Firebird has 3 binaries: gds_inet_server, gds_drop, and gds_lock_mgr, which all use insufficent bounds checking in conjunction with getenv(), making each one susceptible to local exploitation. Enclosed are two local root exploits tested against versions 1.0.0 and 1.0.2 on FreeBSD.
7841bcf9369b0cfc917765429ceb7118d676bfc4a650b097f57716bfab790d9aLocal root exploit for the bounds checking vulnerability found in the utility youbin.
87875ae0421b2986889e445fb60844fbfbac8b79aed78b2e768d51ed7601cfdfyoubin, the utility that acts as a network version of the utility biff, has insufficient bounds checking that allows arbitrary code execution.
246db609e0835a2434298e984b43373b3bfa91bc54ee98a12910070f03a1b529mIRC versions 6.03 and below has limited visibility during a DCC GET that allows for an attacker to spoof a legitimate file and instead send an executable that can lead to a compromise.
1526285a6cfee9ec7f27c916f95f1a43e3c750528310833886e933edd45409b5UnitedLinux 1.0 ships with /usr/src/packages recursively set with full read, write, and execute permissions which makes way for planting of rogue source, ultimately leading to a full system compromise.
1ec77d05a51e34bf8f10fddbcea60b702cb5fe474c39d04ba118f2d496c1a10eRs_iis_xpl.pl is a remote exploit for rs_iis.c, a remote IIS exploit. Sets up a web server, and if rs_iis.c is used to attempt an exploit, a shell will be spawned on the attacking host. Tested against FreeBSD 4.7-RELEASE-p7.
53a1d6f18d614b512a0d0c1ca5a75101a70147c7534c005448527d40e2891a82Local exploit to get gid of games for toppler.
dafe4a741510221ea6c66764660c6cb121ba22750610c8274faa4a3558e27179Sircd v0.4.0 and below and v0.4.4 from CVS before 04/02-03 contains buffer overflow vulnerabilities which allow remote users to execute arbitrary code. Exploit available here.
e6cd4e6b3ed5a50f2058983327655cd6782b4cf9f1554404cf8127b30d18f04cMoxftp v2.2 and below contains buffer overflow vulnerabilities which allow remote code execution. Includes exploit code which sends a shell.
54be2adad039f538737f860941fe34b2b93d3ad224244b1cd758a91759d8f841Local Exploit for a buffer overflow in /usr/ports/games/nethack32 which gives a privilege escalation to group id games.
abb5288b7bfd7cc323676bad19715c4a998d3dc8a42907c4990dee00d5bc2822iDEFENSE Security Advisory 02.10.03: Eset Software's NOD32 Antivirus System is a cross-platform anti-virus application which contains a locally exploitable buffer overflow on the Unix version which could allow attackers to gain root privileges.
9c873e85cfe6992b13b2e8da5382e348d3979db26cf79e682de57495f210babfThe code that sets the programs title bar in AbsoluteTelnet contains a buffer overflow vulnerability that can allow code execution. This affects AbsoluteTelnet version 2.00, 2.11 and has been fixed in this beta version of AbsoluteTelnet.
65f6d610ec78851f395bbebde3a968de65fed38e03e1bd3371bc86a90631695fiDEFENSE Security Advisory 01.28.03 - It has been found that several SSH clients leave authentication data unprotected in the system memory while connecting to a remote host using the SSH2 protocol. Anyone with read access to the system memory can retrieve and abuse this information.
f96e214d26eae0377c74c3630c49679d41e66ba1f20315afe47ab9a17bed5cd3Cbos2.4.3DoS.rar is a small demo video showing how to perform a denial of service attack against a cisco CBOS 2.4.3 using mIRC.
fa556397eedbb0b4b20661bef78b1659786aff6c9f31946f3c955ff5fc3a5b35
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed