Linux Kernel (Solaris 10 / < 5.10 138888-01) - Local Privilege Escalation

/ hoagiesolarissiocgtunparam.c LOCAL SOLARIS KERNEL ROOT EXPLOIT ipifill is used for mutex enter so we have to set the offet for an illt structure. Later putnext will be called with a queue see illt. We can use this queue to add a custom callback function that is used by putnext. ipif.c /...

Avast! 4.7 - aavmker4.sys Local Privilege Escalation

Avast! 4.7 - aavmker4.sys Local Privilege Escalation !/usr/bin/python avast! 4.7 aavmker4.sys privilege escalation http://www.trapkit.de/advisories/TKADV2008-002.txt CVE-2008-1625 Tested on WindXpSp2/Sp3 Dep ON Matteo Memelli ryujin A-T offensive-security.com www.offensive-security.com Spaghetti ...

Avast! 4.7 Privilege Escalation

!/usr/bin/python avast! 4.7 aavmker4.sys privilege escalation http://www.trapkit.de/advisories/TKADV2008-002.txt CVE-2008-1625 Tested on WindXpSp2/Sp3 Dep ON Matteo Memelli ryujin A-T offensive-security.com www.offensive-security.com Spaghetti & Pwnsauce - 17/04/2010 Tested on WinXPSP2/SP3 englis...

Avast! 4.7 - 'aavmker4.sys' Local Privilege Escalation

!/usr/bin/python avast! 4.7 aavmker4.sys privilege escalation http://www.trapkit.de/advisories/TKADV2008-002.txt CVE-2008-1625 Tested on WindXpSp2/Sp3 Dep ON Matteo Memelli ryujin A-T offensive-security.com www.offensive-security.com Spaghetti & Pwnsauce - 17/04/2010 Tested on WinXPSP2/SP3 englis...

Solaris/Open Solaris UCODE_GET_VERSION IOCTL Denial of Service

No description provided by source. / cve-2010-0453.c -- Patroklos Argyroudis, argp at domain census-labs.com Denial of service kernel panic PoC exploit for the UCODEGETVERSION ioctl NULL pointer dereference vulnerability on Solaris/OpenSolaris: http://www.trapkit.de/advisories/TKADV2010-001.txt...

SolarisOpen Solaris UCODE_GET_VERSION IOCTL - Denial of Service

SolarisOpen Solaris UCODEGETVERSION IOCTL - Denial of Service / cve-2010-0453.c -- Patroklos Argyroudis, argp at domain census-labs.com Denial of service kernel panic PoC exploit for the UCODEGETVERSION ioctl NULL pointer dereference vulnerability on Solaris/OpenSolaris:...

Solaris/Open Solaris UCODE_GET_VERSION IOCTL - Denial of Service

/ cve-2010-0453.c -- Patroklos Argyroudis, argp at domain census-labs.com Denial of service kernel panic PoC exploit for the UCODEGETVERSION ioctl NULL pointer dereference vulnerability on Solaris/OpenSolaris: http://www.trapkit.de/advisories/TKADV2010-001.txt...

MPlayer Stack Buffer Overflow

!/usr/bin/perl MPlayer 1.0rc2 TwinVQ Stack Buffer Overflow PoC PoC by Amirreza Aminsalehi "sCORPINo" Proud To be an Abay scorpino x40 gmail x2e com Snoop Security Researching Committee www.snoop-security.com Originaly this bug discovered by Tobias Klein advisory @...

Panda Security cpoint.sys Kernel Memory Corruption

A vulnerability in the 'Cpoint.sys' kernel driver shipped with Panda Antivirus+ Firewall 2008 and Panda Internet Security 2008 fails to sufficiently validate IOCTL requests before processing them. A local attacker may be able to leverage this issue to execute arbitrary code with kernel privileges...