Local root exploit for /usr/bin/ml85p, a suid binary which is vulnerable to a local symlink attack. It is included in Mandrake 8.0 by default.
7fc636ec99a7121c1576f6a3baa4cfa2f6d10bc5a5797fccdad14335a04ae46aTechSource Raptor GFX configurator (pgxconfig) local root exploit.
140bd06c09d0ea6b4a798e42c65d0be0a4fc0368f2b3fe0d930f987e273ac0f9Pgxconfig is a Raptor graphics card configuration tool for Solaris which has multiple local vulnerabilities. The environment is not sanitized and root privileges are not dropped, allowing commands to be run as root. Local root exploit included.
c672d208fcfc0115d16c23ed363ad4e7466f870b510a0b15f6d338ba4c585b0cSetXConf local root exploit for Corel linux v1.0 with xconf utils.
db447881a66d9c741450d6d7e316b1bb4edd263812be29422ab468e0194719f4Remote users can execute arbitrary commands on the web server with the priviledge level of the httpd process.
7e8843302cd134bdc683267eeed64db268f619dcb7483ba80947f7f20d7713d0SUID Advisory #11 - Matt Kruse Calandar Script. Remote users can execute arbitrary commands on the web server with the priviledge level of the httpd process.
2102559bca4495f792b2ed6f732d45e082c0bb8bbe38bb9c97587966db74cc1cCorel Linux dosemu config error. Local root compromise.
81ad1e0d833b1891556039a50544c4df1f8a580b3985a0e111e72d5f334fb2f2Corel xconf utils local root (among others) vulnerability.
f6cddf04b692fdedb8346c87a2db5002b0d59c1869dffcfc1a4715f491adcfcfSUID Advisory #10 - EZ Shopper 3.0 remote exploit. Anyone can execute any command on the remote system with the priveleges of the web server, and read any file on the remote system.
34f25822d0c29daeab945d4bb6017e10d3264a9d52550b4c41969e9cf382fd0dSUID Advisory #8 - Corel Linux 1.0 dosemu distribution configuration. Local users can take advantage of a packaging and configuration error (which has been known and documented for a long time) to execute arbitrary commands as root. Exploit description included.
96c2147114c2083d447c403b05ebe76f0fce1a1dd0a956feda12721668e91518SUID Advisory #7 - Corel xconf utils local root (among others) vulnerability - Local users can take advantage of lack of input validation and the lack of privilege dropping to gain root access, read any file, or perform a denial of service attack on Corel Linux systems.
e0779a0f39462f1e76553c9a16bd665c4bd32dbc04921ce7b2363ed40212fb1bSUID Advisory #6 - form.cgi and message.cgi. Anyone can execute any command on the remote system with the priveleges of the web server.
7218fd9d54aa6eeff4bbbbe4da3df325b9a0677e5cf227fce0be65494e9e7c7fSUID Advisory #5 - DCFORMS98.CGI Advisory - Anyone can create / truncate any file owned by the web server user.
622d24605c915932cd5a7cb660b480ecd49f2adef13453625c046a4da0b01370SUID Advisory #4 - BNBFORM.CGI. Any local user can create / append to / truncate any file owned by the web server user (nobody/apache/whatever).
c9aa67b4cd9ecd4e946053852b20e67d6099e04bc39c55ffe31b694f332a9f8eExample attack transcript against glftpd. This attack was performed against a default install with a single user account added.
70d7d889b43a2d66d151613a1294339e52ec80d676fc66dba686150ebe3bc64fSUID Advisory #3 - multiple vulnerabilities with glftpd 1.17.2 and below. glFtpD has several problems which can lead to a remote attacker attaining root on your machine.
a272432d911a54e3fb99833860deb64b564e9d6e701995805392d9edc3b36531SUID Advisory #1 Addendum - Insecure FTP server conventions can lead to remote binary execution on a remote ftp server. Anonymous users or users with valid ftp access only accounts may also execute arbitrary code. Exploit information included.
6085619944c5f878275760fe08277ed6862efad582615db209b144b5776e9d0bSUID Advisory #2 - Exploit for ascend router bugs as per NAI advisory.
8205e35efb8995ce9612e8285e123dadb6501023b4f5997f06706dd7fd8610a9There exists a vulnerability with certain configurations of certain ftp daemons with which users with a valid ftp only acccount on a system may execute arbitrary commands (including binaries supplied by themselves). There also exists the possibilty that anonymous ftp users may execute arbitrar y commands (also including binaries supplied by themselves). While this vulnerability is entirely configuration dependent. The required configuration is rather common. Exploit information here.
223f01ce4e2ad4bdfbd09c6989851a84ceba7d1fbe6c4a85a5d5802a338bf787
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed