CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3209 matches found

seebug.org•added 2009/02/23 12:0 a.m.•17 views

BSD/x86 - setuid/execve - 30 bytes

No description provided by source. / $Id: setuid-bsd.c,v 1.6 2004/06/02 12:22:30 raptor Exp $ setuid-bsd.c - setuid/execve shellcode for BSD/x86 Copyright c 2003 Marco Ivaldi [email protected] Short setuid0 and /bin/sh execve shellcode based on esdee's code. Tested on OpenBSD and FreeBSD. / ...

7.1AI score

Exploits0

seebug.org•added 2009/02/23 12:0 a.m.•16 views

BSD/x86 - execve(/bin/sh) & setuid(0) - 29 bytes

No description provided by source. / BSD version FreeBSD, OpenBSD, NetBSD. [email protected] 29 bytes. -setuid0; -execve/bin/sh; / char shellcode= "\x31\xc0" // xor %eax,%eax "\x50" // push %eax "\xb0\x17" // mov $0x17,%al "\x50" // push %eax "\xcd\x80" // int $0x80 "\x50" // push %eax...

7.1AI score

Exploits0

seebug.org•added 2009/02/21 12:0 a.m.•16 views

Linux/x86 - setuid(0) & execve(/bin/sh,0,0) - 28 bytes

No description provided by source. -------------------ASM---------------------- global start section .text start: ;setuid0 xor ebx,ebx lea eax,ebx+17h cdq int 80h ;execve"/bin/sh",0,0 xor ecx,ecx push ecx push 0x68732f6e push 0x69622f2f lea eax,ecx+0Bh mov ebx,esp int 80h...

7.1AI score

Exploits0

seebug.org•added 2009/02/21 12:0 a.m.•12 views

Linux/x86 - setuid / setgid / chroot break

No description provided by source. /----------------------------------------------------------------------/ / s390 shellcode 0x0a / 0x0 free / / setuid / setgid / chroot break / / code [email protected] / /----------------------------------------------------------------------/ char...

7.1AI score

Exploits0

seebug.org•added 2009/02/21 12:0 a.m.•17 views

Linux/x86 - setuid(0) && execve() - 25 bytes

No description provided by source. Hi, i've shrinked down the shellcode to 25 bytes, the smallest setuid & execve GNU/Linux shellcode without nulls that spawns a shell. -------------------------------------------------------------------------------------- SMALLEST SETUID & EXECVE GNU/LINUX x86...

7.1AI score

Exploits0

seebug.org•added 2009/02/20 12:0 a.m.•11 views

Linux/x86 - setuid(0) & chmod("/tmp",111) & exit(0)

No description provided by source. / Linux/x86 - setuid0 & chmod"/tmp",111 & exit0 Info reg ------------------ %eax = 23 %ebx = 0 %eax = 15 %ebx = /tmp %ecx = 111 %eax = 1 %ebx = 0 Shellcode 25 bytes Author: Jonathan Salwan submit AT shell-storm.org Web: http://www.shell-storm.org Disassembly of...

7.1AI score

Exploits0

Prion•added 2009/02/13 5:30 p.m.•16 views

Code injection

Russ Allbery pam-krb5 before 3.13, when linked against MIT Kerberos, does not properly initialize the Kerberos libraries for setuid use, which allows local users to gain privileges by pointing an environment variable to a modified Kerberos configuration file, and then launching a PAM-based setuid...

6.2CVSS6.9AI score0.0025EPSS

Exploits6References18Affected Software1

NVD•added 2009/02/13 5:30 p.m.•15 views

CVE-2009-0360

6.2CVSS6.3AI score0.0025EPSS

Exploits6References18

OSV•added 2009/02/13 5:30 p.m.•1 views

DEBIAN-CVE-2009-0361

Russ Allbery pam-krb5 before 3.13, as used by libpam-heimdal, su in Solaris 10, and other software, does not properly handle calls to pamsetcred when running setuid, which allows local users to overwrite and change the ownership of arbitrary files by setting the KRB5CCNAME environment variable, a...

4.6CVSS6.7AI score0.0007EPSS

Exploits1References1

Prion•added 2009/02/13 5:30 p.m.•14 views

Code injection

4.6CVSS6.7AI score0.0007EPSS

Exploits1References20Affected Software1

OSV•added 2009/02/13 5:30 p.m.•6 views

CVE-2009-0361

6.1AI score

Exploits0References20

NVD•added 2009/02/13 5:30 p.m.•14 views

CVE-2009-0361

4.6CVSS6.1AI score0.0007EPSS

Exploits1References20

Debian CVE•added 2009/02/13 5:0 p.m.•26 views

CVE-2009-0360

6.2CVSS8.8AI score0.0025EPSS

Exploits6

CVE•added 2009/02/13 5:0 p.m.•58 views

CVE-2009-0360

CVE-2009-0360 affects the PAM Kerberos library (pam-krb5) when linked against MIT Kerberos, where improper initialization for setuid use allows a local attacker to gain privileges by pointing an environment variable to a modified Kerberos config file and launching a PAM-based setuid application. ...

6.2CVSS8.8AI score0.0025EPSS

Exploits6References18Affected Software1

Debian CVE•added 2009/02/13 5:0 p.m.•40 views

CVE-2009-0361

4.6CVSS8.7AI score0.0007EPSS

Exploits1

Cvelist•added 2009/02/13 5:0 p.m.•19 views

CVE-2009-0360

9.1AI score0.0025EPSS

Exploits6References18

UbuntuCve•added 2009/02/13 12:0 a.m.•20 views

CVE-2009-0360

6.2CVSS5.9AI score0.0025EPSS

Exploits6References2

UbuntuCve•added 2009/02/13 12:0 a.m.•20 views

CVE-2009-0361

4.6CVSS6AI score0.0007EPSS

Exploits1References2

Tenable Nessus•added 2009/02/13 12:0 a.m.•29 views

Debian DSA-1721-1 : libpam-krb5 - several vulnerabilities

Several local vulnerabilities have been discovered in the PAM module for MIT Kerberos. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2009-0360 Russ Allbery discovered that the Kerberos PAM module parsed configuration settings from environment variables...

6.2CVSS5.4AI score0.0025EPSS

Exploits7References5

securityvulns•added 2009/02/12 12:0 a.m.•52 views

pam-krb5 security advisory (3.12 and earlier)

pam-krb5 security vulnerability Vulerability type: Local privilege escalation, local file overwrite Versions affected: All versions prior to 3.13 Versions fixed: 3.13 and later Reported: 2009-01-29 Public announcement: 2009-02-11 CVE IDs: CVE-2009-0360, CVE-2009-0361 A security vulnerability in...

6.2CVSS1.9AI score0.0025EPSS

Exploits7

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by