Solaris 5.8 ldap / passwd local root exploit. Tested on SunOS 5.8 Generic_108528-06 sun4u sparc SUNW,Ultra-60.
976064b2ea77c1c8c443af7bd3a6b22094d124f55fdf673bb26f5205d6e334a3lmail local root exploit. Simply run it with the file you want to create/overwrite and the data you wish to place in the file.
ff21e217a7ee6a988dfe12d26ee5f7bdafde7ca74bec3f4eee9cbaa42d1ea328Webmail on the Cobalt Cube contains a directory traversal vulnerability which allows users with mailboxes to read any file on the system. Exploit URL's included. Verified to work against the Sun Cube III as well.
1affd95a288c842d09addf3da78a30cb53346dabcd3917f23ac63d00b2e272cfSolaris whodo local root exploit. Tested against SunOS 5.5.1, 5.7, and 5.8 for x86.
75132e64c0b577687b4b50af180faba96a00dcb5b64fa8ba8042f7cbbbd10957Solaris 8 libsldap local root exploit. Tested on an Ultra10 and an Enterprise 3500 with success.
703e2effcab17ca46f0f0820fae8e927c45ac8cfb996d67be8fc666421a7a8f2Georgi Guninski security advisory #48, 2001 - There is local root compromise in FreeBSD 4.3 due to design flaw which allows injecting signal handlers in other processes. Includes vvfreebsd.c, a local root exploit.
7713d19bc24aa7a9762066afdba62b29c53aa85272d88cc6bfb733c93872c401Tstot.c is a remote exploit for xloadimage for Red Hat 7.0. Xloadimage is a Netscape 4.77 helper application with a buffer overflow vulnerability. Binds a shell to a port. Fix available here.
7c5e9b0f582f8b9f8069d43e9559a992dd4b582e20d60a2d78d0443ffbdce520Cayman routers allow remote access by using } as the username.
a17e1c26d5bd70627c96f7b43f1922e3ad836ea6c06226251e575bf5202ffa13Cfingerd v1.4.3 and below Linux/x86 local root buffer overflow exploit.
5e415ed8282123a93e68f4a857a9f0ce4671a2b5267122c13f0a903a573d4994IBM db2 for Windows (98/NT/2000) is vulnerable to a simple remote denial of service attack via db2ccs.exe (listening on port 6790) and db2jds.exe (port 6789).
6c5296f9d72c17968922f22da1b6375455027b8746c894c2b6b6df7b0c2ccf53Cfingerd v1.4.3 and below local root buffer overflow exploit in perl. Exploits <a href="http://www.securityfocus.com/archive/1/192844"this</a> vulnerability.
7b79ae13d85cacf1b8ce314ae39684e5ad6ef29d9488a23ca3c28dde72ba702fMcAffee's MyCIO directory traversal vulnerability - Any machine running McAffee Agent ASaP VirusScan Software is vulnerable to a remote vulnerability which allows any file on the machine to be read. This software incorporates what is known as "Rumor Technology" that facilitates in the transfer of virus definitions between neighboring machines. This agent software runs as a service ("McAfee Agent") under the local system account and uses a light weight HTTP server that listens on TCP port 6515. Exploit URL included.
1345f062edc025c7dde3a594f427338427b307283d4fb5cae989577e8ec98887Cfingerd v1.4.3 and below remote root exploit. Slightly broken. Exploit redirects fopen() call to popen() and executes code from ~/.nofinger.
071f4a1a2ce57b1bfa0e3867ce11912d46f52d364d1efbfd8b9ae3b75029765bqDefense Advisory QDAV-2001-7-1 - Multiple CGI Flat File database manipulation vulnerability. Many CGI scripts store data, including passwords, in a flat file database, using special characters as field and row delimiters. An attacker is often able to manipulate these databases by inserting extra delimiter characters.
3adbc5bc17ca8d7fbb204c38878615f26bac047bfa7c0f36cb2770033770699fKppp (/usr/local/kde/bin/kppp) v1.1.2 and below local exploit. Tested against x86 and Sparc Linux.
6955c7c52f2070a0081b8194b5b560371868aee5f2f1508b33fcd2c8d10a32f7
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed