Linux/x86-64 - Read /etc/passwd + Write To /tmp/outfile Shellcode (105 bytes)

Linux/x86-64 - Read /etc/passwd + Write To /tmp/outfile Shellcode 105 bytes. Shellcode exploit for Linuxx86-64 platform ; =================================================================== ; Optimized version of shellcode at: ; http://shell-storm.org/shellcode/files/shellcode-867.php ; Author:...

Mathematica10.0.0 on Linux /tmp/MathLink vulnerability

The problem reported for Mathematica is present still at version 10.0.0 for the GUI interface the command-line interface may be "safe". Cheers, Paul Szabo [email protected] http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics University of Sydney Australia ---...

CVE-2014-4199

vm-support 0.88 in VMware Tools, as distributed with VMware Workstation through 10.0.3 and other products, allows local users to write to arbitrary files via a symlink attack on a file in /tmp...

CVE-2014-4199

vm-support 0.88 in VMware Tools, as distributed with VMware Workstation through 10.0.3 and other products, allows local users to write to arbitrary files via a symlink attack on a file in /tmp...

UBUNTU-CVE-2014-4199

vm-support 0.88 in VMware Tools, as distributed with VMware Workstation through 10.0.3 and other products, allows local users to write to arbitrary files via a symlink attack on a file in /tmp...

UBUNTU-CVE-2014-2524

The rltropen function in util.c in GNU readline before 6.3 patch 3 allows local users to create or overwrite arbitrary files via a symlink attack on a /var/tmp/rltrace.PID file...

Design/Logic Flaw

The rltropen function in util.c in GNU readline before 6.3 patch 3 allows local users to create or overwrite arbitrary files via a symlink attack on a /var/tmp/rltrace.PID file...

openSUSE: Security Advisory for ppc64-diag (openSUSE-SU-2014:0953-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

ppc64-diag: fix for tmp races and information disclosure (important)

ppc64-diag was updated to fix tmp race issues CVE-2014-4038 and a file disclosure problem in snapshot tarball generation CVE-2014-4039...

ppc64-diag: fix for tmp races and information disclosure (important)

ppc64-diag was updated to fix tmp race issues CVE-2014-4038 and a file disclosure problem in snapshot tarball generation CVE-2014-4039...

Medium: python-jinja2

Issue Overview: The default configuration for bccache.FileSystemBytecodeCache in Jinja2 before 2.7.2 does not properly create temporary files, which allows local users to gain privileges via a crafted .cache file with a name starting with jinja2 in /tmp. Affected Packages: python-jinja2 Issue...

Solaris 2.7 / 2.8 Catman - Local Insecure tmp Symlink Exploit

No description provided by source. !/usr/local/bin/perl -w The problem is catman creates files in /tmp insecurly. They are based on the PID of the catman process, catman will happily clobber any files that are symlinked to that file. The idea of this script is to create a block of symlinks to the...

ISDN4Linux 3.1 IPPPD Device String SysLog Format String Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/5437/info isdn4linux is a freely available, open source package of isdn compatibility tools. It is available for Linux operating systems. isdn4linux contains a format string vulnerability in the ipppd utility. In some...

SuSE 6.x/7.0 MkDir Error Handling rctab Race Condition Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/2207/info rctab is the Run Control Tab script included with the SuSE distribution of the Linux Operating System. SuSE is a freely available, Open Source Operating system maintained by SuSE Incorporated. A race condition i...

chkrootkit 0.49 - Local Root Vulnerability

No description provided by source. We just found a serious vulnerability in the chkrootkit package, which may allow local attackers to gain root access to a box in certain configurations /tmp not mounted noexec. The vulnerability is located in the function slapper in the shellscript chkrootkit:...

SuSE 6.x/7.0 MkDir Error Handling rctab Race Condition Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/2207/info rctab is the Run Control Tab script included with the SuSE distribution of the Linux Operating System. SuSE is a freely available, Open Source Operating system maintained by SuSE Incorporated. A race condition i...

SCO Unixware 7.1/7.1.1 ARCserver /tmp symlink Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/988/info A symlink following vulnerability exists in the ARCserve agent, as shipped with SCO Unixware 7. Upon startup, the asagent program will create several files in /tmp. These are created mode 777, and can be removed...

Red Hat Linux stickiness of /tmp

No description provided by source. from: http://marc.info/?l=full-disclosure&m=129842239022495&w=2 Developers should not rely on the stickiness of /tmp on Red Hat Linux --------------------------------------------------------------------- Recent versions of Red Hat Enterprise Linux and Fedora...

Linux Kernel 2.6 UDEV < 141 - Local Privilege Escalation Exploit

No description provided by source. / cve-2009-1185.c udev 141 Local Privilege Escalation Exploit Jon Oberheide [email protected] http://jon.oberheide.org Information: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1185 udev before 1.4.1 does not verify whether a NETLINK message originates...

X11R6 3.3.3 Symlink Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/326/info There is a symlink vulnerability known to exist under most modern linux and NetBSD distributions. It involves /tmp/.X11-unix and the tendency to follow to/overwrite the file pointed to if a symlink. It may be...