3209 matches found
USN-700-2: Perl regression
USN-700-1 fixed vulnerabilities in Perl. Due to problems with the Ubuntu 8.04 build, some Perl .ph files were missing from the resulting update. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Jonathan Smith discovered that the Archive::Tar Perl modul...
kernel: open() call allows setgid bit when user is not in new file's group
fs/open.c in the Linux kernel before 2.6.22 does not properly strip setuid and setgid bits when there is a write to a file, which allows local users to gain the privileges of a different group, and obtain sensitive information or possibly have unspecified other impact, by creating an executable...
Privilege escalation via PR_SET_PDEATHSIG
Linux kernel 2.4.35 and other versions allows local users to send arbitrary signals to a child process that is running at higher privileges by causing a setuid-root parent process to die, which delivers an attacker-controlled parent process death signal PRSETPDEATHSIG...
FreeBSD Ports: p5-File-Path
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Privilege escalation via PR_SET_PDEATHSIG
Linux kernel 2.4.35 and other versions allows local users to send arbitrary signals to a child process that is running at higher privileges by causing a setuid-root parent process to die, which delivers an attacker-controlled parent process death signal PRSETPDEATHSIG...
FreeBSD : p5-File-Path -- rmtree allows creation of setuid files (13b0c8c8-bee0-11dd-a708-001fc66e7203)
Jan Lieskovsky reports : perl-File-Path rmtree race condition CVE-2005-0448 was assigned to address this This vulnerability was fixed in 5.8.4-7 but re-introduced in 5.8.8-1. It's also present in File::Path 2.xx, up to and including 2.07 which has only a partial fix. %NASLMINLEVEL 70300 C Tenable...
Solaris/x86 - setuid(0) + /bin/cat /etc/shadow Shellcode (61 bytes)
Solaris/x86 - setuid0 + /bin/cat /etc/shadow Shellcode 61 bytes. Shellcode exploit for Solarisx86 platform. Tags: Metasploit Framework MSF Name = John Babio Twitter = 3vi1john SunOS opensolaris 10 5.11 i86pc i386 i86pc setuid0 /bin/cat //etc/shadow char code=...
Solaris/SPARC - Bind TCP (2001/TCP) Shell (/bin/sh) Shellcode
Solaris/SPARC - Bind TCP 2001/TCP Shell /bin/sh Shellcode. Shellcode exploit for SolarisSPARC platform !!! $Id: sparc-bind.s,v 1.1 2003/03/01 01:10:51 ghandi Exp $ !!! Bind /bin/sh to TCP port 2001. Calls setuid0 so /bin/sh won't !!! drop privileges. After assembly, change the third byte in the !...
Linux/x86 - setuid(0) + execve(/bin/sh, 0, 0) Shellcode (27 bytes)
Linux/x86 - setuid0 + execve/bin/sh, 0, 0 Shellcode 27 bytes. Shellcode exploit for Linuxx86 platform include include / by Magnefikko 24.04.2010 [email protected] Promhyl Studies :: http://promhyl.oz.pl Subgroup: PRekambr Name: 27 bytes setuid0 ^ execve"/bin/sh", 0, 0 shellcode Platform: Linux...
Linux/x86 - setuid(0) + execve("/bin/sh",0,0) Shellcode (28 bytes)
Linux/x86 - setuid0 + execve"/bin/sh",0,0 Shellcode 28 bytes. Shellcode exploit for Linuxx86 platform / linux/x86 setuid0 & execve"/bin/sh",0,0 28 bytes http://www.gonullyourself.org sToRm I made this, because http://www.milw0rm.com/shellcode/7115 felt the need to express his "superior" 28-byte...
BSD/x86 - setuid(0) + Break chroot (../ 10x Loop) + execute /bin/sh Shellcode (57 bytes)
BSD/x86 - setuid0 + Break chroot ../ 10x Loop + execute /bin/sh Shellcode 57 bytes. Shellcode exploit for BSDx86 platform / The setuid0+chroot+execve shellcode it will: setuid0 put '../' 10 times in chroot execute /bin/sh Size 57 bytes OS BSD /rootteam/dev0id rootteam.void.ru [email protected]...
Linux/x86 - setuid(0) + Break chroot (../ 10x Loop) Shellcode (34 bytes)
Linux/x86 - setuid0 + Break chroot ../ 10x Loop Shellcode 34 bytes. Shellcode exploit for Linuxx86 platform / The setuid0+chroot shellcode. It is the one of the smallest shellcodes in the !!world!! it will put '../' 10 times Size 34 bytes OS Linux /rootteam/dev0id rootteam.void.ru...
Linux/x86 - setuid(0) + execve(/bin/sh) Shellcode (29 bytes)
Linux/x86 - setuid0 + execve/bin/sh Shellcode 29 bytes. Shellcode exploit for Linuxx86 platform / 29 byte-long setuid0 + execve"/bin/sh",... shellcode by Marcin Ulikowski / include char shellcode = "\x31\xdb" / xor %ebx,%ebx / "\x8d\x43\x17" / lea 0x17%ebx,%eax / "\xcd\x80" / int $0x80 / "\x53" /...
Alpha - setuid() Shellcode (156 bytes)
Alpha - setuid Shellcode 156 bytes. Shellcode exploit for Alpha platform char shellcode= "\x30\x15\xd9\x43" / subq $30,200,$16 / "\x11\x74\xf0\x47" / bis $31,0x83,$17 / "\x12\x14\x02\x42" / addq $16,16,$18 / "\xfc\xff\x32\xb2" / stl $17,-4$18 / "\x12\x94\x09\x42" / addq $16,76,$18 /...
Linux/x86 - setuid(0) + Load Kernel Module (/tmp/o.o) Shellcode (67 bytes)
Linux/x86 - setuid0 + Load Kernel Module /tmp/o.o Shellcode 67 bytes. Shellcode exploit for Linuxx86 platform / The shellcode sets uid == 0 and loads the kernel module from /tmp/o.o size = 67 bytes OS = Linux i386 written by /rootteam/dev0id rootteam.void.ru [email protected] BITS 32 jmp shor...
OpenBSD/x86 - setuid(0) + Load Kernel Module (/tmp/o.o) Shellcode (74 bytes)
OpenBSD/x86 - setuid0 + Load Kernel Module /tmp/o.o Shellcode 74 bytes. Shellcode exploit for OpenBSDx86 platform / The modload shellcode setuid0 loads /tmp/o.o module very usefull if you have rootkit as kernel module in the /tmp dir Size 74 bytes OS OpenBSD /rootteam/dev0id rootteam.void.ru...
BSD/x86 - setuid(0) + Break chroot (../ 10x Loop) Shellcode (34 bytes)
BSD/x86 - setuid0 + Break chroot ../ 10x Loop Shellcode 34 bytes. Shellcode exploit for BSDx86 platform / The setuid0+chroot shellcode. It is the one of the smallest shellcodes in the !!world!! it will put '../' 10 times Size 34 bytes OS BSD /rootteam/dev0id rootteam.void.ru [email protected]...
Linux/x86 - setuid() + execve() + exit() Shellcode (44 bytes)
Linux/x86 - setuid + execve + exit Shellcode 44 bytes. Shellcode exploit for Linuxx86 platform / Linux x86 shellcode by bob / / setuid; execve; exit; / include char shellcode= "\x31\xc0\x31\xdb\x31\xc9\xb0\x17\xcd\x80" "\x31\xc0\x50\x68\x6e\x2f\x73\x68\x68\x2f"...
Linux/x86 - setuid(0) + chmod(/etc/shadow, 0666) Shellcode (37 bytes)
Linux/x86 - setuid0 + chmod/etc/shadow, 0666 Shellcode 37 bytes. Shellcode exploit for Linuxx86 platform / Title: linux/x86 setuid0 + chmod"/etc/shadow", 0666 Shellcode 37 Bytes Type: Shellcode Author: antrhacks Platform: Linux X86 / / ASSembly 31 db xor %ebx,%ebx b0 17 mov $0x17,%al cd 80 int...
Important: Red Hat Security Advisory: kernel security and bug fix update
Updated kernel packages that resolve several security issues and fix various bugs are now available for Red Hat Enterprise Linux 3. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any...