Poll It CGI v2.0 contains remote vulnerabilities which allow remote command execution and reading any file on the webserver. Fix available here.
fd9088695736bd46e4c9077587b083d3e9c5da61927f63fb6d161aa1e5963121
IISHack 1.5 attempts to remotely exploit a local buffer overflow in the IIS 4.0 and 5.0 .asp file parsing mechanism using the unicode bug, resulting in remote system access.
afcef2c9b91202ec97d8ad74851f7050f034f962c38fb8bf8733f531b474694d
HP-UX vB.11.00 comes with /bin/cu SUID bin, which has a buffer overflow in the -l switch.
77af8460241fd99399a8eb2a90950ce6aa3a1b5653ac799c208865c42b2ef1d5
KDE File Manager can be tricked into executing commands as root by creating a HTML file with a link to a binary.
d7f5f0c29d8e33e3eae4d5bbd47b000527c71b64246f27d556cd28df0782ba0e
Mandrake 7.1's /usr/bin/urpmi allows attackers to install RPM's as root if they have an account in the urpmi group and possibly physical access.
7c9b89ae1b7901292c8d5b0902bedd8ccaad79f8cc4b4e2702d359ba016ff272
Restore (/sbin/restore) v0.4b15 local root exploit. Tested against Redhat 6.2.
25b1655a9902e87c0615e5d189cded02d9d32a74028c352acca92baf010d53b9
Dump v0.4b15 for Linux on Redhat and others contains a trivial local root vulnerability.
1cc730edaf82d8cf8af5f2a4f514fb02bdc686371b3f7ccea5653645df6e3c84
Dump v0.4b15 and below for Linux contains a trivial local root vulnerability. Includes proof of concept exploit tested on Redhat 6.2.
619ad6db79eab76deef0e838677432fc6d3bd08d012469e9ae413de13b917212