DB: 2016-07-25
12 new exploits Linux Kernel 2.6.x (Slackware 9.1 / Debian 3.0) - chown() Group Ownership Alteration Exploit Linux Kernel 2.6.x (Slackware 9.1 / Debian 3.0) - chown() Group Ownership Alteration Privilege Escalation Exploit Linux Kernel < 2.6.31-rc4 - nfs4_proc_lock() Denial of Service FreeBSD/x86 - /bin/cat /etc/master.passwd NULL free shellcode (65 bytes) FreeBSD/x86 - /bin/cat /etc/master.passwd Null Free Shellcode (65 bytes) Linux/x86 - execve shellcode null byte free (Generator) Linux/x86 - execve Null Free shellcode (Generator) Linux/x86 - cmd shellcode null free (Generator) Linux/x86 - cmd Null Free shellcode (Generator) iOS - Version-independent shellcode Linux/x86-64 - bindshell port:4444 shellcode (132 bytes) Linux/x86-64 - bindshell port 4444 shellcode (132 bytes) Solaris/x86 - setuid(0)_ execve(//bin/sh); exit(0) NULL Free shellcode (39 bytes) Solaris/x86 - setuid(0)_ execve(//bin/sh); exit(0) Null Free shellcode (39 bytes) Windows 5.0 < 7.0 x86 - null-free bindshell shellcode Windows 5.0 < 7.0 x86 - Null Free bindshell port 28876 shellcode Win32 - telnetbind by Winexec shellcode (111 bytes) Win32 - telnetbind by Winexec 23 port shellcode (111 bytes) Windows NT/2000/XP - add user _slim_ shellcode for Russian systems (318 bytes) Windows NT/2000/XP (Russian) - Add User _slim_ Shellcode (318 bytes) Windows XP Pro SP2 English - _Message-Box_ Shellcode Null-Free (16 bytes) Windows XP Pro SP2 English - _Wordpad_ Shellcode Null Free (12 bytes) Windows XP Pro SP2 English - _Message-Box_ Null Free Shellcode (16 bytes) Windows XP Pro SP2 English - _Wordpad_ Null Free Shellcode (12 bytes) Linux/x86 - /bin/sh Null-Free Polymorphic Shellcode (46 bytes) Linux/x86 - /bin/sh Polymorphic Null Free Shellcode (46 bytes) Win32 - Add new local administrator shellcode _secuid0_ (326 bytes) Win32 - Add New Local Administrator _secuid0_ Shellcode (326 bytes) ARM - Bindshell port 0x1337shellcode ARM - Bindshell port 0x1337 shellcode Linux Kernel <= 2.6.36 - VIDIOCSMICROCODE IOCTL Local Memory Overwrite Linux Kernel <= 2.4.0 - Stack Infoleaks bsd/x86 - connect back Shellcode (81 bytes) FreeBSD/x86 - connect back Shellcode (81 bytes) Acpid 1:2.0.10-1ubuntu2 (Ubuntu 11.10/11.04) - Privilege Boundary Crossing Local Root Exploit Acpid 1:2.0.10-1ubuntu2 (Ubuntu 11.04/11.10) - Privilege Boundary Crossing Local Root Exploit Linux Kernel 2.0 / 2.1 - SIGIO Linux Kernel 2.0 / 2.1 - Send a SIGIO Signal To Any Process Linux Kernel 2.2 - 'ldd core' Force Reboot Debian 2.1_ Linux Kernel 2.0.x_ RedHat 5.2 - Packet Length with Options Linux Kernel 2.0.x (Debian 2.1 / RedHat 5.2) - Packet Length with Options Linux Kernel 2.2.x - Non-Readable File Ptrace Linux Kernel 2.2.x - Non-Readable File Ptrace Local Information Leak OS X 10.x_ FreeBSD 4.x_OpenBSD 2.x_Solaris 2.5/2.6/7.0/8 exec C Library Standard I/O File Descriptor Closure OS X 10.x_ FreeBSD 4.x_ OpenBSD 2.x_ Solaris 2.5/2.6/7.0/8 - exec C Library Standard I/O File Descriptor Closure Linux Kernel 2.4.18/19 - Privileged File Descriptor Resource Exhaustion Linux Kernel 2.2.x / 2.4.x - Privileged Process Hijacking (1) Linux Kernel 2.2.x / 2.4.x - Privileged Process Hijacking (2) Linux Kernel 2.2.x / 2.4.x - Privileged Process Hijacking Local Root Exploit (1) Linux Kernel 2.2.x / 2.4.x - Privileged Process Hijacking Local Root Exploit (2) Linux Kernel 2.4 - suid execve() System Call Race Condition PoC Linux Kernel 2.4 - suid execve() System Call Race Condition Executable File Read Proof of Concept Linux Kernel 2.5.x / 2.6.x - CPUFreq Proc Handler Integer Handling Linux Kernel 2.5.x / 2.6.x - CPUFreq Proc Handler Integer Handling Memory Read Linux Kernel <= 2.6.32-5 (Debian 6.0.5) - /dev/ptmx Key Stroke Timing Local Disclosure Microsoft Internet Explorer 6.0_ Firefox 0.x_Netscape 7.x - IMG Tag Multiple Vulnerabilities Microsoft Internet Explorer 6.0 / Firefox 0.x / Netscape 7.x - IMG Tag Multiple Vulnerabilities Linux Kernel 2.4.x / 2.6.x - Multiple Unspecified ISO9660 Filesystem Handling Vulnerabilities Linux Kernel 2.4.x / 2.6.x - Bluetooth Signed Buffer Index (Proof of Concept) (1) Linux/x86 - Reverse TCP Bind Shellcode (92 bytes) Linux/x86 - Reverse TCP Bind 192.168.1.10:31337 Shellcode (92 bytes) Linux Kernel 2.2.x / 2.3.x / 2.4.x / 2.5.x / 2.6.x - ELF Core Dump Local Buffer Overflow Linux/x86-64 - Bind TCP port shellcode (81 bytes / 96 bytes with password) Linux/x86-64 - Bind TCP 4444 Port Shellcode (81 bytes / 96 bytes with password) Linux/x86 - TCP Bind Shel shellcode l (96 bytes) Linux/x86 - TCP Bind Shell 33333 Port Shellcode (96 bytes) Mac OS X < 10.7.5/10.8.2/10.9.5/10.10.2 - 'rootpipe' Privilege Escalation Mac OS X < 10.7.5/10.8.2/10.9.5/10.10.2 - 'Rootpipe' Privilege Escalation Windows x86 - user32!MessageBox _Hello World!_ Null-Free shellcode (199 bytes) Windows x86 - user32!MessageBox _Hello World!_ Null Free Shellcode (199 bytes) OS-X/x86-64 - /bin/sh Shellcode NULL Byte Free (34 bytes) OS-X/x86-64 - /bin/sh Null Free Shellcode (34 bytes) Mainframe/System Z - Bind Shell shellcode (2488 bytes) Mainframe/System Z - Bind Shell Port 12345 Shellcode (2488 bytes) OS-X/x86-64 - tcp bind shellcode_ NULL byte free (144 bytes) OS-X/x86-64 - tcp 4444 port bind Nullfree shellcode (144 bytes) Ubuntu Apport - Local Privilege Escalation Apport 2.19 (Ubuntu 15.04) - Local Privilege Escalation Linux/x86-64 - Bindshell with Password shellcode (92 bytes) Linux/x86-64 - Bindshell 31173 port with Password shellcode (92 bytes) Windows XP < 10 - Null-Free WinExec Shellcode (Python) (Generator) Windows XP < 10 - WinExec Null Free Shellcode (Python) (Generator) Linux/x86-64 - bind TCP port shellcode (103 bytes) Linux/x86-64 - TCP Bindshell with Password Prompt shellcode (162 bytes) Linux/x86-64 - Bind TCP 4444 Port Shellcode (103 bytes) Linux/x86-64 - TCP 4444 port Bindshell with Password Prompt shellcode (162 bytes) Windows x86 - Null-Free Download & Run via WebDAV Shellcode (96 bytes) Windows x86 - Download & Run via WebDAV Null Free Shellcode (96 bytes) Linux Kernel 3.10_ 3.18 + 4.4 - netfilter IPT_SO_SET_REPLACE Memory Corruption Linux Kernel 3.10 / 3.18 / 4.4 - netfilter IPT_SO_SET_REPLACE Memory Corruption Windows - Null-Free Shellcode Primitive Keylogger to File (431 (0x01AF) bytes) Windows - Primitive Keylogger to File Null Free Shellcode (431 (0x01AF) bytes) Linux Kernel (Ubuntu 14.04.3) - perf_event_open() Can Race with execve() (/etc/shadow) Linux Kernel (Ubuntu 14.04.3) - perf_event_open() Can Race with execve() (Access /etc/shadow) Windows - Null-Free Shellcode Functional Keylogger to File (601 (0x0259) bytes) Windows - Functional Keylogger to File Null Free Shellcode (601 (0x0259) bytes) Linux/x86-64 - Null-Free Reverse TCP Shell shellcode (134 bytes) Linux/x86-64 - Reverse TCP Shell Null Free Shellcode (134 bytes) Linux/x86-64 - Syscall Persistent Bind Shell + Multi-terminal + Password + Daemon (83_ 148_ 177 bytes) Linux/x86-64 - Syscall Persistent Bind Shell + Multi-terminal + Password + Daemon Shellcode (83_ 148_ 177 bytes) Linux/x86-64 - Subtle Probing Reverse Shell_ Timer_ Burst_ Password_ Multi-Terminal (84_ 122_ 172 bytes) Linux/x86-64 - Subtle Probing Reverse Shell_ Timer_ Burst_ Password_ Multi-Terminal Shellcode (84_ 122_ 172 bytes)
This commit is contained in:
parent
be496c36bc
commit
2a57bee5c6
16 changed files with 66 additions and 56 deletions
112
files.csv
112
files.csv
|
@ -556,7 +556,7 @@ id,file,description,date,author,platform,type,port
|
|||
714,platforms/solaris/local/714.c,"Solaris 7/8/9 CDE LibDTHelp - Local Buffer Overflow Exploit (2)",2004-12-24,"Marco Ivaldi",solaris,local,0
|
||||
715,platforms/solaris/local/715.c,"Solaris 8/9 - passwd circ() Local Root Exploit",2004-12-24,"Marco Ivaldi",solaris,local,0
|
||||
716,platforms/solaris/remote/716.c,"Solaris 2.5.1/2.6/7/8 rlogin /bin/login - Buffer Overflow Exploit (SPARC)",2004-12-24,"Marco Ivaldi",solaris,remote,513
|
||||
718,platforms/linux/local/718.c,"Linux Kernel 2.6.x (Slackware 9.1 / Debian 3.0) - chown() Group Ownership Alteration Exploit",2004-12-24,"Marco Ivaldi",linux,local,0
|
||||
718,platforms/linux/local/718.c,"Linux Kernel 2.6.x (Slackware 9.1 / Debian 3.0) - chown() Group Ownership Alteration Privilege Escalation Exploit",2004-12-24,"Marco Ivaldi",linux,local,0
|
||||
719,platforms/windows/remote/719.txt,"Microsoft Internet Explorer XP SP2 - HTML Help Control Local Zone Bypass",2004-12-25,Paul,windows,remote,0
|
||||
720,platforms/php/webapps/720.pl,"Sanity.b - phpBB <= 2.0.10 Bot Install (AOL/Yahoo Search)",2004-12-25,anonymous,php,webapps,0
|
||||
721,platforms/windows/dos/721.html,"Microsoft Windows Kernel - ANI File Parsing Crash",2004-12-25,Flashsky,windows,dos,0
|
||||
|
@ -9501,7 +9501,7 @@ id,file,description,date,author,platform,type,port
|
|||
10190,platforms/windows/dos/10190.txt,"Cisco VPN Client Integer Overflow (DOS)",2009-11-21,"Alex Hernandez",windows,dos,0
|
||||
10192,platforms/php/webapps/10192.txt,"Joomla Component Com_Joomclip (cat) SQL injection",2009-11-21,"599eme Man",php,webapps,0
|
||||
10201,platforms/windows/local/10201.pl,"TEKUVA Password Reminder Authentication Bypass",2009-11-21,iqlusion,windows,local,0
|
||||
10202,platforms/linux/dos/10202.txt,"Linux Kernel < 2.6.31-rc4 - nfs4_proc_lock() Denial of Service",2009-10-15,"Simon Vallet",linux,dos,0
|
||||
10202,platforms/linux/dos/10202.c,"Linux Kernel < 2.6.31-rc4 - nfs4_proc_lock() Denial of Service",2009-10-15,"Simon Vallet",linux,dos,0
|
||||
10203,platforms/linux/dos/10203.txt,"BibTeX - (.bib) File Handling Memory Corruption",2009-11-13,"Vincent Lafevre",linux,dos,0
|
||||
10204,platforms/windows/dos/10204.txt,"Foxit Reader - COM Objects Memory Corruption Remote Code Execution",2009-11-19,mrx,windows,dos,0
|
||||
10205,platforms/multiple/dos/10205.txt,"LibTIFF - 'LZWDecodeCompat()' Remote Buffer Underflow",2009-11-12,wololo,multiple,dos,0
|
||||
|
@ -11744,7 +11744,7 @@ id,file,description,date,author,platform,type,port
|
|||
13263,platforms/freebsd_x86/shellcode/13263.txt,"FreeBSD/x86 - connect back.send.exit /etc/passwd shellcode (112 bytes)",2008-09-10,suN8Hclf,freebsd_x86,shellcode,0
|
||||
13264,platforms/freebsd_x86/shellcode/13264.txt,"FreeBSD/x86 - kill all processes shellcode (12 bytes)",2008-09-09,suN8Hclf,freebsd_x86,shellcode,0
|
||||
13265,platforms/freebsd_x86/shellcode/13265.c,"FreeBSD/x86 - rev connect_ recv_ jmp_ return results shellcode (90 bytes)",2008-09-05,sm4x,freebsd_x86,shellcode,0
|
||||
13266,platforms/freebsd_x86/shellcode/13266.asm,"FreeBSD/x86 - /bin/cat /etc/master.passwd NULL free shellcode (65 bytes)",2008-08-25,sm4x,freebsd_x86,shellcode,0
|
||||
13266,platforms/freebsd_x86/shellcode/13266.asm,"FreeBSD/x86 - /bin/cat /etc/master.passwd Null Free Shellcode (65 bytes)",2008-08-25,sm4x,freebsd_x86,shellcode,0
|
||||
13267,platforms/freebsd_x86/shellcode/13267.asm,"FreeBSD/x86 - reverse portbind 127.0.0.1:8000 /bin/sh shellcode (89 bytes)",2008-08-21,sm4x,freebsd_x86,shellcode,0
|
||||
13268,platforms/freebsd_x86/shellcode/13268.asm,"FreeBSD/x86 - setuid(0); execve(ipf -Fa); shellcode (57 bytes)",2008-08-21,sm4x,freebsd_x86,shellcode,0
|
||||
13269,platforms/freebsd_x86/shellcode/13269.c,"FreeBSD/x86 - encrypted shellcode /bin/sh (48 bytes)",2008-08-19,c0d3_z3r0,freebsd_x86,shellcode,0
|
||||
|
@ -11759,15 +11759,15 @@ id,file,description,date,author,platform,type,port
|
|||
13278,platforms/freebsd_x86/shellcode/13278.asm,"FreeBSD/x86 - connect (Port 31337) shellcode (102 bytes)",2004-09-26,Scrippie,freebsd_x86,shellcode,0
|
||||
13279,platforms/freebsd_x86-64/shellcode/13279.c,"FreeBSD/x86-64 - exec(_/bin/sh_) shellcode (31 bytes)",2009-05-18,"Hack'n Roll",freebsd_x86-64,shellcode,0
|
||||
13280,platforms/freebsd_x86-64/shellcode/13280.c,"FreeBSD/x86-64 - execve /bin/sh shellcode (34 bytes)",2009-05-15,c0d3_z3r0,freebsd_x86-64,shellcode,0
|
||||
13281,platforms/generator/shellcode/13281.c,"Linux/x86 - execve shellcode null byte free (Generator)",2009-06-29,certaindeath,generator,shellcode,0
|
||||
13281,platforms/generator/shellcode/13281.c,"Linux/x86 - execve Null Free shellcode (Generator)",2009-06-29,certaindeath,generator,shellcode,0
|
||||
13282,platforms/generator/shellcode/13282.php,"Linux/x86 - portbind payload shellcode (Generator)",2009-06-09,"Jonathan Salwan",generator,shellcode,0
|
||||
13283,platforms/generator/shellcode/13283.php,"Windows XP SP1 - portbind payload shellcode (Generator)",2009-06-09,"Jonathan Salwan",generator,shellcode,0
|
||||
13284,platforms/generator/shellcode/13284.txt,"(Generator) - /bin/sh Polymorphic shellcode with printable ASCII characters",2008-08-31,sorrow,generator,shellcode,0
|
||||
13285,platforms/generator/shellcode/13285.c,"Linux/x86 - cmd shellcode null free (Generator)",2008-08-19,BlackLight,generator,shellcode,0
|
||||
13285,platforms/generator/shellcode/13285.c,"Linux/x86 - cmd Null Free shellcode (Generator)",2008-08-19,BlackLight,generator,shellcode,0
|
||||
13286,platforms/generator/shellcode/13286.c,"(Generator) - Alphanumeric Shellcode Encoder/Decoder",2008-08-04,"Avri Schneider",generator,shellcode,0
|
||||
13288,platforms/generator/shellcode/13288.c,"HTTP/1.x requests for shellcodes (Generator) (18+ bytes / 26+ bytes)",2006-10-22,izik,generator,shellcode,0
|
||||
13289,platforms/generator/shellcode/13289.c,"Win32 - Multi-Format Shellcode Encoding Tool (Generator)",2005-12-16,Skylined,generator,shellcode,0
|
||||
13290,platforms/hardware/shellcode/13290.txt,"iOS - Version-independent shellcode",2008-08-21,"Andy Davis",hardware,shellcode,0
|
||||
13290,platforms/ios/shellcode/13290.txt,"iOS - Version-independent shellcode",2008-08-21,"Andy Davis",ios,shellcode,0
|
||||
13291,platforms/hardware/shellcode/13291.txt,"Cisco IOS - Connectback (Port 21) Shellcode",2008-08-13,"Gyan Chawdhary",hardware,shellcode,0
|
||||
13292,platforms/hardware/shellcode/13292.txt,"Cisco IOS - Bind Shellcode Password Protected (116 bytes)",2008-08-13,"Gyan Chawdhary",hardware,shellcode,0
|
||||
13293,platforms/hardware/shellcode/13293.txt,"Cisco IOS - Tiny Shellcode (New TTY_ Privilege level to 15_ No password)",2008-08-13,"Gyan Chawdhary",hardware,shellcode,0
|
||||
|
@ -11939,7 +11939,7 @@ id,file,description,date,author,platform,type,port
|
|||
13460,platforms/lin_x86/shellcode/13460.c,"Linux/x86 - execve /bin/sh toupper() evasion shellcode (55 bytes)",2000-08-08,anonymous,lin_x86,shellcode,0
|
||||
13461,platforms/lin_x86/shellcode/13461.c,"Linux/x86 - Add user _z_ shellcode (70 bytes)",2000-08-07,anonymous,lin_x86,shellcode,0
|
||||
13462,platforms/lin_x86/shellcode/13462.c,"Linux/x86 - break chroot setuid(0) + /bin/sh shellcode (132 bytes)",2000-08-07,anonymous,lin_x86,shellcode,0
|
||||
13463,platforms/lin_x86-64/shellcode/13463.c,"Linux/x86-64 - bindshell port:4444 shellcode (132 bytes)",2009-05-18,evil.xi4oyu,lin_x86-64,shellcode,0
|
||||
13463,platforms/lin_x86-64/shellcode/13463.c,"Linux/x86-64 - bindshell port 4444 shellcode (132 bytes)",2009-05-18,evil.xi4oyu,lin_x86-64,shellcode,0
|
||||
13464,platforms/lin_x86-64/shellcode/13464.s,"Linux/x86-64 - execve(/bin/sh) shellcode (33 bytes)",2006-11-02,hophet,lin_x86-64,shellcode,0
|
||||
13465,platforms/multiple/shellcode/13465.c,"Linux PPC & x86 - execve(_/bin/sh__{_/bin/sh__NULL}_NULL) shellcode (99 bytes)",2005-11-15,"Charles Stevenson",multiple,shellcode,0
|
||||
13466,platforms/multiple/shellcode/13466.c,"OS-X PPC & x86 - execve(_/bin/sh__{_/bin/sh__NULL}_NULL) shellcode (121 bytes)",2005-11-13,nemo,multiple,shellcode,0
|
||||
|
@ -11975,18 +11975,18 @@ id,file,description,date,author,platform,type,port
|
|||
13496,platforms/solaris_sparc/shellcode/13496.c,"Solaris/SPARC - connect-bac shellcode k (204 bytes)",2004-09-26,"Claes Nyberg",solaris_sparc,shellcode,0
|
||||
13497,platforms/solaris_sparc/shellcode/13497.txt,"Solaris/SPARC - portbinding shellcode (240 bytes)",2000-11-19,dopesquad.net,solaris_sparc,shellcode,0
|
||||
13498,platforms/solaris_x86/shellcode/13498.php,"Solaris/x86 - portbind/tcp shellcode (Generator)",2009-06-16,"Jonathan Salwan",solaris_x86,shellcode,0
|
||||
13499,platforms/solaris_x86/shellcode/13499.c,"Solaris/x86 - setuid(0)_ execve(//bin/sh); exit(0) NULL Free shellcode (39 bytes)",2008-12-02,sm4x,solaris_x86,shellcode,0
|
||||
13499,platforms/solaris_x86/shellcode/13499.c,"Solaris/x86 - setuid(0)_ execve(//bin/sh); exit(0) Null Free shellcode (39 bytes)",2008-12-02,sm4x,solaris_x86,shellcode,0
|
||||
13500,platforms/solaris_x86/shellcode/13500.c,"Solaris/x86 - setuid(0)_ execve(/bin/cat_ /etc/shadow)_ exit(0) shellcode (59 bytes)",2008-12-02,sm4x,solaris_x86,shellcode,0
|
||||
13501,platforms/solaris_x86/shellcode/13501.txt,"Solaris/x86 - execve /bin/sh toupper evasion shellcode (84 bytes)",2004-09-26,anonymous,solaris_x86,shellcode,0
|
||||
13502,platforms/solaris_x86/shellcode/13502.txt,"Solaris/x86 - Add services and execve inetd shellcode (201 bytes)",2004-09-26,anonymous,solaris_x86,shellcode,0
|
||||
13503,platforms/unixware/shellcode/13503.txt,"UnixWare - execve /bin/sh shellcode (95 bytes)",2004-09-26,K2,unixware,shellcode,0
|
||||
13504,platforms/win_x86/shellcode/13504.asm,"Windows 5.0 < 7.0 x86 - null-free bindshell shellcode",2009-07-27,Skylined,win_x86,shellcode,0
|
||||
13504,platforms/win_x86/shellcode/13504.asm,"Windows 5.0 < 7.0 x86 - Null Free bindshell port 28876 shellcode",2009-07-27,Skylined,win_x86,shellcode,0
|
||||
13505,platforms/win_x86/shellcode/13505.c,"Win32/XP SP2 (EN) - cmd.exe shellcode (23 bytes)",2009-07-17,Stack,win_x86,shellcode,0
|
||||
18615,platforms/windows/dos/18615.py,"TYPSoft FTP Server 1.1 - Remote DoS (APPE)",2012-03-17,"brock haun",windows,dos,0
|
||||
18593,platforms/php/webapps/18593.txt,"ModX 2.2.0 - Multiple Vulnerabilities",2012-03-14,n0tch,php,webapps,0
|
||||
18594,platforms/php/webapps/18594.txt,"Simple Posting System - Multiple Vulnerabilities",2012-03-14,n0tch,php,webapps,0
|
||||
13507,platforms/win_x86/shellcode/13507.txt,"Win32 - SEH omelet shellcode",2009-03-16,Skylined,win_x86,shellcode,0
|
||||
13508,platforms/win_x86/shellcode/13508.asm,"Win32 - telnetbind by Winexec shellcode (111 bytes)",2009-02-27,DATA_SNIPER,win_x86,shellcode,0
|
||||
13508,platforms/win_x86/shellcode/13508.asm,"Win32 - telnetbind by Winexec 23 port shellcode (111 bytes)",2009-02-27,DATA_SNIPER,win_x86,shellcode,0
|
||||
13509,platforms/win_x86/shellcode/13509.c,"Win32 - PEB!NtGlobalFlags shellcode (14 bytes)",2009-02-24,Koshi,win_x86,shellcode,0
|
||||
13510,platforms/win_x86/shellcode/13510.c,"Win32 XP SP2 FR - Sellcode cmd.exe shellcode (32 bytes)",2009-02-20,Stack,win_x86,shellcode,0
|
||||
13511,platforms/win_x86/shellcode/13511.c,"Win32/XP SP2 - cmd.exe shellcode (57 bytes)",2009-02-03,Stack,win_x86,shellcode,0
|
||||
|
@ -12001,7 +12001,7 @@ id,file,description,date,author,platform,type,port
|
|||
13520,platforms/win_x86/shellcode/13520.c,"Win32/XP SP2 - Pop up message box shellcode (110 bytes)",2006-01-24,Omega7,win_x86,shellcode,0
|
||||
13521,platforms/win_x86/shellcode/13521.asm,"Win32 - WinExec() Command Parameter shellcode (104+ bytes)",2006-01-24,Weiss,win_x86,shellcode,0
|
||||
13522,platforms/win_x86/shellcode/13522.c,"Win32 - Download & Exec Shellcode (226+ bytes)",2005-12-23,darkeagle,win_x86,shellcode,0
|
||||
13523,platforms/win_x86/shellcode/13523.c,"Windows NT/2000/XP - add user _slim_ shellcode for Russian systems (318 bytes)",2005-10-28,darkeagle,win_x86,shellcode,0
|
||||
13523,platforms/win_x86/shellcode/13523.c,"Windows NT/2000/XP (Russian) - Add User _slim_ Shellcode (318 bytes)",2005-10-28,darkeagle,win_x86,shellcode,0
|
||||
13524,platforms/win_x86/shellcode/13524.txt,"Windows 9x/NT/2000/XP - Reverse Generic Shellcode without Loader (249 bytes)",2005-08-16,"Matthieu Suiche",win_x86,shellcode,0
|
||||
13525,platforms/win_x86/shellcode/13525.c,"Windows 9x/NT/2000/XP - PEB method shellcode (29 bytes)",2005-07-26,loco,win_x86,shellcode,0
|
||||
13526,platforms/win_x86/shellcode/13526.c,"Windows 9x/NT/2000/XP - PEB method shellcode (31 bytes)",2005-01-26,twoci,win_x86,shellcode,0
|
||||
|
@ -12031,8 +12031,8 @@ id,file,description,date,author,platform,type,port
|
|||
13577,platforms/lin_x86/shellcode/13577.txt,"Linux/x86 - break chroot shellcode (79 bytes)",2009-12-30,root@thegibson,lin_x86,shellcode,0
|
||||
13578,platforms/lin_x86/shellcode/13578.txt,"Linux/x86 - fork bomb shellcode (6 bytes)",2009-12-30,root@thegibson,lin_x86,shellcode,0
|
||||
13579,platforms/lin_x86/shellcode/13579.c,"Linux/x86 - append _/etc/passwd_ & exit() shellcode (107 bytes)",2009-12-31,sandman,lin_x86,shellcode,0
|
||||
13581,platforms/windows/shellcode/13581.txt,"Windows XP Pro SP2 English - _Message-Box_ Shellcode Null-Free (16 bytes)",2010-01-03,Aodrulez,windows,shellcode,0
|
||||
13582,platforms/windows/shellcode/13582.txt,"Windows XP Pro SP2 English - _Wordpad_ Shellcode Null Free (12 bytes)",2010-01-03,Aodrulez,windows,shellcode,0
|
||||
13581,platforms/windows/shellcode/13581.txt,"Windows XP Pro SP2 English - _Message-Box_ Null Free Shellcode (16 bytes)",2010-01-03,Aodrulez,windows,shellcode,0
|
||||
13582,platforms/windows/shellcode/13582.txt,"Windows XP Pro SP2 English - _Wordpad_ Null Free Shellcode (12 bytes)",2010-01-03,Aodrulez,windows,shellcode,0
|
||||
13586,platforms/lin_x86/shellcode/13586.txt,"Linux/x86 - eject /dev/cdrom shellcode (42 bytes)",2010-01-08,root@thegibson,lin_x86,shellcode,0
|
||||
13595,platforms/win_x86/shellcode/13595.c,"Win32 XP SP2 FR - calc shellcode (19 bytes)",2010-01-20,SkuLL-HackeR,win_x86,shellcode,0
|
||||
13599,platforms/lin_x86/shellcode/13599.txt,"Linux/x86 - polymorphic shellcode ip6tables -F (71 bytes)",2010-01-24,"Jonathan Salwan",lin_x86,shellcode,0
|
||||
|
@ -12863,7 +12863,7 @@ id,file,description,date,author,platform,type,port
|
|||
14688,platforms/freebsd/local/14688.c,"FreeBSD - mbufs() sendfile Cache Poisoning Privilege Escalation",2010-08-19,kingcope,freebsd,local,0
|
||||
14689,platforms/windows/dos/14689.pl,"Tuniac 100723 - Denial of Service",2010-08-19,d4rk-h4ck3r,windows,dos,0
|
||||
14690,platforms/windows/dos/14690.pl,"Fennec 1.2 Beta 3 - Denial of Service",2010-08-19,d4rk-h4ck3r,windows,dos,0
|
||||
14691,platforms/lin_x86/shellcode/14691.c,"Linux/x86 - /bin/sh Null-Free Polymorphic Shellcode (46 bytes)",2010-08-19,Aodrulez,lin_x86,shellcode,0
|
||||
14691,platforms/lin_x86/shellcode/14691.c,"Linux/x86 - /bin/sh Polymorphic Null Free Shellcode (46 bytes)",2010-08-19,Aodrulez,lin_x86,shellcode,0
|
||||
14693,platforms/windows/local/14693.py,"Microsoft Word Record Parsing Buffer Overflow (MS09-027)",2010-08-20,anonymous,windows,local,0
|
||||
14707,platforms/php/webapps/14707.txt,"Joomla Component (com_Fabrik) SQL Injection",2010-08-21,Mkr0x,php,webapps,0
|
||||
14694,platforms/php/webapps/14694.txt,"Joomla Component com_extcalendar Blind SQL Injection",2010-08-20,Lagripe-Dz,php,webapps,0
|
||||
|
@ -13217,7 +13217,7 @@ id,file,description,date,author,platform,type,port
|
|||
15200,platforms/php/webapps/15200.txt,"FAQMasterFlex 1.2 - SQL Injection",2010-10-04,cyb3r.anbu,php,webapps,0
|
||||
15201,platforms/windows/local/15201.rb,"SnackAmp 3.1.3B - SMP Buffer Overflow (SEH DEP Bypass)",2010-10-04,"Muhamad Fadzil Ramli",windows,local,0
|
||||
15202,platforms/win_x86/shellcode/15202.c,"Win32/XP Pro SP3 (EN) 32-bit - Add new local administrator _secuid0_ shellcode (113 bytes)",2010-10-04,"Anastasios Monachos",win_x86,shellcode,0
|
||||
15203,platforms/win_x86/shellcode/15203.c,"Win32 - Add new local administrator shellcode _secuid0_ (326 bytes)",2010-10-04,"Anastasios Monachos",win_x86,shellcode,0
|
||||
15203,platforms/win_x86/shellcode/15203.c,"Win32 - Add New Local Administrator _secuid0_ Shellcode (326 bytes)",2010-10-04,"Anastasios Monachos",win_x86,shellcode,0
|
||||
15204,platforms/php/webapps/15204.txt,"DNET Live-Stats 0.8 - Local File Inclusion",2010-10-04,blake,php,webapps,0
|
||||
15205,platforms/php/webapps/15205.txt,"Aspect Ratio CMS Blind SQL Injection",2010-10-04,"Stephan Sattler",php,webapps,0
|
||||
15206,platforms/bsd/local/15206.c,"FreeBSD - 'pseudofs' NULL Pointer Dereference Local Privilege Escalation",2010-10-04,"Babcia Padlina",bsd,local,0
|
||||
|
@ -13323,7 +13323,7 @@ id,file,description,date,author,platform,type,port
|
|||
15310,platforms/php/webapps/15310.py,"Jamb CSRF Arbitrary Add a Post",2010-10-25,Stoke,php,webapps,0
|
||||
15312,platforms/windows/local/15312.py,"Winamp 5.5.8.2985 (in_mod plugin) - Stack Overflow",2010-10-25,"Mighty-D and 7eK",windows,local,0
|
||||
15313,platforms/php/webapps/15313.txt,"Plesk Small Business Manager 10.2.0 and Site Editor - Multiple Vulnerabilities",2010-10-25,"David Hoyt",php,webapps,0
|
||||
15314,platforms/arm/shellcode/15314.asm,"ARM - Bindshell port 0x1337shellcode",2010-10-26,"Daniel Godas-Lopez",arm,shellcode,0
|
||||
15314,platforms/arm/shellcode/15314.asm,"ARM - Bindshell port 0x1337 shellcode",2010-10-26,"Daniel Godas-Lopez",arm,shellcode,0
|
||||
15315,platforms/arm/shellcode/15315.asm,"ARM - Bind Connect UDP Port 68 shellcode",2010-10-26,"Daniel Godas-Lopez",arm,shellcode,0
|
||||
15316,platforms/arm/shellcode/15316.asm,"ARM - Loader Port 0x1337 shellcode",2010-10-26,"Daniel Godas-Lopez",arm,shellcode,0
|
||||
15317,platforms/arm/shellcode/15317.asm,"ARM - ifconfig eth0 and Assign Address 192.168.0.2 shellcode",2010-10-26,"Daniel Godas-Lopez",arm,shellcode,0
|
||||
|
@ -13353,7 +13353,7 @@ id,file,description,date,author,platform,type,port
|
|||
15341,platforms/multiple/dos/15341.html,"Firefox - Interleaving document.write and appendChild Denial of Service",2010-10-28,"Daniel Veditz",multiple,dos,0
|
||||
15342,platforms/multiple/dos/15342.html,"Firefox - Memory Corruption Proof of Concept (Simplified)",2010-10-28,extraexploit,multiple,dos,0
|
||||
15343,platforms/php/webapps/15343.php,"RoSPORA <= 1.5.0 - Remote PHP Code Injection",2010-10-28,EgiX,php,webapps,0
|
||||
15344,platforms/linux/dos/15344.c,"Linux Kernel <= 2.6.36 - VIDIOCSMICROCODE IOCTL Local Memory Overwrite",2010-10-28,"Kees Cook",linux,dos,0
|
||||
15344,platforms/linux/local/15344.c,"Linux Kernel <= 2.6.36 - VIDIOCSMICROCODE IOCTL Local Memory Overwrite",2010-10-28,"Kees Cook",linux,local,0
|
||||
15345,platforms/php/webapps/15345.txt,"TFTgallery <= 0.13.1 - Local File Inclusion",2010-10-28,Havok,php,webapps,0
|
||||
15346,platforms/multiple/dos/15346.c,"Platinum SDK Library post upnp sscanf Buffer Overflow",2010-10-28,n00b,multiple,dos,0
|
||||
15347,platforms/windows/remote/15347.py,"XBMC 9.04.1r20672 soap_action_name post upnp sscanf Buffer Overflow",2010-10-28,n00b,windows,remote,0
|
||||
|
@ -13468,7 +13468,7 @@ id,file,description,date,author,platform,type,port
|
|||
15476,platforms/multiple/dos/15476.php,"IBM OmniFind Crawler Denial of Service",2010-11-09,"Fatih Kilic",multiple,dos,0
|
||||
15490,platforms/php/webapps/15490.txt,"XT:Commerce < 3.04 SP2.1 - XSS",2010-11-11,"Philipp Niedziela",php,webapps,0
|
||||
15480,platforms/windows/local/15480.pl,"Free CD to MP3 Converter 3.1 - Buffer Overflow Exploit",2010-11-10,"C4SS!0 G0M3S",windows,local,0
|
||||
15481,platforms/linux/dos/15481.c,"Linux Kernel <= 2.4.0 - Stack Infoleaks",2010-11-10,"Dan Rosenberg",linux,dos,0
|
||||
15481,platforms/linux/local/15481.c,"Linux Kernel <= 2.4.0 - Stack Infoleaks",2010-11-10,"Dan Rosenberg",linux,local,0
|
||||
15482,platforms/windows/dos/15482.html,"Qtweb Browser 3.5 - Buffer Overflow",2010-11-10,PoisonCode,windows,dos,0
|
||||
15483,platforms/windows/local/15483.rb,"Free CD to MP3 Converter 3.1 - Buffer Overflow Exploit (SEH)",2010-11-10,"C4SS!0 G0M3S",windows,local,0
|
||||
15486,platforms/php/webapps/15486.txt,"eBlog 1.7 - Multiple SQL Injection Vulnerabilities",2010-11-10,"Salvatore Fresta",php,webapps,0
|
||||
|
@ -13881,7 +13881,7 @@ id,file,description,date,author,platform,type,port
|
|||
16022,platforms/windows/dos/16022.c,"Panda Global Protection 2010 - Local DoS",2011-01-21,Heurs,windows,dos,0
|
||||
16023,platforms/windows/dos/16023.c,"Panda Global Protection 2010 - Local DoS (unfiltered wcscpy())",2011-01-21,Heurs,windows,dos,0
|
||||
16024,platforms/windows/local/16024.txt,"Microsoft Fax Cover Page Editor <= 5.2.3790.3959 Double Free Memory Corruption",2011-01-24,"Luigi Auriemma",windows,local,0
|
||||
16025,platforms/bsd_x86/shellcode/16025.c,"bsd/x86 - connect back Shellcode (81 bytes)",2011-01-21,Tosh,bsd_x86,shellcode,0
|
||||
16025,platforms/freebsd_x86/shellcode/16025.c,"FreeBSD/x86 - connect back Shellcode (81 bytes)",2011-01-21,Tosh,freebsd_x86,shellcode,0
|
||||
16026,platforms/bsd_x86/shellcode/16026.c,"BSD/x86 - 31337 portbind + fork shellcode (111 bytes)",2011-01-21,Tosh,bsd_x86,shellcode,0
|
||||
16027,platforms/php/webapps/16027.txt,"phpcms 9.0 - Blind SQL Injection",2011-01-22,eidelweiss,php,webapps,0
|
||||
16028,platforms/php/webapps/16028.txt,"cultbooking 2.0.4 - Multiple Vulnerabilities",2011-01-22,LiquidWorm,php,webapps,0
|
||||
|
@ -15817,7 +15817,7 @@ id,file,description,date,author,platform,type,port
|
|||
18225,platforms/linux/dos/18225.c,"CSF Firewall Buffer Overflow",2011-12-09,"FoX HaCkEr",linux,dos,0
|
||||
18226,platforms/linux_mips/shellcode/18226.c,"Linux/MIPS - connect back shellcode (port 0x7a69) (168 bytes)",2011-12-10,rigan,linux_mips,shellcode,0
|
||||
18227,platforms/linux_mips/shellcode/18227.c,"Linux/MIPS - reboot() shellcode (32 bytes)",2011-12-10,rigan,linux_mips,shellcode,0
|
||||
18228,platforms/linux/local/18228.sh,"Acpid 1:2.0.10-1ubuntu2 (Ubuntu 11.10/11.04) - Privilege Boundary Crossing Local Root Exploit",2011-12-10,otr,linux,local,0
|
||||
18228,platforms/linux/local/18228.sh,"Acpid 1:2.0.10-1ubuntu2 (Ubuntu 11.04/11.10) - Privilege Boundary Crossing Local Root Exploit",2011-12-10,otr,linux,local,0
|
||||
18230,platforms/php/webapps/18230.txt,"FCMS <= 2.7.2 CMS - Multiple Stored XSS",2011-12-10,"Ahmed Elhady Mohamed",php,webapps,0
|
||||
18231,platforms/php/webapps/18231.txt,"WordPress UPM-POLLS Plugin 1.0.4 - Blind SQL Injection",2011-12-11,Saif,php,webapps,0
|
||||
18232,platforms/php/webapps/18232.txt,"FCMS <= 2.7.2 CMS - Multiple CSRF Vulnerabilities",2011-12-11,"Ahmed Elhady Mohamed",php,webapps,0
|
||||
|
@ -16488,7 +16488,7 @@ id,file,description,date,author,platform,type,port
|
|||
19082,platforms/linux/dos/19082.txt,"AMD K6 Processor",1998-06-01,Poulot-Cazajous,linux,dos,0
|
||||
19083,platforms/windows/remote/19083.cpp,"Cheyenne Inoculan for Windows NT 4.0 Share",1998-06-10,"Paul Boyer",windows,remote,0
|
||||
19084,platforms/multiple/remote/19084.txt,"Metainfo Sendmail 2.0/2.5 & MetaIP 3.1",1998-06-30,"Jeff Forristal",multiple,remote,0
|
||||
19085,platforms/linux/dos/19085.c,"Linux Kernel 2.0 / 2.1 - SIGIO",1998-06-30,"David Luyer",linux,dos,0
|
||||
19085,platforms/linux/dos/19085.c,"Linux Kernel 2.0 / 2.1 - Send a SIGIO Signal To Any Process",1998-06-30,"David Luyer",linux,dos,0
|
||||
19086,platforms/linux/remote/19086.c,"wu-ftpd 2.4.2 & SCO Open Server <= 5.0.5 & ProFTPD 1.2 pre1 - realpath (1)",1999-02-09,"smiler and cossack",linux,remote,21
|
||||
19087,platforms/linux/remote/19087.c,"wu-ftpd 2.4.2 & SCO Open Server <= 5.0.5 & ProFTPD 1.2 pre1 - realpath (2)",1999-02-09,"jamez and c0nd0r",linux,remote,21
|
||||
19089,platforms/windows/dos/19089.txt,"Windows OpenType Font - File Format DoS Exploit",2012-06-12,Cr4sh,windows,dos,0
|
||||
|
@ -16661,7 +16661,7 @@ id,file,description,date,author,platform,type,port
|
|||
19269,platforms/irix/local/19269.txt,"SGI IRIX <= 6.0.1 colorview",1995-02-09,"Dave Sill",irix,local,0
|
||||
19270,platforms/linux/local/19270.c,"Debian Linux 2.0 - Super Syslog Buffer Overflow",1999-02-25,c0nd0r,linux,local,0
|
||||
19271,platforms/linux/dos/19271.c,"Linux Kernel 2.0 - TCP Port DoS",1999-01-19,"David Schwartz",linux,dos,0
|
||||
19272,platforms/linux/local/19272.txt,"Linux Kernel 2.2 - 'ldd core' Force Reboot",1999-01-26,"Dan Burcaw",linux,local,0
|
||||
19272,platforms/linux/dos/19272.txt,"Linux Kernel 2.2 - 'ldd core' Force Reboot",1999-01-26,"Dan Burcaw",linux,dos,0
|
||||
19273,platforms/irix/local/19273.sh,"SGI IRIX 6.2 - day5notifier",1997-05-16,"Mike Neuman",irix,local,0
|
||||
19274,platforms/irix/local/19274.c,"SGI IRIX <= 6.3 df",1997-05-24,"David Hedley",irix,local,0
|
||||
19275,platforms/irix/local/19275.c,"SGI IRIX <= 6.4 datman/cdman",1996-12-09,"Yuri Volobuev",irix,local,0
|
||||
|
@ -16946,7 +16946,7 @@ id,file,description,date,author,platform,type,port
|
|||
19578,platforms/windows/dos/19578.txt,"Microsoft Windows NT 4.0/SP1/SP2/SP3/SP4/SP5/SP6 - Services.exe Denial of Service (2)",1999-10-31,.rain.forest.puppy,windows,dos,0
|
||||
19673,platforms/windows/local/19673.txt,"Microsoft Windows 95/98/NT 4.0 Help File Trojan",1999-12-10,"Pauli Ojanpera",windows,local,0
|
||||
19674,platforms/sco/local/19674.c,"SCO Unixware 7.0/7.0.1/7.1/7.1.1 - Privileged Program Debugging",1999-12-10,"Brock Tellier",sco,local,0
|
||||
19675,platforms/linux/dos/19675.c,"Debian 2.1_ Linux Kernel 2.0.x_ RedHat 5.2 - Packet Length with Options",1999-12-08,"Andrea Arcangeli",linux,dos,0
|
||||
19675,platforms/linux/dos/19675.c,"Linux Kernel 2.0.x (Debian 2.1 / RedHat 5.2) - Packet Length with Options",1999-12-08,"Andrea Arcangeli",linux,dos,0
|
||||
19676,platforms/freebsd/local/19676.c,"FreeBSD 3.3_Linux Mandrake 7.0 - 'xsoldier' Buffer Overflow (1)",2000-05-17,"Brock Tellier",freebsd,local,0
|
||||
19677,platforms/linux/local/19677.c,"FreeBSD 3.3_Linux Mandrake 7.0 - 'xsoldier' Buffer Overflow (2)",2000-05-17,"Larry W. Cashdollar",linux,local,0
|
||||
19580,platforms/windows/remote/19580.txt,"Avirt Gateway Suite 3.3 a/3.5 Mail Server Buffer Overflow (1)",1999-10-31,"Luck Martins",windows,remote,0
|
||||
|
@ -17785,7 +17785,7 @@ id,file,description,date,author,platform,type,port
|
|||
20455,platforms/aix/local/20455.c,"IBM AIX 4.3.x piobe Buffer Overflow",2000-12-01,"Last Stage of Delirium",aix,local,0
|
||||
20456,platforms/windows/local/20456.c,"Microsoft SQL Server 7.0/2000_Data Engine 1.0/2000 xp_showcolv Buffer Overflow",2000-12-01,"David Litchfield",windows,local,0
|
||||
20457,platforms/windows/local/20457.c,"Microsoft SQL Server 7.0/2000_Data Engine 1.0/2000 xp_peekqueue Buffer Overflow",2000-12-01,@stake,windows,local,0
|
||||
20458,platforms/linux/local/20458.txt,"Linux Kernel 2.2.x - Non-Readable File Ptrace",2000-11-30,"Lamagra Argamal",linux,local,0
|
||||
20458,platforms/linux/local/20458.txt,"Linux Kernel 2.2.x - Non-Readable File Ptrace Local Information Leak",2000-11-30,"Lamagra Argamal",linux,local,0
|
||||
20459,platforms/windows/remote/20459.html,"Microsoft Internet Explorer 5 \'INPUT TYPE=FILE\'",2000-12-01,Key,windows,remote,0
|
||||
20460,platforms/windows/remote/20460.txt,"Microsoft Windows NT 4.0 PhoneBook Server Buffer Overflow",2000-12-04,"Alberto Solino",windows,remote,0
|
||||
20461,platforms/windows/remote/20461.txt,"Serv-U 2.4/2.5 FTP Directory Traversal",2000-12-05,Zoa_Chien,windows,remote,0
|
||||
|
@ -18685,7 +18685,7 @@ id,file,description,date,author,platform,type,port
|
|||
21404,platforms/windows/dos/21404.htm,"Microsoft Internet Explorer 5/6 Self-Referential Object Denial of Service",2002-04-20,"Matthew Murphy",windows,dos,0
|
||||
21405,platforms/cgi/webapps/21405.txt,"Jon Howell Faq-O-Matic 2.7 - Cross-Site Scripting",2002-04-20,BrainRawt,cgi,webapps,0
|
||||
21406,platforms/cgi/webapps/21406.txt,"Philip Chinery's Guestbook 1.1 Script Injection",2002-04-21,"markus arndt",cgi,webapps,0
|
||||
21407,platforms/bsd/local/21407.c,"OS X 10.x_ FreeBSD 4.x_OpenBSD 2.x_Solaris 2.5/2.6/7.0/8 exec C Library Standard I/O File Descriptor Closure",2002-04-23,phased,bsd,local,0
|
||||
21407,platforms/bsd/local/21407.c,"OS X 10.x_ FreeBSD 4.x_ OpenBSD 2.x_ Solaris 2.5/2.6/7.0/8 - exec C Library Standard I/O File Descriptor Closure",2002-04-23,phased,bsd,local,0
|
||||
21408,platforms/unix/local/21408.pl,"SLRNPull 0.9.6 Spool Directory Command Line Parameter Buffer Overflow",2002-04-22,zillion,unix,local,0
|
||||
21409,platforms/unix/dos/21409.pl,"PsyBNC 2.3 Oversized Passwords Denial of Service",2002-04-22,DVDMAN,unix,dos,0
|
||||
21410,platforms/windows/remote/21410.pl,"Matu FTP 1.74 Client Buffer Overflow",2002-04-23,Kanatoko,windows,remote,0
|
||||
|
@ -18874,7 +18874,7 @@ id,file,description,date,author,platform,type,port
|
|||
21595,platforms/windows/remote/21595.c,"Nullsoft Winamp 2.80 - Automatic Update Check Buffer Overflow",2002-07-03,anonymous,windows,remote,0
|
||||
21596,platforms/osx/remote/21596.txt,"MacOS X 10.1.x SoftwareUpdate Arbitrary Package Installation",2002-07-08,"Russell Harding",osx,remote,0
|
||||
21597,platforms/windows/remote/21597.txt,"Key Focus KF Web Server 1.0.2 - Directory Contents Disclosure",2002-07-08,Securiteinfo.com,windows,remote,0
|
||||
21598,platforms/linux/local/21598.c,"Linux Kernel 2.4.18/19 - Privileged File Descriptor Resource Exhaustion",2002-07-08,"Paul Starzetz",linux,local,0
|
||||
21598,platforms/linux/dos/21598.c,"Linux Kernel 2.4.18/19 - Privileged File Descriptor Resource Exhaustion",2002-07-08,"Paul Starzetz",linux,dos,0
|
||||
21599,platforms/windows/remote/21599.txt,"Working Resources BadBlue 1.7.3 - cleanSearchString() Cross-Site Scripting",2002-07-08,"Matthew Murphy",windows,remote,0
|
||||
21600,platforms/windows/dos/21600.txt,"Working Resources BadBlue 1.7.3 - Get Request Denial of Service",2002-07-08,"Matthew Murphy",windows,dos,0
|
||||
21601,platforms/windows/remote/21601.c,"Microsoft Foundation Class Library 7.0 ISAPI Buffer Overflow",2002-07-08,"Matthew Murphy",windows,remote,0
|
||||
|
@ -19612,8 +19612,8 @@ id,file,description,date,author,platform,type,port
|
|||
22359,platforms/multiple/dos/22359.xsl,"Sun JDK/SDK 1.3/1.4_IBM JDK 1.3.1_BEA Systems WebLogic 5/6/7 java.util.zip Null Value Denial of Service (2)",2003-03-15,"Marc Schoenefeld",multiple,dos,0
|
||||
22360,platforms/multiple/dos/22360.java,"Sun JDK/SDK 1.3/1.4_IBM JDK 1.3.1_BEA Systems WebLogic 5/6/7 java.util.zip Null Value Denial of Service (3)",2003-03-15,"Marc Schoenefeld",multiple,dos,0
|
||||
22361,platforms/linux/remote/22361.cpp,"Qpopper 3/4 Username Information Disclosure Weakness",2003-03-11,plasmahh,linux,remote,0
|
||||
22362,platforms/linux/local/22362.c,"Linux Kernel 2.2.x / 2.4.x - Privileged Process Hijacking (1)",2003-03-17,anszom@v-lo.krakow.pl,linux,local,0
|
||||
22363,platforms/linux/local/22363.c,"Linux Kernel 2.2.x / 2.4.x - Privileged Process Hijacking (2)",2003-04-10,"Wojciech Purczynski",linux,local,0
|
||||
22362,platforms/linux/local/22362.c,"Linux Kernel 2.2.x / 2.4.x - Privileged Process Hijacking Local Root Exploit (1)",2003-03-17,anszom@v-lo.krakow.pl,linux,local,0
|
||||
22363,platforms/linux/local/22363.c,"Linux Kernel 2.2.x / 2.4.x - Privileged Process Hijacking Local Root Exploit (2)",2003-04-10,"Wojciech Purczynski",linux,local,0
|
||||
22364,platforms/cgi/webapps/22364.c,"Outblaze Webmail - Cookie Authentication Bypass",2003-03-17,"dong-h0un U",cgi,webapps,0
|
||||
22365,platforms/windows/remote/22365.pl,"Microsoft Windows XP/2000/NT 4 IIS 5.0 WebDAV - ntdll.dll Buffer Overflow (1)",2003-03-24,mat,windows,remote,0
|
||||
22366,platforms/windows/remote/22366.c,"Microsoft Windows XP/2000/NT 4 IIS 5.0 WebDAV - ntdll.dll Buffer Overflow (2)",2003-03-31,ThreaT,windows,remote,0
|
||||
|
@ -20079,7 +20079,7 @@ id,file,description,date,author,platform,type,port
|
|||
22837,platforms/windows/remote/22837.c,"Microsoft Windows 2000/NT 4 Media Services NSIISlog.DLL Remote Buffer Overflow",2003-06-25,firew0rker,windows,remote,0
|
||||
22838,platforms/windows/remote/22838.txt,"BRS WebWeaver 1.0 Error Page Cross-Site Scripting",2003-06-26,"Carsten H. Eiram",windows,remote,0
|
||||
22839,platforms/linux/dos/22839.c,"methane IRCd 0.1.1 - Remote Format String",2003-06-27,Dinos,linux,dos,0
|
||||
22840,platforms/linux/local/22840.c,"Linux Kernel 2.4 - suid execve() System Call Race Condition PoC",2003-06-26,IhaQueR,linux,local,0
|
||||
22840,platforms/linux/local/22840.c,"Linux Kernel 2.4 - suid execve() System Call Race Condition Executable File Read Proof of Concept",2003-06-26,IhaQueR,linux,local,0
|
||||
22841,platforms/php/webapps/22841.txt,"iXmail 0.2/0.3 iXmail_NetAttach.php File Deletion",2003-06-26,leseulfrog,php,webapps,0
|
||||
22842,platforms/php/webapps/22842.txt,"CutePHP CuteNews 1.3 HTML Injection",2003-06-29,"Peter Winter-Smith",php,webapps,0
|
||||
22843,platforms/cgi/webapps/22843.txt,"MegaBook 1.1/2.0/2.1 - Multiple HTML Injection Vulnerabilities",2003-06-29,"Morning Wood",cgi,webapps,0
|
||||
|
@ -21238,7 +21238,7 @@ id,file,description,date,author,platform,type,port
|
|||
24040,platforms/multiple/remote/24040.txt,"PISG 0.54 IRC Nick HTML Injection",2004-04-22,shr3kst3r,multiple,remote,0
|
||||
24041,platforms/multiple/remote/24041.c,"Epic Games Unreal Tournament Engine 3 - UMOD Manifest.INI Remote Arbitrary File Overwrite",2004-04-22,"Luigi Auriemma",multiple,remote,0
|
||||
24042,platforms/windows/dos/24042.txt,"Yahoo! Messenger 5.6 YInsthelper.DLL Multiple Buffer Overflow Vulnerabilities",2004-04-23,"Rafel Ivgi The-Insider",windows,dos,0
|
||||
24043,platforms/linux/local/24043.c,"Linux Kernel 2.5.x / 2.6.x - CPUFreq Proc Handler Integer Handling",2004-04-23,"Brad Spengler",linux,local,0
|
||||
24043,platforms/linux/local/24043.c,"Linux Kernel 2.5.x / 2.6.x - CPUFreq Proc Handler Integer Handling Memory Read",2004-04-23,"Brad Spengler",linux,local,0
|
||||
24044,platforms/php/webapps/24044.txt,"phpLiteAdmin <= 1.9.3 - Remote PHP Code Injection",2013-01-11,L@usch,php,webapps,0
|
||||
24045,platforms/java/remote/24045.rb,"Java Applet JMX - Remote Code Execution (1)",2013-01-11,Metasploit,java,remote,0
|
||||
24049,platforms/asp/webapps/24049.txt,"PW New Media Network Modular Site Management System 0.2.1 - Ver.asp Information Disclosure",2004-04-23,CyberTalon,asp,webapps,0
|
||||
|
@ -21639,7 +21639,7 @@ id,file,description,date,author,platform,type,port
|
|||
24456,platforms/php/webapps/24456.txt,"glossword 1.8.12 - Multiple Vulnerabilities",2013-02-05,AkaStep,php,webapps,0
|
||||
24457,platforms/php/webapps/24457.txt,"Glossword 1.8.3 - SQL Injection",2013-02-05,AkaStep,php,webapps,0
|
||||
24458,platforms/linux/local/24458.txt,"Oracle Automated Service Manager 1.3 - Installation Local Privilege Escalation",2013-02-05,"Larry W. Cashdollar",linux,local,0
|
||||
24459,platforms/linux/dos/24459.sh,"Linux Kernel <= 2.6.32-5 (Debian 6.0.5) - /dev/ptmx Key Stroke Timing Local Disclosure",2013-02-05,vladz,linux,dos,0
|
||||
24459,platforms/linux/local/24459.sh,"Linux Kernel <= 2.6.32-5 (Debian 6.0.5) - /dev/ptmx Key Stroke Timing Local Disclosure",2013-02-05,vladz,linux,local,0
|
||||
24461,platforms/windows/remote/24461.rb,"VMWare OVF Tools - Format String (2)",2013-02-12,Metasploit,windows,remote,0
|
||||
24462,platforms/php/webapps/24462.txt,"Hiverr 2.2 - Multiple Vulnerabilities",2013-02-06,xStarCode,php,webapps,0
|
||||
24463,platforms/windows/dos/24463.txt,"Cool PDF Reader 3.0.2.256 - Buffer Overflow",2013-02-07,"Chris Gabriel",windows,dos,0
|
||||
|
@ -21885,7 +21885,7 @@ id,file,description,date,author,platform,type,port
|
|||
24725,platforms/multiple/remote/24725.php,"Trend Micro ScanMail for Domino 2.51/2.6 - Remote File Disclosure",2004-11-05,DokFLeed,multiple,remote,0
|
||||
24726,platforms/windows/dos/24726.txt,"Software602 602 LAN Suite Multiple Remote Denial of Service Vulnerabilities",2004-11-06,"Luigi Auriemma",windows,dos,0
|
||||
24727,platforms/windows/remote/24727.txt,"Microsoft Internet Explorer 6.0 - Local Resource Enumeration",2004-11-08,"Benjamin Tobias Franz",windows,remote,0
|
||||
24728,platforms/windows/remote/24728.txt,"Microsoft Internet Explorer 6.0_ Firefox 0.x_Netscape 7.x - IMG Tag Multiple Vulnerabilities",2004-11-10,"Wolfgang Schwarz",windows,remote,0
|
||||
24728,platforms/windows/remote/24728.txt,"Microsoft Internet Explorer 6.0 / Firefox 0.x / Netscape 7.x - IMG Tag Multiple Vulnerabilities",2004-11-10,"Wolfgang Schwarz",windows,remote,0
|
||||
24729,platforms/php/webapps/24729.txt,"webcalendar 0.9.x - Multiple Vulnerabilities",2004-11-10,"Joxean Koret",php,webapps,0
|
||||
24730,platforms/multiple/remote/24730.txt,"04webserver 1.42 - Multiple Vulnerabilities",2004-11-10,"Tan Chew Keong",multiple,remote,0
|
||||
24731,platforms/php/webapps/24731.txt,"Aztek Forum 4.0 - Multiple Input Validation Vulnerabilities",2004-11-12,"benji lemien",php,webapps,0
|
||||
|
@ -22375,7 +22375,7 @@ id,file,description,date,author,platform,type,port
|
|||
25231,platforms/windows/dos/25231.txt,"Microsoft Windows 2000/2003/XP Graphical Device Interface Library Denial of Service",2005-03-17,"Hongzhen Zhou",windows,dos,0
|
||||
25232,platforms/php/webapps/25232.txt,"McNews 1.x Install.php Arbitrary File Include",2005-03-17,"Jonathan Whiteley",php,webapps,0
|
||||
25233,platforms/asp/webapps/25233.txt,"ACS Blog 0.8/0.9/1.0/1.1 - Search.ASP Cross-Site Scripting",2005-03-17,"farhad koosha",asp,webapps,0
|
||||
25234,platforms/linux/local/25234.sh,"Linux Kernel 2.4.x / 2.6.x - Multiple Unspecified ISO9660 Filesystem Handling Vulnerabilities",2005-03-17,"Michal Zalewski",linux,local,0
|
||||
25234,platforms/linux/dos/25234.sh,"Linux Kernel 2.4.x / 2.6.x - Multiple Unspecified ISO9660 Filesystem Handling Vulnerabilities",2005-03-17,"Michal Zalewski",linux,dos,0
|
||||
25235,platforms/php/webapps/25235.txt,"Subdreamer 1.0 - SQL Injection",2005-03-18,"GHC team",php,webapps,0
|
||||
25236,platforms/php/webapps/25236.html,"PHPOpenChat 3.0.1 - Multiple HTML Injection Vulnerabilities",2005-03-18,"PersianHacker Team",php,webapps,0
|
||||
25237,platforms/php/webapps/25237.txt,"RunCMS 1.1 Database Configuration Information Disclosure",2005-03-18,"Majid NT",php,webapps,0
|
||||
|
@ -22427,7 +22427,7 @@ id,file,description,date,author,platform,type,port
|
|||
25284,platforms/php/webapps/25284.txt,"Nuke Bookmarks 0.6 Marks.php SQL Injection",2005-03-26,"Gerardo Astharot Di Giacomo",php,webapps,0
|
||||
25285,platforms/php/webapps/25285.txt,"MagicScripts E-Store Kit-2 PayPal Edition Cross-Site Scripting",2005-03-26,Dcrab,php,webapps,0
|
||||
25286,platforms/php/webapps/25286.txt,"MagicScripts E-Store Kit-2 PayPal Edition Remote File Include",2005-03-26,Dcrab,php,webapps,0
|
||||
25287,platforms/linux/local/25287.c,"Linux Kernel 2.4.x / 2.6.x - Bluetooth Signed Buffer Index (Proof of Concept) (1)",2005-03-28,"ilja van sprundel",linux,local,0
|
||||
25287,platforms/linux/dos/25287.c,"Linux Kernel 2.4.x / 2.6.x - Bluetooth Signed Buffer Index (Proof of Concept) (1)",2005-03-28,"ilja van sprundel",linux,dos,0
|
||||
25288,platforms/linux/local/25288.c,"Linux Kernel 2.4.x / 2.6.x - Bluetooth Signed Buffer Index Local Root (2)",2005-04-08,qobaiashi,linux,local,0
|
||||
25289,platforms/linux/local/25289.c,"Linux Kernel <= 2.4.30 / <= 2.6.11.5 - Bluetooth bluez_sock_create Local Root",2005-10-19,backdoored.net,linux,local,0
|
||||
25291,platforms/multiple/remote/25291.txt,"Tincat Network Library Remote Buffer Overflow",2005-03-28,"Luigi Auriemma",multiple,remote,0
|
||||
|
@ -22630,7 +22630,7 @@ id,file,description,date,author,platform,type,port
|
|||
25494,platforms/php/webapps/25494.txt,"ProfitCode Software PayProCart 3.0 AdminShop ProMod Cross-Site Scripting",2005-04-21,Lostmon,php,webapps,0
|
||||
25495,platforms/php/webapps/25495.txt,"ProfitCode Software PayProCart 3.0 AdminShop MMActionComm Cross-Site Scripting",2005-04-21,Lostmon,php,webapps,0
|
||||
25496,platforms/php/webapps/25496.txt,"php-Charts 1.0 - Code Execution",2013-05-17,"fizzle stick",php,webapps,0
|
||||
25497,platforms/lin_x86/shellcode/25497.c,"Linux/x86 - Reverse TCP Bind Shellcode (92 bytes)",2013-05-17,"Russell Willis",lin_x86,shellcode,0
|
||||
25497,platforms/lin_x86/shellcode/25497.c,"Linux/x86 - Reverse TCP Bind 192.168.1.10:31337 Shellcode (92 bytes)",2013-05-17,"Russell Willis",lin_x86,shellcode,0
|
||||
25498,platforms/asp/webapps/25498.txt,"ASPNuke 0.80 Comments.ASP SQL Injection",2005-04-22,Dcrab,asp,webapps,0
|
||||
25499,platforms/linux/dos/25499.py,"nginx 1.3.9-1.4.0 - DoS PoC",2013-05-17,"Mert SARICA",linux,dos,0
|
||||
25500,platforms/asp/webapps/25500.txt,"ASPNuke 0.80 Detail.ASP SQL Injection",2005-04-22,Dcrab,asp,webapps,0
|
||||
|
@ -22784,7 +22784,7 @@ id,file,description,date,author,platform,type,port
|
|||
25644,platforms/php/webapps/25644.txt,"e107 Website System 0.617 Request.php Directory Traversal",2005-05-10,Heintz,php,webapps,0
|
||||
25645,platforms/php/webapps/25645.txt,"e107 Website System 0.617 Forum_viewforum.php SQL Injection",2005-05-10,Heintz,php,webapps,0
|
||||
25646,platforms/windows/remote/25646.txt,"MyServer 0.8 - Cross-Site Scripting",2005-05-10,dr_insane,windows,remote,0
|
||||
25647,platforms/linux/local/25647.sh,"Linux Kernel 2.2.x / 2.3.x / 2.4.x / 2.5.x / 2.6.x - ELF Core Dump Local Buffer Overflow",2005-05-11,"Paul Starzetz",linux,local,0
|
||||
25647,platforms/linux/dos/25647.sh,"Linux Kernel 2.2.x / 2.3.x / 2.4.x / 2.5.x / 2.6.x - ELF Core Dump Local Buffer Overflow",2005-05-11,"Paul Starzetz",linux,dos,0
|
||||
25648,platforms/cgi/remote/25648.txt,"neteyes nexusway border gateway - Multiple Vulnerabilities",2005-05-11,pokley,cgi,remote,0
|
||||
25649,platforms/cgi/webapps/25649.txt,"showoff! digital media software 1.5.4 - Multiple Vulnerabilities",2011-05-11,dr_insane,cgi,webapps,0
|
||||
25650,platforms/php/webapps/25650.txt,"Open Solution Quick.Cart 0.3 Index.php Cross-Site Scripting",2005-05-11,Lostmon,php,webapps,0
|
||||
|
@ -32061,7 +32061,7 @@ id,file,description,date,author,platform,type,port
|
|||
35582,platforms/php/webapps/35582.txt,"ProjectSend r561 - Multiple Vulnerabilities",2014-12-19,TaurusOmar,php,webapps,80
|
||||
35583,platforms/php/webapps/35583.txt,"Piwigo 2.7.2 - Multiple Vulnerabilities",2014-12-19,TaurusOmar,php,webapps,80
|
||||
35584,platforms/php/webapps/35584.txt,"GQ File Manager 0.2.5 - Multiple Vulnerabilities",2014-12-19,TaurusOmar,php,webapps,80
|
||||
35586,platforms/lin_x86-64/shellcode/35586.c,"Linux/x86-64 - Bind TCP port shellcode (81 bytes / 96 bytes with password)",2014-12-22,"Sean Dillon",lin_x86-64,shellcode,0
|
||||
35586,platforms/lin_x86-64/shellcode/35586.c,"Linux/x86-64 - Bind TCP 4444 Port Shellcode (81 bytes / 96 bytes with password)",2014-12-22,"Sean Dillon",lin_x86-64,shellcode,0
|
||||
35585,platforms/php/webapps/35585.txt,"Codiad 2.4.3 - Multiple Vulnerabilities",2014-12-19,TaurusOmar,php,webapps,80
|
||||
35587,platforms/lin_x86-64/shellcode/35587.c,"Linux/x86-64 - Reverse TCP connect shellcode (77 to 85 bytes / 90 to 98 bytes with password)",2014-12-22,"Sean Dillon",lin_x86-64,shellcode,0
|
||||
35588,platforms/php/remote/35588.rb,"Lotus Mail Encryption Server (Protector for Mail) - LFI to RCE",2014-12-22,"Patrick Webster",php,remote,9000
|
||||
|
@ -32826,7 +32826,7 @@ id,file,description,date,author,platform,type,port
|
|||
36395,platforms/lin_x86/shellcode/36395.c,"Linux/x86 - Obfuscated execve(_/bin/sh_) shellcode (40 bytes)",2015-03-16,"Maximiliano Gomez Vidal",lin_x86,shellcode,0
|
||||
36481,platforms/php/webapps/36481.txt,"WordPress TheCartPress Plugin 1.6 'OptionsPostsList.php' Cross Site Scripting",2011-12-31,6Scan,php,webapps,0
|
||||
36397,platforms/lin_x86/shellcode/36397.c,"Linux/x86 - Reverse TCP Shell shellcode (72 bytes)",2015-03-16,"Maximiliano Gomez Vidal",lin_x86,shellcode,0
|
||||
36398,platforms/lin_x86/shellcode/36398.c,"Linux/x86 - TCP Bind Shel shellcode l (96 bytes)",2015-03-16,"Maximiliano Gomez Vidal",lin_x86,shellcode,0
|
||||
36398,platforms/lin_x86/shellcode/36398.c,"Linux/x86 - TCP Bind Shell 33333 Port Shellcode (96 bytes)",2015-03-16,"Maximiliano Gomez Vidal",lin_x86,shellcode,0
|
||||
36407,platforms/php/webapps/36407.txt,"Elxis CMS 2009 administrator/index.php URI XSS",2011-12-05,"Ewerson Guimaraes",php,webapps,0
|
||||
36408,platforms/php/webapps/36408.txt,"WordPress Pretty Link Plugin 1.5.2 - 'pretty-bar.php' Cross Site Scripting",2011-12-06,Am!r,php,webapps,0
|
||||
36410,platforms/php/webapps/36410.txt,"Simple Machines Forum 1.1.15 - 'fckeditor' Arbitrary File Upload",2011-12-06,HELLBOY,php,webapps,0
|
||||
|
@ -33104,7 +33104,7 @@ id,file,description,date,author,platform,type,port
|
|||
36689,platforms/linux/webapps/36689.txt,"BOA Web Server 0.94.8.2 - Arbitrary File Access",2000-12-19,llmora,linux,webapps,0
|
||||
36690,platforms/linux/remote/36690.rb,"Barracuda Firmware <= 5.0.0.012 - Post Auth Remote Root exploit",2015-04-09,xort,linux,remote,8000
|
||||
36691,platforms/php/webapps/36691.txt,"WordPress Windows Desktop and iPhone Photo Uploader Plugin Arbitrary File Upload",2015-04-09,"Manish Tanwar",php,webapps,80
|
||||
36692,platforms/osx/local/36692.py,"Mac OS X < 10.7.5/10.8.2/10.9.5/10.10.2 - 'rootpipe' Privilege Escalation",2015-04-09,"Emil Kvarnhammar",osx,local,0
|
||||
36692,platforms/osx/local/36692.py,"Mac OS X < 10.7.5/10.8.2/10.9.5/10.10.2 - 'Rootpipe' Privilege Escalation",2015-04-09,"Emil Kvarnhammar",osx,local,0
|
||||
36693,platforms/php/webapps/36693.txt,"RabbitWiki 'title' Parameter Cross Site Scripting",2012-02-10,sonyy,php,webapps,0
|
||||
36694,platforms/php/webapps/36694.txt,"eFront Community++ 3.6.10 SQL Injection and Multiple HTML Injection Vulnerabilities",2012-02-12,"Benjamin Kunz Mejri",php,webapps,0
|
||||
36695,platforms/php/webapps/36695.txt,"Zimbra 'view' Parameter Cross Site Scripting",2012-02-13,sonyy,php,webapps,0
|
||||
|
@ -34087,7 +34087,7 @@ id,file,description,date,author,platform,type,port
|
|||
37950,platforms/php/webapps/37950.txt,"jCore /admin/index.php path Parameter XSS",2012-10-17,"High-Tech Bridge",php,webapps,0
|
||||
37951,platforms/windows/remote/37951.py,"Easy File Sharing Web Server 6.9 - USERID Remote Buffer Overflow",2015-08-24,"Tracy Turben",windows,remote,0
|
||||
37757,platforms/multiple/webapps/37757.py,"Geoserver < 2.7.1.1 / < 2.6.4 / < 2.5.5.1 - XXE Exploit",2015-08-12,"David Bloom",multiple,webapps,0
|
||||
37758,platforms/win_x86/shellcode/37758.c,"Windows x86 - user32!MessageBox _Hello World!_ Null-Free shellcode (199 bytes)",2015-08-12,noviceflux,win_x86,shellcode,0
|
||||
37758,platforms/win_x86/shellcode/37758.c,"Windows x86 - user32!MessageBox _Hello World!_ Null Free Shellcode (199 bytes)",2015-08-12,noviceflux,win_x86,shellcode,0
|
||||
37759,platforms/linux/dos/37759.py,"NeuroServer 0.7.4 - (EEG TCP/IP Transceiver) Remote DoS",2015-08-12,nitr0us,linux,dos,0
|
||||
37760,platforms/windows/local/37760.rb,"PDF Shaper 3.5 - Buffer Overflow",2015-08-12,metacom,windows,local,0
|
||||
37761,platforms/ios/webapps/37761.txt,"Printer Pro 5.4.3 IOS - Persistent Cross Site Scripting",2015-08-12,"Taurus Omar",ios,webapps,0
|
||||
|
@ -34378,13 +34378,13 @@ id,file,description,date,author,platform,type,port
|
|||
38062,platforms/multiple/webapps/38062.txt,"Forescout CounterACT 'a' Parameter Open Redirection",2012-11-26,"Joseph Sheridan",multiple,webapps,0
|
||||
38063,platforms/php/webapps/38063.txt,"WordPress Wp-ImageZoom Theme 'id' Parameter SQL Injection",2012-11-26,Amirh03in,php,webapps,0
|
||||
38064,platforms/php/webapps/38064.txt,"WordPress CStar Design 'id' Parameter SQL Injection",2012-11-27,Amirh03in,php,webapps,0
|
||||
38065,platforms/osx/shellcode/38065.txt,"OS-X/x86-64 - /bin/sh Shellcode NULL Byte Free (34 bytes)",2015-09-02,"Fitzl Csaba",osx,shellcode,0
|
||||
38065,platforms/osx/shellcode/38065.txt,"OS-X/x86-64 - /bin/sh Null Free Shellcode (34 bytes)",2015-09-02,"Fitzl Csaba",osx,shellcode,0
|
||||
38068,platforms/php/webapps/38068.txt,"MantisBT 1.2.19 - Host Header Attack",2015-09-02,"Pier-Luc Maltais",php,webapps,80
|
||||
38071,platforms/php/webapps/38071.rb,"YesWiki 0.2 - Path Traversal",2015-09-02,HaHwul,php,webapps,80
|
||||
38072,platforms/windows/dos/38072.py,"SphereFTP Server 2.0 - Crash PoC",2015-09-02,"Meisam Monsef",windows,dos,21
|
||||
38073,platforms/hardware/webapps/38073.html,"GPON Home Router FTP G-93RG1 - CSRF Command Execution",2015-09-02,"Phan Thanh Duy",hardware,webapps,80
|
||||
38074,platforms/php/webapps/38074.txt,"Cerb 7.0.3 - CSRF",2015-09-02,"High-Tech Bridge SA",php,webapps,80
|
||||
38075,platforms/system_z/shellcode/38075.txt,"Mainframe/System Z - Bind Shell shellcode (2488 bytes)",2015-09-02,"Bigendian Smalls",system_z,shellcode,0
|
||||
38075,platforms/system_z/shellcode/38075.txt,"Mainframe/System Z - Bind Shell Port 12345 Shellcode (2488 bytes)",2015-09-02,"Bigendian Smalls",system_z,shellcode,0
|
||||
38086,platforms/php/webapps/38086.html,"WordPress Contact Form Generator <= 2.0.1 - Multiple CSRF Vulnerabilities",2015-09-06,"i0akiN SEC-LABORATORY",php,webapps,80
|
||||
38076,platforms/php/webapps/38076.txt,"BigDump 0.29b and 0.32b - Multiple Vulnerabilities",2012-11-28,Ur0b0r0x,php,webapps,0
|
||||
38077,platforms/php/webapps/38077.txt,"WordPress Toolbox Theme 'mls' Parameter SQL Injection",2012-11-29,"Ashiyane Digital Security Team",php,webapps,0
|
||||
|
@ -34427,7 +34427,7 @@ id,file,description,date,author,platform,type,port
|
|||
38123,platforms/php/dos/38123.txt,"PHP Session Deserializer Use-After-Free",2015-09-09,"Taoguang Chen",php,dos,0
|
||||
38124,platforms/android/remote/38124.py,"Android Stagefright - Remote Code Execution",2015-09-09,"Joshua J. Drake",android,remote,0
|
||||
38125,platforms/php/dos/38125.txt,"PHP unserialize() Use-After-Free Vulnerabilities",2015-09-09,"Taoguang Chen",php,dos,0
|
||||
38126,platforms/osx/shellcode/38126.c,"OS-X/x86-64 - tcp bind shellcode_ NULL byte free (144 bytes)",2015-09-10,"Fitzl Csaba",osx,shellcode,0
|
||||
38126,platforms/osx/shellcode/38126.c,"OS-X/x86-64 - tcp 4444 port bind Nullfree shellcode (144 bytes)",2015-09-10,"Fitzl Csaba",osx,shellcode,0
|
||||
38127,platforms/php/webapps/38127.php,"php - cgimode fpm writeprocmemfile bypass disable function demo",2015-09-10,ylbhz,php,webapps,0
|
||||
38128,platforms/cgi/webapps/38128.txt,"Synology Video Station 1.5-0757 - Multiple Vulnerabilities",2015-09-10,"Han Sahin",cgi,webapps,5000
|
||||
38129,platforms/php/webapps/38129.txt,"Octogate UTM 3.0.12 - Admin Interface Directory Traversal",2015-09-10,"Oliver Karow",php,webapps,0
|
||||
|
@ -34641,7 +34641,7 @@ id,file,description,date,author,platform,type,port
|
|||
38350,platforms/hardware/webapps/38350.txt,"Western Digital My Cloud 04.01.03-421_ 04.01.04-422 - Command Injection",2015-09-29,absane,hardware,webapps,0
|
||||
38351,platforms/asp/webapps/38351.txt,"Kaseya Virtual System Administrator - Multiple Vulnerabilities (2)",2015-09-29,"Pedro Ribeiro",asp,webapps,0
|
||||
38352,platforms/windows/remote/38352.rb,"ManageEngine EventLog Analyzer Remote Code Execution",2015-09-29,Metasploit,windows,remote,8400
|
||||
38353,platforms/linux/local/38353.txt,"Ubuntu Apport - Local Privilege Escalation",2015-09-29,halfdog,linux,local,0
|
||||
38353,platforms/linux/local/38353.txt,"Apport 2.19 (Ubuntu 15.04) - Local Privilege Escalation",2015-09-29,halfdog,linux,local,0
|
||||
38354,platforms/php/webapps/38354.txt,"Plogger Multiple Input Validation Vulnerabilities",2013-03-02,"Saadat Ullah",php,webapps,0
|
||||
38355,platforms/php/webapps/38355.txt,"WordPress Uploader Plugin 'blog' Parameter Cross Site Scripting",2013-03-01,CodeV,php,webapps,0
|
||||
38356,platforms/hardware/remote/38356.txt,"Foscam Prior to 11.37.2.49 Directory Traversal",2013-03-01,"Frederic Basse",hardware,remote,0
|
||||
|
@ -34752,7 +34752,7 @@ id,file,description,date,author,platform,type,port
|
|||
38464,platforms/hardware/remote/38464.txt,"Cisco Linksys EA2700 Router Multiple Security Vulnerabilities",2013-04-15,"Phil Purviance",hardware,remote,0
|
||||
38465,platforms/linux/dos/38465.txt,"Linux Kernel <= 3.2.1 - Tracing Mutiple Local Denial of Service Vulnerabilities",2013-04-15,anonymous,linux,dos,0
|
||||
38467,platforms/windows/local/38467.py,"AdobeWorkgroupHelper 2.8.3.3 - Stack Based Buffer Overflow",2015-10-15,hyp3rlinx,windows,local,0
|
||||
38469,platforms/lin_x86-64/shellcode/38469.c,"Linux/x86-64 - Bindshell with Password shellcode (92 bytes)",2015-10-15,d4sh&r,lin_x86-64,shellcode,0
|
||||
38469,platforms/lin_x86-64/shellcode/38469.c,"Linux/x86-64 - Bindshell 31173 port with Password shellcode (92 bytes)",2015-10-15,d4sh&r,lin_x86-64,shellcode,0
|
||||
38470,platforms/hardware/webapps/38470.txt,"netis RealTek Wireless Router / ADSL Modem - Multiple Vulnerabilities",2015-10-15,"Karn Ganeshen",hardware,webapps,0
|
||||
38471,platforms/hardware/webapps/38471.txt,"PROLiNK H5004NK ADSL Wireless Modem - Multiple Vulnerabilities",2015-10-15,"Karn Ganeshen",hardware,webapps,0
|
||||
38472,platforms/windows/local/38472.py,"Blat.exe 2.7.6 SMTP / NNTP Mailer - Buffer Overflow",2015-10-15,hyp3rlinx,windows,local,0
|
||||
|
@ -35216,7 +35216,7 @@ id,file,description,date,author,platform,type,port
|
|||
38956,platforms/php/webapps/38956.txt,"Command School Student Management System /sw/backup/backup_ray2.php Database Backup Direct Request Information Disclosure",2014-01-07,"AtT4CKxT3rR0r1ST ",php,webapps,0
|
||||
38957,platforms/php/webapps/38957.html,"Command School Student Management System /sw/admin_change_password.php Admin Password Manipulation CSRF",2014-01-07,"AtT4CKxT3rR0r1ST ",php,webapps,0
|
||||
38958,platforms/php/webapps/38958.html,"Command School Student Management System /sw/add_topic.php Topic Creation CSRF",2014-01-07,"AtT4CKxT3rR0r1ST ",php,webapps,0
|
||||
38959,platforms/generator/shellcode/38959.py,"Windows XP < 10 - Null-Free WinExec Shellcode (Python) (Generator)",2015-12-13,B3mB4m,generator,shellcode,0
|
||||
38959,platforms/generator/shellcode/38959.py,"Windows XP < 10 - WinExec Null Free Shellcode (Python) (Generator)",2015-12-13,B3mB4m,generator,shellcode,0
|
||||
38965,platforms/php/webapps/38965.txt,"ECommerceMajor - (productdtl.php_ prodid param) SQL Injection",2015-12-14,"Rahul Pratap Singh",php,webapps,80
|
||||
38966,platforms/php/webapps/38966.txt,"WordPress Admin Management Xtended Plugin 2.4.0 - Privilege escalation",2015-12-14,"Kacper Szurek",php,webapps,80
|
||||
39096,platforms/php/webapps/39096.txt,"i-doit Pro 'objID' Parameter SQL Injection",2014-02-17,"Stephan Rickauer",php,webapps,0
|
||||
|
@ -35400,8 +35400,8 @@ id,file,description,date,author,platform,type,port
|
|||
39227,platforms/hardware/remote/39227.txt,"FingerTec Fingerprint Reader - Remote Access and Remote Enrollment",2016-01-12,"Daniel Lawson",hardware,remote,0
|
||||
39149,platforms/lin_x86-64/shellcode/39149.c,"Linux/x86-64 - Bind TCP Port Shellcode (103 bytes)",2016-01-01,Scorpion_,lin_x86-64,shellcode,0
|
||||
39150,platforms/php/webapps/39150.txt,"Open Audit SQL Injection",2016-01-02,"Rahul Pratap Singh",php,webapps,0
|
||||
39151,platforms/lin_x86-64/shellcode/39151.c,"Linux/x86-64 - bind TCP port shellcode (103 bytes)",2016-01-02,Scorpion_,lin_x86-64,shellcode,0
|
||||
39152,platforms/lin_x86-64/shellcode/39152.c,"Linux/x86-64 - TCP Bindshell with Password Prompt shellcode (162 bytes)",2016-01-02,"Sathish kumar",lin_x86-64,shellcode,0
|
||||
39151,platforms/lin_x86-64/shellcode/39151.c,"Linux/x86-64 - Bind TCP 4444 Port Shellcode (103 bytes)",2016-01-02,Scorpion_,lin_x86-64,shellcode,0
|
||||
39152,platforms/lin_x86-64/shellcode/39152.c,"Linux/x86-64 - TCP 4444 port Bindshell with Password Prompt shellcode (162 bytes)",2016-01-02,"Sathish kumar",lin_x86-64,shellcode,0
|
||||
39153,platforms/php/webapps/39153.txt,"iDevAffiliate 'idevads.php' SQL Injection",2014-04-22,"Robert Cooper",php,webapps,0
|
||||
39154,platforms/hardware/remote/39154.txt,"Comtrend CT-5361T Router password.cgi Admin Password Manipulation CSRF",2014-04-21,"TUNISIAN CYBER",hardware,remote,0
|
||||
39155,platforms/linux/remote/39155.txt,"lxml 'clean_html' Function Security Bypass",2014-04-15,"Maksim Kochkin",linux,remote,0
|
||||
|
@ -35748,7 +35748,7 @@ id,file,description,date,author,platform,type,port
|
|||
39516,platforms/windows/dos/39516.py,"Quick Tftp Server Pro 2.3 - Read Mode Denial of Service",2016-03-02,"Guillaume Kaddouch",windows,dos,69
|
||||
39517,platforms/windows/dos/39517.py,"Freeproxy Internet Suite 4.10 - Denial of Service",2016-03-02,"Guillaume Kaddouch",windows,dos,8080
|
||||
39518,platforms/windows/dos/39518.txt,"PictureTrails Photo Editor GE.exe 2.0.0 - .bmp Crash PoC",2016-03-02,redknight99,windows,dos,0
|
||||
39519,platforms/win_x86/shellcode/39519.c,"Windows x86 - Null-Free Download & Run via WebDAV Shellcode (96 bytes)",2016-03-02,"Sean Dillon",win_x86,shellcode,0
|
||||
39519,platforms/win_x86/shellcode/39519.c,"Windows x86 - Download & Run via WebDAV Null Free Shellcode (96 bytes)",2016-03-02,"Sean Dillon",win_x86,shellcode,0
|
||||
39520,platforms/win_x86-64/local/39520.txt,"Secret Net 7 and Secret Net Studio 8 - Local Privilege Escalation",2016-03-02,Cr4sh,win_x86-64,local,0
|
||||
39521,platforms/php/webapps/39521.txt,"WordPress Bulk Delete Plugin 5.5.3 - Privilege Escalation",2016-03-03,"Panagiotis Vagenas",php,webapps,80
|
||||
39522,platforms/hardware/remote/39522.txt,"Schneider Electric SBO / AS - Multiple Vulnerabilities",2016-03-03,"Karn Ganeshen",hardware,remote,0
|
||||
|
@ -35771,7 +35771,7 @@ id,file,description,date,author,platform,type,port
|
|||
39541,platforms/linux/dos/39541.txt,"Linux Kernel <= 3.10.0 (CentOS / RHEL 7.1) - mct_u232 Nullpointer Dereference",2016-03-09,"OpenSource Security",linux,dos,0
|
||||
39543,platforms/linux/dos/39543.txt,"Linux Kernel <= 3.10.0 (CentOS / RHEL 7.1) - cdc_acm Nullpointer Dereference",2016-03-09,"OpenSource Security",linux,dos,0
|
||||
39544,platforms/linux/dos/39544.txt,"Linux Kernel <= 3.10.0 (CentOS / RHEL 7.1) - aiptek Nullpointer Dereference",2016-03-09,"OpenSource Security",linux,dos,0
|
||||
39545,platforms/linux/dos/39545.txt,"Linux Kernel 3.10_ 3.18 + 4.4 - netfilter IPT_SO_SET_REPLACE Memory Corruption",2016-03-09,"Google Security Research",linux,dos,0
|
||||
39545,platforms/linux/dos/39545.txt,"Linux Kernel 3.10 / 3.18 / 4.4 - netfilter IPT_SO_SET_REPLACE Memory Corruption",2016-03-09,"Google Security Research",linux,dos,0
|
||||
39546,platforms/windows/dos/39546.txt,"Nitro Pro <= 10.5.7.32 & Nitro Reader <= 5.5.3.1 - Heap Memory Corruption",2016-03-10,"Francis Provencher",windows,dos,0
|
||||
39547,platforms/php/webapps/39547.txt,"WordPress Best Web Soft Captcha Plugin <= 4.1.5 - Multiple Vulnerabilities",2016-03-10,"Colette Chamberland",php,webapps,80
|
||||
39548,platforms/php/webapps/39548.txt,"WordPress WP Advanced Comment Plugin 0.10 - Persistent XSS",2016-03-10,"Mohammad Khaleghi",php,webapps,80
|
||||
|
@ -35940,7 +35940,7 @@ id,file,description,date,author,platform,type,port
|
|||
39728,platforms/lin_x86-64/shellcode/39728.py,"Linux/x86-64 - Bind Shell Shellcode (Generator)",2016-04-25,"Ajith Kp",lin_x86-64,shellcode,0
|
||||
39729,platforms/win_x86/remote/39729.rb,"PCMan FTP Server 2.0.7 - RENAME Command Buffer Overflow (Metasploit)",2016-04-25,"Jonathan Smith",win_x86,remote,21
|
||||
39730,platforms/ruby/webapps/39730.txt,"NationBuilder Multiple Stored XSS Vulnerabilities",2016-04-25,LiquidWorm,ruby,webapps,443
|
||||
39731,platforms/windows/shellcode/39731.c,"Windows - Null-Free Shellcode Primitive Keylogger to File (431 (0x01AF) bytes)",2016-04-25,Fugu,windows,shellcode,0
|
||||
39731,platforms/windows/shellcode/39731.c,"Windows - Primitive Keylogger to File Null Free Shellcode (431 (0x01AF) bytes)",2016-04-25,Fugu,windows,shellcode,0
|
||||
39733,platforms/linux/dos/39733.py,"Rough Auditing Tool for Security (RATS) 2.3 - Crash PoC",2016-04-25,"David Silveiro",linux,dos,0
|
||||
39734,platforms/linux/local/39734.py,"Yasr Screen Reader 0.6.9 - Local Buffer Overflow",2016-04-26,"Juan Sacco",linux,local,0
|
||||
39735,platforms/windows/remote/39735.rb,"Advantech WebAccess Dashboard Viewer Arbitrary File Upload",2016-04-26,Metasploit,windows,remote,80
|
||||
|
@ -35978,7 +35978,7 @@ id,file,description,date,author,platform,type,port
|
|||
39768,platforms/multiple/dos/39768.txt,"OpenSSL Padding Oracle in AES-NI CBC MAC Check",2016-05-04,"Juraj Somorovsky",multiple,dos,0
|
||||
39769,platforms/linux/local/39769.txt,"Zabbix Agent 3.0.1 - mysql.size Shell Command Injection",2016-05-04,"Timo Lindfors",linux,local,0
|
||||
39770,platforms/windows/dos/39770.txt,"McAfee LiveSafe 14.0 - Relocations Processing Memory Corruption",2016-05-04,"Google Security Research",windows,dos,0
|
||||
39771,platforms/linux/dos/39771.txt,"Linux Kernel (Ubuntu 14.04.3) - perf_event_open() Can Race with execve() (/etc/shadow)",2016-05-04,"Google Security Research",linux,dos,0
|
||||
39771,platforms/linux/local/39771.txt,"Linux Kernel (Ubuntu 14.04.3) - perf_event_open() Can Race with execve() (Access /etc/shadow)",2016-05-04,"Google Security Research",linux,local,0
|
||||
39772,platforms/linux/local/39772.txt,"Linux Kernel 4.4.x (Ubuntu 16.04) - 'double-fdput()' in bpf(BPF_PROG_LOAD) Local Root Exploit",2016-05-04,"Google Security Research",linux,local,0
|
||||
39773,platforms/linux/dos/39773.txt,"Linux Kernel (Ubuntu 16.04) - Reference Count Overflow Using BPF Maps",2016-05-04,"Google Security Research",linux,dos,0
|
||||
39774,platforms/windows/dos/39774.html,"Baidu Spark Browser 43.23.1000.476 - Address Bar URL Spoofing",2016-05-05,"liu zhu",windows,dos,0
|
||||
|
@ -35999,7 +35999,7 @@ id,file,description,date,author,platform,type,port
|
|||
39791,platforms/multiple/local/39791.rb,"ImageMagick <= 6.9.3-9 / <= 7.0.1-0 - Delegate Arbitrary Command Execution (ImageTragick)",2016-05-09,Metasploit,multiple,local,0
|
||||
39792,platforms/ruby/remote/39792.rb,"Ruby on Rails Development Web Console (v2) Code Execution",2016-05-09,Metasploit,ruby,remote,3000
|
||||
39966,platforms/windows/dos/39966.txt,"Blat 3.2.14 - Stack Overflow",2016-06-16,Vishnu,windows,dos,0
|
||||
39794,platforms/windows/shellcode/39794.c,"Windows - Null-Free Shellcode Functional Keylogger to File (601 (0x0259) bytes)",2016-05-10,Fugu,windows,shellcode,0
|
||||
39794,platforms/windows/shellcode/39794.c,"Windows - Functional Keylogger to File Null Free Shellcode (601 (0x0259) bytes)",2016-05-10,Fugu,windows,shellcode,0
|
||||
39795,platforms/windows/dos/39795.pl,"MediaInfo 0.7.61 - Crash PoC",2016-05-10,"Mohammad Reza Espargham",windows,dos,0
|
||||
39796,platforms/windows/dos/39796.py,"Ipswitch WS_FTP LE 12.3 - Search field SEH Overwrite POC",2016-05-10,"Zahid Adeel",windows,dos,0
|
||||
39797,platforms/windows/dos/39797.py,"Core FTP Server 32-bit Build 587 - Heap Overflow",2016-05-10,"Paul Purcell",windows,dos,21
|
||||
|
@ -36048,7 +36048,7 @@ id,file,description,date,author,platform,type,port
|
|||
39841,platforms/xml/webapps/39841.txt,"SAP NetWeaver AS JAVA 7.1 < 7.5 - Information Disclosure",2016-05-19,ERPScan,xml,webapps,0
|
||||
39842,platforms/linux/dos/39842.txt,"4digits 1.1.4 - Local Buffer Overflow",2016-05-19,N_A,linux,dos,0
|
||||
39843,platforms/windows/local/39843.c,"VirIT Explorer Lite & Pro 8.1.68 - Local Privilege Escalation",2016-05-19,"Paolo Stagno",windows,local,0
|
||||
39844,platforms/lin_x86-64/shellcode/39844.c,"Linux/x86-64 - Null-Free Reverse TCP Shell shellcode (134 bytes)",2016-05-20,"Sudhanshu Chauhan",lin_x86-64,shellcode,0
|
||||
39844,platforms/lin_x86-64/shellcode/39844.c,"Linux/x86-64 - Reverse TCP Shell Null Free Shellcode (134 bytes)",2016-05-20,"Sudhanshu Chauhan",lin_x86-64,shellcode,0
|
||||
39845,platforms/windows/local/39845.txt,"Operation Technology ETAP 14.1.0 - Local Privilege Escalation",2016-05-23,LiquidWorm,windows,local,0
|
||||
39846,platforms/windows/dos/39846.txt,"Operation Technology ETAP 14.1.0 - Multiple Stack Buffer Overrun Vulnerabilities",2016-05-23,LiquidWorm,windows,dos,0
|
||||
39847,platforms/lin_x86-64/shellcode/39847.c,"Linux/x86-64 - Information Stealer Shellcode (399 bytes)",2016-05-23,"Roziul Hasan Khan Shifat",lin_x86-64,shellcode,0
|
||||
|
@ -36280,7 +36280,7 @@ id,file,description,date,author,platform,type,port
|
|||
40118,platforms/windows/local/40118.txt,"Internet Explorer 11 (Windows 10) - VBScript Memory Corruption Proof-of-Concept Exploit (MS16-051)",2016-06-22,"Brian Pak",windows,local,0
|
||||
40119,platforms/linux/remote/40119.md,"DropBearSSHD <= 2015.71 - Command Injection",2016-03-03,tintinweb,linux,remote,0
|
||||
40120,platforms/hardware/remote/40120.py,"Meinberg NTP Time Server ELX800/GPS M4x V5.30p - Remote Command Execution and Escalate Privileges",2016-07-17,b0yd,hardware,remote,0
|
||||
40122,platforms/lin_x86-64/shellcode/40122.txt,"Linux/x86-64 - Syscall Persistent Bind Shell + Multi-terminal + Password + Daemon (83_ 148_ 177 bytes)",2016-07-19,CripSlick,lin_x86-64,shellcode,0
|
||||
40122,platforms/lin_x86-64/shellcode/40122.txt,"Linux/x86-64 - Syscall Persistent Bind Shell + Multi-terminal + Password + Daemon Shellcode (83_ 148_ 177 bytes)",2016-07-19,CripSlick,lin_x86-64,shellcode,0
|
||||
40125,platforms/multiple/remote/40125.py,"Axis Communications MPQT/PACS 5.20.x - Server Side Include (SSI) Daemon Remote Format String Exploit",2016-07-19,bashis,multiple,remote,0
|
||||
40126,platforms/php/webapps/40126.txt,"NewsP Free News Script 1.4.7 - User Credentials Disclosure",2016-07-19,"Meisam Monsef",php,webapps,80
|
||||
40127,platforms/php/webapps/40127.txt,"newsp.eu PHP Calendar Script 1.0 - User Credentials Disclosure",2016-07-19,"Meisam Monsef",php,webapps,80
|
||||
|
@ -36295,7 +36295,7 @@ id,file,description,date,author,platform,type,port
|
|||
40136,platforms/linux/remote/40136.py,"OpenSSHD <= 7.2p2 - Username Enumeration",2016-07-20,0_o,linux,remote,22
|
||||
40137,platforms/php/webapps/40137.html,"WordPress Video Player Plugin 1.5.16 - SQL Injection",2016-07-20,"David Vaartjes",php,webapps,80
|
||||
40138,platforms/windows/remote/40138.py,"TFTP Server 1.4 - WRQ Buffer Overflow Exploit (Egghunter)",2016-07-21,"Karn Ganeshen",windows,remote,69
|
||||
40139,platforms/lin_x86-64/shellcode/40139.c,"Linux/x86-64 - Subtle Probing Reverse Shell_ Timer_ Burst_ Password_ Multi-Terminal (84_ 122_ 172 bytes)",2016-07-21,CripSlick,lin_x86-64,shellcode,0
|
||||
40139,platforms/lin_x86-64/shellcode/40139.c,"Linux/x86-64 - Subtle Probing Reverse Shell_ Timer_ Burst_ Password_ Multi-Terminal Shellcode (84_ 122_ 172 bytes)",2016-07-21,CripSlick,lin_x86-64,shellcode,0
|
||||
40140,platforms/php/webapps/40140.txt,"TeamPass Passwords Management System 2.1.26 - Arbitrary File Download",2016-07-21,"Hasan Emre Ozer",php,webapps,80
|
||||
40141,platforms/bsd/local/40141.c,"mail.local(8) (NetBSD) - Local Root Exploit (NetBSD-SA2016-006)",2016-07-21,akat1,bsd,local,0
|
||||
40142,platforms/php/remote/40142.php,"Apache 2.4.7 & PHP <= 7.0.2 - openssl_seal() Uninitialized Memory Code Execution",2016-02-01,akat1,php,remote,0
|
||||
|
|
Can't render this file because it is too large.
|
|
@ -1,8 +1,10 @@
|
|||
/*
|
||||
source: http://www.securityfocus.com/bid/4568/info
|
||||
|
||||
It has been reported that BSD-based kernels do not check to ensure that the C library standard I/O file descriptors 0-2 are valid open files before exec()ing setuid images. Consequently, I/O that are opened by a setuid process may be assigned file descriptors equivelent to those used by the C library as 'standard input','standard output', and 'standard error'.
|
||||
|
||||
This may result in untrusted, attacker supplied data being written to sensitive I/O channels. Local root compromise has been confirmed as a possible consequence.
|
||||
*/
|
||||
|
||||
/*
|
||||
phased/b10z
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
/*
|
||||
Description of problem:
|
||||
|
||||
execution of a particular program from the Arachne suite reliably causes a
|
||||
|
@ -72,6 +73,7 @@ CR2: 0000000000000030
|
|||
<0>Kernel panic - not syncing: Fatal exception
|
||||
|
||||
PoC:
|
||||
*/
|
||||
|
||||
#include <stdio.h>
|
||||
#include <sys/types.h>
|
|
@ -1,6 +1,8 @@
|
|||
/*
|
||||
source: http://www.securityfocus.com/bid/111/info
|
||||
|
||||
A vulnerability in the Linux kernel allows any user to send a SIGIO signal to any process. If the process does not catch or ignore the signal is will exit.
|
||||
*/
|
||||
|
||||
/* On non-glibc systems you must add
|
||||
*
|
||||
|
|
|
@ -1,6 +1,8 @@
|
|||
/*
|
||||
source: http://www.securityfocus.com/bid/2247/info
|
||||
|
||||
Linux kernel versions 2.1.89 to 2.2.3 are vulnerable to a denial of service attack caused when a 0-length IP fragment is received, if it is the first fragment in the list. Several thousands 0-length packets must be sent in order for this to initiate a denial of service against the target.
|
||||
*/
|
||||
|
||||
/*
|
||||
* sesquipedalian.c - Demonstrates a DoS bug in Linux 2.1.89 - 2.2.3
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
/*
|
||||
source: http://www.securityfocus.com/bid/5178/info
|
||||
|
||||
The Linux kernel is a freely available, open source kernel originally written by Linus Torvalds. It is the core of all Linux distributions.
|
||||
|
@ -5,6 +6,7 @@ The Linux kernel is a freely available, open source kernel originally written by
|
|||
Recent versions of the Linux kernel include a collection of file descriptors which are reserved for usage by processes executing as the root user. By default, the size of this collection is set to 10 file descriptors.
|
||||
|
||||
It is possible for a local, non-privileged user to open all system file descriptors. The malicious user may then exhaust the pool of reserved descriptors by opening several common suid binaries, resulting in a denial of service condition.
|
||||
*/
|
||||
|
||||
#include <stdio.h>
|
||||
|
Loading…
Add table
Reference in a new issue