libcue provides an API for parsing and extracting data from CUE sheets. Versions 2.2.1 and prior are vulnerable to out-of-bounds array access. A user of the GNOME desktop environment can be exploited by downloading a cue sheet from a malicious webpage. Because the file is saved to ~/Downloads, it is then automatically scanned by tracker-miners. And because it has a .cue filename extension, tracker-miners use libcue to parse the file. The file exploits the vulnerability in libcue to gain code execution. This issue is patched in version 2.3.0. This particular archive holds three proof of concept exploits.
642dbf93a2ac7ad97ec0e5940fb62ec821a66ce449bbde84890a9695362e981a
Proof of concept exploit for a buffer overflow in strongSwan VPN's charon server.
381239d433a012d932de3871f064091c52ad26bb7b01de975c5e82fe37562652
Proof of concept exploit for a buffer overflow remote code execution vulnerability in librelp.
e494ed907a60d68aba585cbc21eba08e50daffab41973ff8ba84e679096953dc
Facebook Fizz suffered from a remotely triggerable infinite loop denial of service condition due to an integer overflow.
5af505c975ff4a29b7c3d8cd18aec2e20e97fd465a21a6d2441d3e348521e614
libssh proof of concept authentication bypass exploit, which, under certain conditions, may enable a remote attacker to gain unauthorized access to another user's account via ssh login. Versions 0.9.0 through 0.9.6 and 0.10.0 through 0.10.4 are affected.
9bd1a8957c6bb9f405736511d3ad44169c96d1094aebcfdbf0555a4786bbe3eb
Apple XNU kernel memory exposure proof of concept exploit that is designed for macOS High Sierra version 10.13.
38dd575e5b5287e0c5ce77e2d2ac39c63d630fc15948a59b9200382df1ff09b0
Proof of concept exploit for a remotely trigger-able heap buffer overflow vulnerability in iOS 11.4.1 and macOS 10.13.6. This exploit can be used to crash any vulnerable iOS or macOS device that is connected to the same network as the attacker's computer. The vulnerability can be triggered without any user interaction on the victim's device. The exploit involves sending a TCP packet with non-zero options in the IP and TCP headers.
5352cd5286d39bd38e49f40ff6d66d63f42d4b951311bef0126c92981172e14f
macOS NFS client buffer overflow proof of concept exploit. These issues were addressed in macOS version 10.13.6.
917b85555ca4494b492d414d04dedd1a7811edb66c81d2df1ef9435751ac4474
Proof-of-concept exploit for a remote code execution vulnerability in the packet-mangler component of macOS. The vulnerability was fixed in macOS High Sierra 10.13.5, which was released on June 1, 2018.
6bb19f476695922a3e4295da78b226643f1cf515a1ee4fc61b849f6bce9c9eb7
Proof of concept exploit for a double-free memory corruption vulnerability in Ubuntu accountsservice.
a24f0c965168bcc3814136c8ee24f8fd5c7b0fb07f7be9bcaa47978b144f0e8f
Proof of concept exploits for libsane. The first enumerates a series of memory corruption issues and the second pops a calculator.
5ceb1ae3ba7a731ca6ae7c87b33be4c77455ddf79d5edc4c07eb4b5cf09b23b2
Proof of concept exploit for an authentication bypass vulnerability in polkit.
458437eef69ad8bf3f51e3b80d608d2052ad08a989fbda8025248aff1d4b2a27
A vulnerability exists within the polkit system service that can be leveraged by a local, unprivileged attacker to perform privileged operations. In order to leverage the vulnerability, the attacker invokes a method over D-Bus and kills the client process. This will occasionally cause the operation to complete without being subjected to all of the necessary authentication. The exploit module leverages this to add a new user with a sudo access and a known password. The new account is then leveraged to execute a payload with root privileges.
4a469ac4141ad75d095a953ed9262ad9287b8c479e96a68695a89371d81439eb