Monit versions 4.1 and below remote denial of service exploit. Tested on Mandrake 9.1.
fd0e0cb327f08cd59490c5fa7b8eb5cdf849d936a4d69a4b1ac7526e864adcdd
/usr/sbin/grpck local buffer overflow exploit. Note that grpck is not setuid by default. Tested on Red Hat 7.3 and 8.0, Cobalt Linux 6.x and 7.x, Debian 2.1 and 2.2, and Mandrake 8.1 and 8.2.
2f0dd037d94f0621fdf5899a98d3b4876af41cefc6e9b04e0ac95bd98280d88a
RPM Finder Project version 1.2 is a utility that works much like the rpmfind.net site. It supports RedHat and Mandrake Linux.
6459a4c851ab66b8349b4e3c4a5708961d44bcb8b8619a9b9ba72fa620066729
RPM Finder Project version 1.0 is a utility that works much like the rpmfind.net site. It currently only supports RedHat but will support Mandrake and Suse in its future releases.
d9c5fb359c7e6f5c54e12b8ab53f4c8ef840ca39788e0fc250de49320730453b
Remote exploit for a buffer overflow in the Gnome Batalla Naval Game Server version 1.0.4. Gives user id of the account running the game server. Tested against Mandrake 9.0.
cde6233cf7588be614a0ea2f37489285004f595d61eea69313054f376fa2ca78
0x333cya.tar.gz is a Mandrake 9.0 local root exploit which uses bugs in the printer-drivers package. Cya.c gets group sys privileges with a bug in /usr/bin/mtink, and anger.c uses the sys privileges to exploit a bug in /usr/bin/ml85p, spawning a root shell.
70657304dd82f3abb9e1d3e4213fb7c9ef61e403dcb80f896244e21d59e50168
Mandrake Linux Security Advisory MDKSA-2003:015 - A buffer overflow vulnerability was discovered in slocate by team USG. The overflow appears when slocate is used with the -c and -r parameters, using a 1024 (or 10240) byte string. This has been corrected in slocate version 2.7. Affected Mandrake versions: 8.0, 8.1, 8.2 and 9.0
aadb5388056e5519e20c8bceae53605626d6a2a12bf45477b585fd83693fef06
Mandrake Linux Security Advisory MDKSA-2003:014 - An updated kernel for Mandrake 9.0 is available with a number of bug fixes. This new package also fixes a security problem that allows non-root users to freeze the kernel, and a fix for a vulnerability in O_DIRECT handling that can create a limited information leak. This last bug also allows users to create minor file system corruption (this can easily be repaired by fsck).
c116e3fc3745453b25f2c7dce5ded5e55c55e7bc93d37b907f46a59d8a81e5a1
ISC dhcpd v3.0.1rc8 and below remote root format string exploit. Tested against Debian 3.0, Mandrake 8.1, Red Hat 7.2, 7.3, and 8.0, and SuSE 7.3. Includes the option to check for vulnerability on any platform by crashing the service.
dc98b1acb4120f20825c608246e44cb64ff5010e26e9ed5cbf306e84e6158122
iDEFENSE Security Advisory 01.21.03: Buffer Overflows in Mandrake Linux printer-drivers Package. Three vulnerabilities exist, the worst of which allows local root compromise. Overflows in the mtink and escputil binaries, which are set group id sys, allow an attacker to gain sys group privileges. A race condition in the ml85p binary, which is set user id root, allows an attacker to create a file with super user privileges.
7176f37ea45e1920e9e214222d1b7446b1bb27eb36daf186f9b7edeb3b38a417
Stunnel v3.15 - 3.21 remote format string exploit. Tested against Red Hat 7.2, 7.3, 8.0, Slackware 8.1, Debian GNU 3.0, and Mandrake 9.0. More information on the bug available here.
532b98b86e389878816da8e1e91e5367bcb977b9463a85ff0fd56f7f70b0b4fd
Mandrake 8.2 linuxconf local root exploit.
10ac292ecd095adfff7090099b436f9adcb2b98fee0c74a8249eeff765272b78
/usr/sbin/grpck proof of concept local exploit. Not setuid by default. Tested on SuSE, Red Hat, Debian, and Mandrake.
71bfe6e2e647879dfcd24d8f56b296965f537cb2bd0c0b575f192e247aeefcfd
The Bastille Hardening System attempts to "harden" or "tighten" the Linux/Unix operating systems. It currently supports Red Hat and Mandrake systems, with support on the way for Debian, SuSE, TurboLinux and HP-UX. We attempt to provide the most secure, yet usable, system possible. Screenshot available here..
fb6d096a829d4241956085f69b5c3dde765b7ef522d6db5c5f2603f328ea2a3b
Linuxconf v1.28r3 and below local exploit which uses the ptrace method to find the offset. Tested on Mandrake 8.0 and 8.2, and Redhat 7.2 and 7.3.
7c69399dd7f5a08de186e149072b4b0ffad0e4adecf6598bc7fb8d45d8cc6354
Linuxconf local root exploit for Mandrake 8.2.
bbdecd617d05c630f7b5a45d0f9bbe2c7853751345d776a2859834b022570a38
Autolinuxconf.tgz is an improved exploit for linuxconf <= 1.28r3 which has been found to work on Mandrake 8.1 and 8.2 and Redhat 7.2 and 7.3.
3d5644a86004378365d91810e8826011af33787751064d3f5d6d4b4957895086
Pwck local linux buffer overflow exploit. Tested on Mandrake 8.2.
fa3f2ddf78013d48703efa19452ce9f8e3c69395f423649d3359d47dbfe38e6c
Another Proof of Concept exploit for the local buffer overflow vulnerability existing in linuxconf v1.28r3 and below which allows users to spawn a root shell. Tested on Mandrake Linux 8.2.
92e6ec24f409a9f1006245445fec7ad60fc8f719a98109578dd3758317bd6a9c
IBM x86 Informix SE-7.25 sqlexec local root exploit. Overflows the INFORMIXDIR environment variable passed to the sqlexec binary. Offsets for Redhat 7.0 and Mandrake 8.2 included.
51fb5d073c8119f0f6b35e7780a8c034299174f9e239cfe43b734a26ce42b317
Mandrake Linux security advisory MDKSA-2002:037-1 - ISC DHCPD in its version 3 introduced new dns-update features. ISC DHCPD v3.0 to 3.0.1rc8 is vulnerable to a remote root format string bug attack, while reporting the result of a dns-update request.
42232836f0d3fb1ef90a2677417ea2433081cd0f3beee7cf19875a6a8511d9c2
Mandrake Linux security advisory MDKSA-2002:034 - A remote overflow found in the WU-IMAP daemon v2001a and below affects Mandrake 7.1, 7.2, 8.1, 8.2 and Corporate Server 1.0.1.
ccb9e4f0cf15f78cf499d5204b26c83fea31cfd471f6bf7d99bdaded7df24b9e
Mandrake Security Advisory MDKSA-2002:033 - A vulnerability found in all versions of Webmin prior to v0.970 allows remote users to login to Webmin as any user. The affected Mandrake versions are 7.1, 7.2, 8.0, 8.1, 8.2, Corporate Server 1.0.1 and Single Network Firewall 7.2.
7b53ede13b33631621686fe27cf7981287d076bdaa27520dcebdca3a089ccfac
Mandrake Linux security advisory MDKSA-2002:030 - A vulnerability found in the netfilter package can result in a serious information leak that can expose filter rules and network topology information. This vulnerability affects Mandrake Linux 8.0, 8.1 and 8.2 .
59e7afed923c050dc1ea8b370801e26faa6d4802d4f005f42c0071dfb5236c14
The Bastille Hardening System attempts to "harden" or "tighten" the Linux/Unix operating systems. It currently supports Red Hat and Mandrake systems, with support on the way for Debian, SuSE, TurboLinux and HP-UX. We attempt to provide the most secure, yet usable, system possible. Screenshot available here.. RPM's available.
c68b2bc856ef76b4934210205be2188b0e1e4ecb37ebf40e5fa829daa0f2f3f2