exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 76 - 100 of 100 RSS Feed


Sudo 1.8.31p2 / 1.9.5p1 Buffer Overflow
Posted Feb 5, 2021
Authored by Blasty, Spencer McIntyre, Qualys Security Advisory, bwatters-r7, Alexander Krog | Site metasploit.com

A heap based buffer overflow exists in the sudo command line utility that can be exploited by a local attacker to gain elevated privileges. The vulnerability was introduced in July of 2011 and affects version 1.8.2 through 1.8.31p2 as well as 1.9.0 through 1.9.5p1 in their default configurations. The technique used by this implementation leverages the overflow to overwrite a service_user struct in memory to reference an attacker controlled library which results in it being loaded with the elevated privileges held by sudo.

tags | exploit, overflow, local
advisories | CVE-2021-3156
SHA-256 | cdf458fa2ff6a679afd1037bdb879758b301305b20f223b3aade629bb97b04bc

Related Files

FreeBSD nmount() Local Root Exploit
Posted Jul 3, 2009
Authored by Patroklos Argyroudis | Site census-labs.com

Local root exploit for FreeBSD nmount(). This affects FreeBSD 7.0-RELEASE and 7.0-STABLE.

tags | exploit, local, root
systems | freebsd
advisories | CVE-2008-3531
SHA-256 | f73657bff4c5f05a9a63c9564bcf7f676f9adf0f6b8a1b9a13e53473275ca23d
DESlock+ 4.0.2 Code Execution
Posted Jun 19, 2009
Authored by mu-b | Site digit-labs.org

DESlock++ version 4.0.2 local kernel SYSTEM exploit. Affects dlpcrypt.sys version

tags | exploit, kernel, local
SHA-256 | 8ff07a4da72ac1297bb179ba6e2d9a8a8cd03398d6c137b28d4494419fe7e1ef
Aruba Networks Security Advisory - 42309
Posted Apr 28, 2009
Site arubanetworks.com

Aruba Networks Security Advisory - A management user authentication bypass vulnerability was discovered during standard internal bug reporting procedures in the Aruba Mobility Controller. This vulnerability only affects customers using public key based SSH authentication for controller management users.

tags | advisory, bypass
SHA-256 | 291d267c35e45a94c6f92b96a8b8caf7e3787c5d5f59e06c888a90fb1e486fe7
libc:fts_*() Denial Of Service
Posted Mar 5, 2009
Authored by Maksymilian Arciemowicz | Site securityreason.com

libc:fts_*() suffers from a denial of service vulnerability. This affects multiple vendors.

tags | advisory, denial of service
advisories | CVE-2009-0537
SHA-256 | f1f7b02d628966dda851d771301cd67c0c164e16441e34b7ea9c6101aecb9818
Gentoo Linux Security Advisory 200902-6
Posted Feb 23, 2009
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200902-06 - Two vulnerabilities were found in GNU Emacs, possibly leading to user-assisted execution of arbitrary code. One also affects edit-utils in XEmacs. Morten Welinder reports about GNU Emacs and edit-utils in XEmacs: By shipping a .flc accompanying a source file (.c for example) and setting font-lock-support-mode to fast-lock-mode in the source file through local variables, any Lisp code in the .flc file is executed without warning (CVE-2008-2142). Versions less than 22.2-r3 are affected.

tags | advisory, arbitrary, local, vulnerability
systems | linux, gentoo
advisories | CVE-2008-2142, CVE-2008-3949
SHA-256 | 17c8574bea50c15bdbfc0e4b347a4c54008d41f1d8b905d89aa9b3117651a5ff
Technical Cyber Security Alert 2009-51A
Posted Feb 20, 2009
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert TA09-051A - Adobe has released Security Bulletin APSB09-01, which describes a vulnerability that affects Adobe Reader and Acrobat. This vulnerability could allow a remote attacker to execute arbitrary code.

tags | advisory, remote, arbitrary
SHA-256 | d1b030978b5d5908c77fd45b7fc27bc22a2d7415ace32d36207e56d61b376b8b
Gentoo Linux Security Advisory 200902-2
Posted Feb 12, 2009
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200902-02 - An error in the OpenSSL certificate chain validation might allow for spoofing attacks. The Google Security Team reported that several functions incorrectly check the result after calling the EVP_VerifyFinal() function, allowing a malformed signature to be treated as a good signature rather than as an error. This issue affects the signature checks on DSA and ECDSA keys used with SSL/TLS. Versions less than 0.9.8j are affected.

tags | advisory, spoof
systems | linux, gentoo
advisories | CVE-2008-5077
SHA-256 | f13499deaa027a65c3d9771c2e9479aff96cdfb004eaf1507e2bcfc5c18d1863
Nokia N95-8 Browser Crash
Posted Feb 5, 2009
Authored by Juan Pablo Lopez Yacubian

Nokia N95-8 browser crashing denial of service exploit. Apparently this vulnerability also affects Firefox 3.06 causing a stack overflow.

tags | exploit, denial of service, overflow
SHA-256 | 86dfd323b43887238748e4a0706ff35c4404cb91073d28fa6fd5e401195533fa
Novell GroupWise 8.0 RCPT Off-By-One Exploit
Posted Feb 4, 2009
Authored by Praveen Darshanam

Novell GroupWise versions 8.0 and below malformed RCPT command off-by-one exploit. Affects versions 6.5x, 7.0, 7.01, 7.02, 7.03, 7.03HP1a, and 8.0.

tags | exploit
advisories | CVE-2009-0410
SHA-256 | cda22220d5d85f8227845ba12b4f38ab62b6cf123eb8fa3b922c51bdb0f2b0f1
Debian Linux Security Advisory 1705-1
Posted Jan 16, 2009
Authored by Debian | Site debian.org

Debian Security Advisory DSA 1705-1 - It was discovered that netatalk, an implementation of the AppleTalk suite, is affected by a command injection vulnerability when processing PostScript streams via papd. This could lead to the execution of arbitrary code. Please note that this only affects installations that are configured to use a pipe command in combination with wildcard symbols substituted with values of the printed job.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2008-5718
SHA-256 | 92ec4039c91457686715bdcffc3bb80ebf78897c4ad7138eb6e1081fba4b9b35
Open Source CERT Security Advisory 2008.16
Posted Jan 7, 2009
Authored by Will Drewry, Open Source CERT | Site ocert.org

Several functions inside the OpenSSL library incorrectly check the result after calling the EVP_VerifyFinal function. This bug allows a malformed signature to be treated as a good signature rather than as an error. This issue affects the signature checks on DSA and ECDSA keys used with SSL/TLS. The flaw may be exploited by a malicious server or a man-in-the-middle attack that presents a malformed SSL/TLS signature from a certificate chain to a vulnerable client, bypassing validation.

tags | advisory
advisories | CVE-2008-5077, CVE-2008-0021, CVE-2008-0025
SHA-256 | f5724c1eba1778218b03f1b5af75356b08e95a08bbe2b92274df7f31dea9d59a
Debian Linux Security Advisory 1688-1
Posted Dec 30, 2008
Authored by Debian | Site debian.org

Debian Security Advisory 1688 - Two SQL injection vulnerabilities have beein found in courier-authlib, the courier authentification library. The MySQL database interface used insufficient escaping mechanisms when constructing SQL statements, leading to SQL injection vulnerabilities if certain charsets are used (CVE-2008-2380). A similar issue affects the PostgreSQL database interface (CVE-2008-2667).

tags | advisory, vulnerability, sql injection
systems | linux, debian
advisories | CVE-2008-2380, CVE-2008-2667
SHA-256 | 9dc7b0b9ca92f9e1f59c4c6542e5d806f993baedd0e6072fa1262af0d44fbd0d
Opera Browser Code Execution
Posted Dec 17, 2008
Authored by Alexios Fakos | Site nruns.com

The Opera browser suffers from a HTML parsing flaw that allows for remote code execution. This affects the browser on all platforms.

tags | advisory, remote, code execution
SHA-256 | febf5df96d484a8dc165f206b1224c5465d7ce08b01af90bdeeac54a08cce767
Posted Nov 24, 2008
Authored by SVRT | Site security.bkis.vn

SVRT-Bkis has detected a serious buffer overflow vulnerability in ffdshow which affects all available internet browsers. Taking advantage of the flaw, hackers can perform remote attack, inject viruses, steal sensitive information and even take control of the victim's system. Versions below rev2347 20081123 are affected.

tags | advisory, remote, overflow
SHA-256 | d5b01d681ab02ae46e8fa752529dd5a7d9d3b36adee4ff615ffda3aa5d2227f5
Mandriva Linux Security Advisory 2008-219
Posted Oct 30, 2008
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - A vulnerability that was discovered in xine-lib that allowed remote RTSP servers to execute arbitrary code via a large streamid SDP parameter also affects MPlayer. Several integer overflows were discovered by Felipe Andres Manzano in MPlayer's Real video stream demuxing code. These vulnerabilities could allow an attacker to cause a crash or possibly execute arbitrary code by supplying a malicious crafted video file. The updated packages have been patched to fix these issues. Note that CVE-2008-3827 was already corrected in the Mandriva Linux 2009 packages.

tags | advisory, remote, overflow, arbitrary, vulnerability
systems | linux, mandriva
advisories | CVE-2008-0073, CVE-2008-3827
SHA-256 | 066d0295c5e7993cf9dc8e543353f75479252803b2356b941a661066f30a1f4f
Cisco Security Advisory 20080924-l2tp
Posted Sep 24, 2008
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - A vulnerability exists in the Cisco IOS software implementation of Layer 2 Tunneling Protocol (L2TP), which affects limited Cisco IOS software releases. Several features enable the L2TP mgmt daemon process within Cisco IOS software, including but not limited to Layer 2 virtual private networks (L2VPN), Layer 2 Tunnel Protocol Version 3 (L2TPv3), Stack Group Bidding Protocol (SGBP) and Cisco Virtual Private Dial-Up Networks (VPDN). Once this process is enabled the device is vulnerable. This vulnerability will result in a reload of the device when processing a specially crafted L2TP packet. Cisco has released free software updates that address this vulnerability.

tags | advisory, protocol
systems | cisco
advisories | CVE-2008-3813
SHA-256 | 6ef0982b69c67aba8321a10f5b9dd4a8c31c33b2b61978e363e0d17d5b918ac7
Posted Sep 23, 2008
Authored by shinnai | Site shinnai.altervista.org

Chilkat XML Active-X remote arbitrary file creation / execution exploit that affects ChilkatUtil.dll versions and below.

tags | exploit, remote, arbitrary, activex
SHA-256 | bc2cabce859e1bf95a59a3293c411fe72f2767fbbfb025399b3b25b89a870328
Posted Sep 11, 2008
Authored by Alexios Fakos | Site nruns.com

The Horde project relies on code similar to Popoon's externalinput.php to filter out potential cross site scripting attacks on user-supplied input. Other projects are using the same code base. Therefore this vulnerability affects also the popular Cake-PHP framework. Hence, all users that rely on the externalinput sanitization functionality are affected by this vulnerability, as in addition to many other unrelated, open source projects.

tags | advisory, php, xss
advisories | CVE-2008-3824
SHA-256 | 21fcfc2eb2dfbc50c7d42dd8d19fdf5f77e420370c183904809c229552d63d54
iDEFENSE Security Advisory 2008-09-09.1
Posted Sep 10, 2008
Authored by iDefense Labs, Greg MacManus | Site idefense.com

iDefense Security Advisory 09.09.08 - Remote exploitation of an integer overflow vulnerability in multiple versions of Microsoft Corp.'s GDI+ could allow an attacker to execute arbitrary code within the context of the local user. The vulnerability specifically exists in the memory allocation performed by the GDI+ library. Certain malformed gradient fill input can cause the application to corrupt the heap, potentially allowing arbitrary code execution. iDefense Labs confirmed this vulnerability affects Internet Explorer 7 and Internet Explorer 6 on the Microsoft Windows XP SP2 platform.

tags | advisory, remote, overflow, arbitrary, local, code execution
systems | windows
advisories | CVE-2007-5348
SHA-256 | 2e0532d3c8039af7d9bf1009a1f7bb604a510e3e30eb42cd198c7f69f961ba91
Posted Sep 6, 2008
Authored by Kevin Finisterre | Site digitalmunition.com

This is a paper detailing the Five Ws of the Citect ODBC vulnerability that affects Citect versions 5, 6, and 7.

tags | paper
advisories | CVE-2008-2639
SHA-256 | 964dabad19a7f4cc68531d84e4b801807359a6d0cc916ab14e3874c422b8c097
Posted Sep 3, 2008
Site cisco.com

Cisco Security Advisory - A specially crafted Remote Authentication Dial In User Service (RADIUS) Extensible Authentication Protocol (EAP) Message Attribute packet sent to the Cisco Secure Access Control Server (ACS) can crash the CSRadius and CSAuth processes of Cisco Secure ACS. Because this affects CSAuth all authentication requests via RADIUS or TACACS+ will be affected during exploitation of this vulnerability.

tags | advisory, remote, protocol
systems | cisco
advisories | CVE-2008-2441
SHA-256 | 03d2b3ad06e56bf03200206d5acb2d150486c95c36526b6ba7e8707ba224b692
Mandriva Linux Security Advisory 2008-183
Posted Sep 3, 2008
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - Chaskiel M Grundman found that OpenSC would initialize smart cards with the Siemens CardOS M4 card operating system without proper access rights. This allowed everyone to change the card's PIN without first having the PIN or PUK, or the superuser's PIN or PUK. Please note that this issue can not be used to discover the PIN on a card. If the PIN on a card is the same that was always there, it is unlikely that this vulnerability has been exploited. As well, this issue only affects smart cards and USB crypto tokens based on Siemens CardOS M4, and then only those devices that were initialized by OpenSC. Users of other smart cards or USB crypto tokens, or cards that were not initialized by OpenSC, are not affected. After applying the update, executing 'pkcs15-tool -T' will indicate whether the card is fine or vulnerable. If the card is vulnerable, the security settings need to be updated by executing 'pkcs15-tool -T -U'. The updated packages have been patched to prevent this issue.

tags | advisory, cryptography
systems | linux, mandriva
advisories | CVE-2008-2235
SHA-256 | ba09b1a1c5d45943d35cfa80f8251de261f5dd57c0789098f49d62d5b8012873
Core Security Technologies Advisory 2008.0103
Posted Aug 13, 2008
Authored by Core Security Technologies, Jorge Luis Alvarez Medina | Site coresecurity.com

Core Security Technologies Advisory - A zone elevation vulnerability has been discovered in Internet Explorer versions 5 through 7 under Windows 2000, 2003, and XP. It also affects Windows Vista on IE 7 when protected mode is turned off.

tags | advisory
systems | windows
advisories | CVE-2008-1448
SHA-256 | f5c16f8f8097829d3e89077b8f1e0abd5172f15f78dbbf39f6c863711cd34bfd
Debian Linux Security Advisory 1617-1
Posted Jul 25, 2008
Authored by Debian | Site debian.org

Debian Security Advisory 1617-1 - In DSA-1603-1, Debian released an update to the BIND 9 domain name server, which introduced UDP source port randomization to mitigate the threat of DNS cache poisoning attacks (identified by the Common Vulnerabilities and Exposures project as CVE-2008-1447). The fix, while correct, was incompatible with the version of SELinux Reference Policy shipped with Debian Etch, which did not permit a process running in the named_t domain to bind sockets to UDP ports other than the standard 'domain' port (53). The incompatibility affects both the 'targeted' and 'strict' policy packages supplied by this version of refpolicy. This update to the refpolicy packages grants the ability to bind to arbitrary UDP ports to named_t processes. When installed, the updated packages will attempt to update the bind policy module on systems where it had been previously loaded and where the previous version of refpolicy was 0.0.20061018-5 or below.

tags | advisory, arbitrary, udp, vulnerability
systems | linux, debian
advisories | CVE-2008-1447
SHA-256 | d9ed425b97874f61eb0207b3d26987e6036bffbbbbbedda8e4db2913f6def931
Posted Jul 10, 2008
Authored by Kristian Hermansen

Malicious SVG file denial of service proof of concept exploit that affects multiple vendors.

tags | exploit, denial of service, proof of concept
SHA-256 | ee89da8f9776050087de3fc3ee1f48a1493cfbde1d0d9d489fb79bc7d24d2f7a
Page 4 of 4

File Archive:

December 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    11 Files
  • 2
    Dec 2nd
    0 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2022 Packet Storm. All rights reserved.

Security Services
Hosting By