Lucene search
K

161 matches found

Exploit DB
Exploit DB
added 2016/03/23 12:0 a.m.41 views

Apple Mac OSX / iOS - SUID Binary Logic Error Kernel Code Execution

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=676 tl;dr The code responsible for loading a suid-binary following a call to the execve syscall invalidates the task port after first swapping the new vmmap into the old task object leaving a short race window where we can manipula...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2016/03/10 12:0 a.m.959 views

Exim < 4.86.2 - Local Privilege Escalation

============================================= - Advisory release date: 10.03.2016 - Created by: Dawid Golunski - Severity: High/Critical ============================================= I. VULNERABILITY ------------------------- Exim 4.86.2 Local Root Privilege Escalation Exploit II. BACKGROUND...

7CVSS5.7AI score0.05901EPSS
Exploits13
0day.today
0day.today
added 2016/03/10 12:0 a.m.90 views

Exim < 4.86.2 - Privilege Escalation

Exploit for linux platform in category local exploits ============================================= - Advisory release date: 10.03.2016 - Created by: Dawid Golunski - Severity: High/Critical ============================================= I. VULNERABILITY ------------------------- Exim 4.86.2 Local...

6.9CVSS0.2AI score0.05901EPSS
Exploits13
exploitpack
exploitpack
added 2016/01/21 12:0 a.m.28 views

NTP - Local Privilege Escalation

NTP - Local Privilege Escalation Source: http://www.halfdog.net/Security/2015/NtpCronjobUserNtpToRootPrivilegeEscalation/ Introduction Problem description: The cronjob script bundled with ntp package is intended to perform cleanup on statistics files produced by NTP daemon running with statistics...

0.5AI score
Exploits0
exploitpack
exploitpack
added 2015/12/02 12:0 a.m.31 views

Man-db 2.6.7.1 - Local Privilege Escalation

Man-db 2.6.7.1 - Local Privilege Escalation / EDB Note: man:man - man:root http://www.halfdog.net/Security/2015/SetgidDirectoryPrivilegeEscalation/ man:root - root:root http://www.halfdog.net/Security/2015/MandbSymlinkLocalRootPrivilegeEscalation/ CreateSetgidBinary.c...

0.5AI score
Exploits0
Exploit DB
Exploit DB
added 2015/12/02 12:0 a.m.44 views

Man-db 2.6.7.1 - Local Privilege Escalation

/ EDB Note: man:man - man:root http://www.halfdog.net/Security/2015/SetgidDirectoryPrivilegeEscalation/ man:root - root:root http://www.halfdog.net/Security/2015/MandbSymlinkLocalRootPrivilegeEscalation/ CreateSetgidBinary.c...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2014/12/11 12:0 a.m.52 views

[CVE-2014-7302] SGI SUID Root Privilege Escalation

SGI SUID Root Privilege Escalation Software: SGI Tempo SGI ICE-X Supercomputers Affected Versions: Unknown CVE Reference: CVE-2014-7302 Author: Luke Jennings, John Fitzpatrick, MWR Labs Severity: Medium Risk Vendor: Silicon Graphics International Corp SGI Vendor Response: Uncooperative Descriptio...

0.7AI score0.00562EPSS
Exploits2
Packet Storm
Packet Storm
added 2014/12/10 12:0 a.m.55 views

SGI Tempo vx Setuid Privilege Escalation

SGI SUID Root Privilege Escalation Software: SGI Tempo SGI ICE-X Supercomputers Affected Versions: Unknown CVE Reference: CVE-2014-7302 Author: Luke Jennings, John Fitzpatrick, MWR Labs Severity: Medium Risk Vendor: Silicon Graphics International Corp SGI Vendor Response: Uncooperative Descriptio...

5.8CVSS1.1AI score0.00562EPSS
Exploits2
0day.today
0day.today
added 2014/09/25 12:0 a.m.106 views

Mac OS X VMWare Fusion Root Privilege Escalation Exploit

This abuses the bug in bash environment variables CVE-2014-6271 to get a suid binary inside of VMWare Fusion to launch our payload as root. This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'rex...

10CVSS1.2AI score0.99999EPSS
Exploits130
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.12 views

ibstat $PATH Privilege Escalation

No description provided by source. This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class Metasploit4 Msf::Exploit::Local Rank = ExcellentRanking include Msf::Post::File include Msf::Exploit::FileDropper def initializein...

6.7AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.25 views

Ubuntu Linux 'mountall' Local Privilege Escalation Vulnerability

No description provided by source. Source: http://www.securityfocus.com/bid/43084/info !/bin/sh by fuzz. For Anux inc. ubuntu 10.04 , 10.10 if -z $1 then echo usage: $0 UDEV KERNEL EVENT echo see here http://www.reactivated.net/writingudevrules.html exit fi cat usn985-exploit.sh EOF !/bin/sh chow...

7.1AI score
Exploits0
0day.today
0day.today
added 2014/04/04 12:0 a.m.76 views

ibstat $PATH Privilege Escalation Exploit

Exploit for linux platform in category local exploits This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class Metasploit4 "ibstat $PATH Privilege Escalation", "Description" = %q This module exploits the trusted $PATH...

7.2CVSS6.3AI score0.02846EPSS
Exploits8
Packet Storm
Packet Storm
added 2014/04/03 12:0 a.m.42 views

ibstat $PATH Privilege Escalation

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class Metasploit4 "ibstat $PATH Privilege Escalation", "Description" = %q This module exploits the trusted $PATH environment variable of the SUID binary "ibstat". , "Autho...

7.2CVSS1.3AI score0.02846EPSS
Exploits8
Metasploit
Metasploit
added 2014/02/27 9:56 p.m.69 views

ibstat $PATH Privilege Escalation

This module exploits the trusted $PATH environment variable of the SUID binary "ibstat". This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ibstat $PATH Privilege Escalation', 'Description' = %q...

7.2CVSS7.1AI score0.02846EPSS
Exploits8
Tenable Nessus
Tenable Nessus
added 2013/07/12 12:0 a.m.53 views

Oracle Linux 5 : Important:kernel (ELSA-2007-0940)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2007-0940 advisory. 2.6.18-8.1.15.0.1.el5 - Fix bonding primary=ethX Bert Barbe IT 101532 ORA 5136660 - Add entropy module option to e1000/bnx2 John Sobecki ORA 6045759...

5CVSS5.8AI score0.03454EPSS
Exploits2References10
Packet Storm
Packet Storm
added 2012/11/30 12:0 a.m.28 views

Oracle Gridengine sgepasswd Buffer Overflow

======= Summary ======= Name: Oracle Gridengine sgepasswd Buffer Overflow Release Date: 30 November 2012 Reference: NGS00107 Discoverer: Edward Torkington Vendor: Oracle Vendor Reference: Systems Affected: Multiple packages - version 62u7 Risk: High Status: Published ======== TimeLine ========...

0.7AI score
Exploits0
securityvulns
securityvulns
added 2007/12/03 12:0 a.m.49 views

sing &#40;debian&#41; vunlerability?

Hello, The sing utility Send Nasty ICMP Garbage is a ping replacement that allows sending ICMP packets with spoofed source and custom ICMP types/codes http://sourceforge.net/projects/sing. The debian package provides sing as a suid binary actually, the sid distribution asks the user whether he'd...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2007/03/20 12:0 a.m.31 views

OpenAFS filesystem privilege esccalation

Attacke can make fake suid binary on network disk by using protocol weakness...

7.5CVSS3.4AI score0.02522EPSS
Exploits0References1Affected Software1
seebug.org
seebug.org
added 2007/03/05 12:0 a.m.48 views

Zend Platform ini_modifier工具非授权操作漏洞

Zend Platform是企业级PHP应用的运行时平台环境。 Zend Platform软件包的inimodifier工具在使用上存在漏洞,本地攻击者可能利用此漏洞提升权限。 在安装Zend Platform过程中安装了一个名为inimodifier的suid组二进制程序。 $ ls -la /usr/local/Zend/sbin/inimodifier -rwxr-sr-x 1 root zendtech 243240 2006-08-14 16:24 inimodifier...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2006/11/16 12:0 a.m.30 views

linux/x86 - setuid0 + execve/bin/sh 28 bytes

linux/x86 setuid0 + execve/bin/sh 28 bytes. Shellcode exploit for linx86 platform / revenge-setuid.c, v1.0 2006/09/30 14:57 linux/x86 setuid0 + execve"/bin//sh", "/bin//sh", NULL shellcode once again... setuid 6 bytes + execve 22 bytes = 28 bytes Same as revenge-execve.c we start the 2 system cal...

7.4AI score
Exploits0
Rows per page
Query Builder