perl: File:: Path rmtree race condition (CVE-2005-0448) reintroduced after upstream rebase to 5.8.8-1

Race condition in the rmtree function in File::Path 1.08 and 2.07 lib/File/Path.pm in Perl 5.8.8 and 5.10.0 allows local users to create arbitrary setuid binaries via a symlink attack, a different vulnerability than CVE-2005-0448, CVE-2004-0452, and CVE-2008-2827. NOTE: this is a regression error...

/bin/sh Setuid Shellcode

/ 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : Inj3ct0r.com 0 1 + Support e-mail :...

linux/x86 sys_setuid(0) & sys_setgid(0) & execve ("/bin/sh") 39 bytes

Exploit for linux/x86 platform in category shellcode ===================================================================== linux/x86 syssetuid0 & syssetgid0 & execve "/bin/sh" 39 bytes ===================================================================== /...

linux/x86 Polymorphic - setuid(0) + chmod("/etc/shadow", 0666) 61 Bytes

Exploit for linux/x86 platform in category shellcode ================================================================================= linux/x86 Shellcode Polymorphic - setuid0 + chmod"/etc/shadow", 0666 61 Bytes ================================================================================= /...

linux/x86 setuid(0) + chmod("/etc/shadow", 0666) Shellcode 37 bytes

Exploit for linux/x86 platform in category shellcode =================================================================== linux/x86 setuid0 + chmod"/etc/shadow", 0666 Shellcode 37 bytes =================================================================== / Title: linux/x86 setuid0 +...

List Files with setuid-bit in / and /home, Check /tmp for sticky-bit

This plugin uses SSH to list files with setuid-bit in / and /home, check /tmp for sticky-bit. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

List Files with setuid-bit in / and /home, Check /tmp for sticky-bit

This plugin uses ssh to List Files with setuid-bit in / and /home, Check /tmp for sticky-bit. OpenVAS Vulnerability Test $Id: GSHBSSHsetuid.nasl 7076 2017-09-07 11:53:47Z teissa $ List Files with setuid-bit in / and /home, Check /tmp for sticky-bit Authors: Thomas Rotter Copyright: Copyright c 20...

linux/x86 setuid(0) ^ execve("/bin/sh", 0, 0) shellcode 27 bytes

Exploit for linux/x86 platform in category shellcode ================================================================ linux/x86 setuid0 ^ execve"/bin/sh", 0, 0 shellcode 27 bytes ================================================================...

linux/x86 setuid(0) + execve("/bin/sh",...) Shellcode 29 bytes

Exploit for linux/x86 platform in category shellcode ============================================================== linux/x86 setuid0 + execve"/bin/sh",... Shellcode 29 bytes ============================================================== / 29 byte-long setuid0 + execve"/bin/sh",... shellcode by...

Mandriva Update for nss_db MDVSA-2010:077 (nss_db)

Check for the Version of nssdb OpenVAS Vulnerability Test Mandriva Update for nssdb MDVSA-2010:077 nssdb Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

Linux Kernel <= 2.6.34-rc3 ReiserFS xattr Privilege Escalation

No description provided by source. !/usr/bin/env python ''' team-edward.py Linux Kernel = 2.6.34-rc3 ReiserFS xattr Privilege Escalation Jon Oberheide [email protected] http://jon.oberheide.org Information: https://bugzilla.redhat.com/showbug.cgi?id=568041 The kernel allows processes to access th...

Linux Kernel 2.6.34-rc3 ReiserFS xattr Privilege Escalation

!/usr/bin/env python ''' team-edward.py Linux Kernel http://jon.oberheide.org Information: https://bugzilla.redhat.com/showbug.cgi?id=568041 The kernel allows processes to access the internal ".reiserfspriv" directory at the top of a reiserfs filesystem which is used to store xattrs. Permissions...

ReiserFS (Linux Kernel 2.6.34-rc3 RedHat Ubuntu 9.10) - xattr Local Privilege Escalation

ReiserFS Linux Kernel 2.6.34-rc3 RedHat Ubuntu 9.10 - xattr Local Privilege Escalation !/usr/bin/env python ''' team-edward.py Linux Kernel http://jon.oberheide.org Information: https://bugzilla.redhat.com/showbug.cgi?id=568041 The kernel allows processes to access the internal ".reiserfspriv"...

ReiserFS (Linux Kernel 2.6.34-rc3 / RedHat / Ubuntu 9.10) - 'xattr' Local Privilege Escalation

!/usr/bin/env python ''' team-edward.py Linux Kernel http://jon.oberheide.org Information: https://bugzilla.redhat.com/showbug.cgi?id=568041 The kernel allows processes to access the internal ".reiserfspriv" directory at the top of a reiserfs filesystem which is used to store xattrs. Permissions...

DEBIAN-CVE-2010-0826

The Free Software Foundation FSF Berkeley DB NSS module aka libnss-db 2.2.3pre1 reads the DBCONFIG file in the current working directory, which allows local users to obtain sensitive information via a symlink attack involving a setgid or setuid application that uses this module...

CVE-2010-0826

The Free Software Foundation FSF Berkeley DB NSS module aka libnss-db 2.2.3pre1 reads the DBCONFIG file in the current working directory, which allows local users to obtain sensitive information via a symlink attack involving a setgid or setuid application that uses this module...

Design/Logic Flaw

The Free Software Foundation FSF Berkeley DB NSS module aka libnss-db 2.2.3pre1 reads the DBCONFIG file in the current working directory, which allows local users to obtain sensitive information via a symlink attack involving a setgid or setuid application that uses this module...

CVE-2010-0826

The Free Software Foundation FSF Berkeley DB NSS module aka libnss-db 2.2.3pre1 reads the DBCONFIG file in the current working directory, which allows local users to obtain sensitive information via a symlink attack involving a setgid or setuid application that uses this module...

CVE-2010-0826

The Free Software Foundation FSF Berkeley DB NSS module aka libnss-db 2.2.3pre1 reads the DBCONFIG file in the current working directory, which allows local users to obtain sensitive information via a symlink attack involving a setgid or setuid application that uses this module...

CVE-2010-0826

The CVE-2010-0826 issue affects the Free Software Foundation’s Berkeley DB NSS module (libnss-db) in the nss_db package (2.2.3pre1). The vulnerability arises because DB_CONFIG can be read from the current working directory, enabling a local attacker with setgid/setuid usage of the module to exfil...