include a remote file from a remote server and execute arbitrary commands on the target host. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

AIX 610001 : U823928

The remote host is missing AIX PTF U823928 which is related to the security of the package bos.64bit You should install this PTF for your system to be up-to-date. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if ! definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc';...

CVE-2009-1573

xvfb-run 1.6.1 in Debian GNU/Linux, Ubuntu, Fedora 10, and possibly other operating systems place the magic cookie MCOOKIE on the command line, which allows local users to gain privileges by listing the process and its arguments...

DEBIAN-CVE-2009-1573

xvfb-run 1.6.1 in Debian GNU/Linux, Ubuntu, Fedora 10, and possibly other operating systems place the magic cookie MCOOKIE on the command line, which allows local users to gain privileges by listing the process and its arguments...

CVE-2009-1573

xvfb-run 1.6.1 in Debian GNU/Linux, Ubuntu, Fedora 10, and possibly other operating systems place the magic cookie MCOOKIE on the command line, which allows local users to gain privileges by listing the process and its arguments...

Command injection

xvfb-run 1.6.1 in Debian GNU/Linux, Ubuntu, Fedora 10, and possibly other operating systems place the magic cookie MCOOKIE on the command line, which allows local users to gain privileges by listing the process and its arguments...

CVE-2009-1573

What is affected. xvfb-run 1.6.1 (Debian/Ubuntu/Fedora and possibly other OSes) has the flaw. The root cause described in the CVE context is that the X11 magic cookie (MCOOKIE) is exposed on the command line, which can be discovered by local users. Impact. Local privilege escalation by listing th...

CVE-2009-1573

xvfb-run 1.6.1 in Debian GNU/Linux, Ubuntu, Fedora 10, and possibly other operating systems place the magic cookie MCOOKIE on the command line, which allows local users to gain privileges by listing the process and its arguments...

Linux Kernel 2.6 UDEV < 141 Local Privilege Escalation Exploit

No description provided by source. / cve-2009-1185.c udev 141 Local Privilege Escalation Exploit Jon Oberheide [email protected] http://jon.oberheide.org Information: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1185 udev before 1.4.1 does not verify whether a NETLINK message originates...