Local root exploit for the x86_64 Linux kernel ia32syscall emulation vulnerability. This is a variant of a vulnerability found back in 2007.
2f03e8832849e0defbb98ca079107559Local root exploit for the x86_64 Linux kernel ia32syscall emulation bug.
5d14ec4f80a173aed4a21dadebd3c189ld.so from Solaris 9 and 10 does not check the LD_AUDIT environment variable when running setuid and setgid binaries, allowing a malicious party to run arbitrary code with elevated privileges.
02b0fa3de66ae2c25e511bb747ec86a9traceroute under Solaris 10 is susceptible to a buffer overflow in the handling of the -g argument. Sample exploitation included.
12bfb0bfe843c6f3aff37ac9ae831254Amusing tidbit showing Google segfaulting.
a266eb1e1ba9d8b983438ccfe0843248mtr is susceptible to raw socket hijacking, allowing for the spoofing of ICMP packets.
3cba2beb8ae7f282ff09a6215b7d27fbZyxel P681 SDSL routers disclose random portions of memory in ARP requests.
6048d02b855c73c8f0589db01f868203NetBSD Security Advisory 2004-009 - A set of flaws in the ftpd source code can be used together to achieve root access within an ftp session. With root file manipulation ability, mechanisms to gain a shell are numerous, so this issue should be considered a remote root situation.
60a69638e2b72d77727e6df6111bd434OpenBSD 3.0 cron / mail local root exploit. Creates a suid shell after /etc/daily runs.
72d35ea6ab315d9c96c3184343dee252Plogd v2 - syn/udp/icmp packet logger (freebsd version).
8acf703296d17b76edc2716398aa9b38FreeBSD-4.2-Stable ftpd GLOB remote root exploit in perl. This version requires user access and writeable home dir without chroot.
21542904375f11b565ae7d3ffa7495ebBobek.c is a Wu-Ftpd 2.6.0 remote root exploit (updated 05/08/2000). Bug is in the SITE EXEC command, an account is not required as anonymous access is enough. Tested against Redhat 6.2, FreeBSD 3.4-STABLE, and FreeBSD 5.0-CURRENT.
72aa028cb868dcaf240a98d147e3f193FreeBSD 4.X local /usr/bin/systat exploit. Gives a sgid kmem shell by exploiting the .terminfo bug in ncurses.
814c885a5a67051785ba29eee6076b4bHPUX's ftpd contains a remotely exploitable format string vulnerability in the PASS command.
52757625c75bb68c6c403710d078bc99sms.c is a remote SMS 1.8.2 (mail2sms gateway) long subject line remote buffer overflow exploit. Send the mail generated by this program and a shell will be listening on port 2222. Offsets adjusted for redhat.
836481971d25cd24f48a3187fca55303syslogd-to-MySQL wrapper v0.1 prebeta. Stores syslog messages in a MySQL database. Written for FreeBSD.
9a055ca5347884d3708e659ce3ae8a55Plogd v2 (Revision 1.5) is a syn/udp/icmp packet logger for freebsd.
eef674504b75af8c3aa2b70b04a1ae7dBufferOverflow Security Advisory #3 - libncurses buffer overflow in NCURSES 1.8.6 on FreeBSD 3.4-STABLE. Setuid programs linked with libncurses can be exploited to obtain root access.
6498cacb6f034cf8c3e1a0d842966aaaFreeBSD mtr-0.41 local root exploit.
7b6ccfe86d1f9d39294cd7b5818c56f8mars_nwe 0.99pl14 root exploit (linux).
5b6fce38150f1e31d683c4dd22ff898eNovell NetWare webservers remote denial of service - Tested on Novell NetWare 4.11 with Novell-HTTP-Server/3.1R1, Novell NetWare 4.1 with Novell-HTTP-Server/2.51R1, Novell NetWare ?.? with YAWN/1.05.
576b4950d530b2d4e4aec61b212f3cdcFreeBSD 3.3 /sbin/umount exploit.
9771ba0845affa761cd9b94dea51b1b1Your ultimate proftpd pre0-3 exploiting toolkit based on adm-wuftpd by duke and kombajn do czere^vni by Lam3rZ.
980e949baa7fff05ee7b182a7eff1270Redhat /usr/bin/man exploit (gid=15 leads to potential root compromise).
534219ec78ffa72e140fa46ef0859a02
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed