4 commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Offensive Security
|
d304cc3d3e |
DB: 2017-11-24
116602 new exploits Too many to list! |
||
|
Offensive Security
|
4b39f0d26d |
DB: 2017-11-16
23 new exploits VideoLAN VLC Media Player 0.8.6a - Unspecified Denial of Service (1) VideoLAN VLC Media Player 0.8.6a - Denial of Service (1) Microsoft Windows Explorer - '.AVI' Unspecified Denial of Service Microsoft Windows Explorer - '.AVI' File Denial of Service Microsoft Windows Explorer - Unspecified '.ANI' File Denial of Service Microsoft Windows Explorer - '.ANI' File Denial of Service Microsoft Windows Explorer - Unspecified '.doc' File Denial of Service Microsoft Windows Explorer - '.doc' File Denial of Service CDBurnerXP 4.2.4.1351 - Local Crash (Denial of Service) Juniper Networks JUNOS 7.1.1 - Malformed TCP Packet Denial of Service / Unspecified Vulnerabilities Juniper Networks JUNOS 7.1.1 - Malformed TCP Packet Denial of Service / Multiple Vulnerabilities iPhone / iTouch FtpDisc 1.0 3 - ExploitsInOne Buffer Overflow Denial of Service iPhone / iTouch FtpDisc 1.0 - Buffer Overflow / Denial of Service Aladdin eToken PKI Client 4.5 - Virtual File Handling Unspecified Memory Corruption (PoC) Aladdin eToken PKI Client 4.5 - Virtual File Handling Memory Corruption (PoC) Webby WebServer - SEH Control (PoC) Webby WebServer - Overflow (SEH) (PoC) Quick 'n Easy FTP Server Lite 3.1 - Exploit Quick 'n Easy FTP Server Lite 3.1 - Denial of Service Subtitle Translation Wizard 3.0.0 - Exploit (SEH) (PoC) Subtitle Translation Wizard 3.0.0 - Overflow (SEH) (PoC) FFDshow - SEH Exception Leading to Null Pointer on Read FFDshow - Overflow (SEH) Exception Leading to Null Pointer on Read Microsoft Internet Explorer - MSHTML Findtext Processing Issue Microsoft Internet Explorer - MSHTML Findtext Processing Exploit Oreans WinLicense 2.1.8.0 - XML File Handling Unspecified Memory Corruption Oreans WinLicense 2.1.8.0 - XML File Handling Memory Corruption Debian suidmanager 0.18 - Exploit AMD K6 Processor - Exploit Apple Personal Web Sharing 1.1 - Remote Denial of Service AMD K6 Processor - Denial of Service Sun Solaris 7.0 - 'procfs' Denial of Service S.u.S.E. Linux 6.2 / Slackware Linux 3.2/3.6 - identd Denial of Service S.u.S.E. Linux 6.2 / Slackware Linux 3.2/3.6 - 'identd' Denial of Service Debian 2.1/2.2 / Mandrake 6.0/6.1/7.0 / RedHat 6.x - rpc.lockd Remote Denial of Service Debian 2.1/2.2 / Mandrake 6.0/6.1/7.0 / RedHat 6.x - 'rpc.lockd' Remote Denial of Service D-Link DIR605L - Denial of Service RedHat Linux 6.1 i386 - Tmpwatch Recursive Write Denial of Service (Linux Kernel) ReiserFS 3.5.28 - Code Execution / Denial of Service ReiserFS 3.5.28 (Linux Kernel) - Code Execution / Denial of Service IBM AIX 4.3.3/5.1/5.2 libIM - Buffer Overflow IBM AIX 4.3.3/5.1/5.2 - 'libIM' Buffer Overflow xfstt 1.2/1.4 - Unspecified Memory Disclosure xfstt 1.2/1.4 - Memory Disclosure ViRobot Linux Server 2.0 - Exploit Linux Kernel 2.4.x/2.6.x - Multiple Unspecified ISO9660 Filesystem Handling Vulnerabilities Linux Kernel 2.4.x/2.6.x - Multiple ISO9660 Filesystem Handling Vulnerabilities IBM AIX 5.x - Invscout Local Buffer Overflow IBM AIX 5.x - 'Invscout' Local Buffer Overflow Microsoft Internet Explorer 5.0.1 - '.JPEG' Image Rendering Unspecified Buffer Overflow Microsoft Internet Explorer 5.0.1 - '.JPEG' Image Rendering Buffer Overflow Microsoft Excel 95/97/2000/2002/2003/2004 - Unspecified Memory Corruption (MS06-012) Microsoft Excel 95/97/2000/2002/2003/2004 - Memory Corruption (MS06-012) IBM Tivoli Directory Server 6.0 - Unspecified LDAP Memory Corruption IBM Tivoli Directory Server 6.0 - LDAP Memory Corruption Quake 3 Engine - CL_ParseDownload Remote Buffer Overflow Quake 3 Engine - 'CL_ParseDownload' Remote Buffer Overflow Zabbix 1.1.2 - Multiple Unspecified Remote Code Execution Vulnerabilities Zabbix 1.1.2 - Multiple Remote Code Execution Vulnerabilities VideoLAN VLC Media Player 0.8.6a - Unspecified Denial of Service (2) VideoLAN VLC Media Player 0.8.6a - Denial of Service (2) Sun Solaris 10 - ICMP Unspecified Remote Denial of Service Sun Solaris 10 - ICMP Remote Denial of Service Mozilla Firefox 2.0.0.2 - Unspecified GIF Handling Denial of Service Mozilla Firefox 2.0.0.2 - '.GIF' Handling Denial of Service Progress WebSpeed 3.0/3.1 - Denial of Service GStreamer 0.10.15 - Multiple Unspecified Remote Denial of Service Vulnerabilities GStreamer 0.10.15 - Multiple Remote Denial of Service Vulnerabilities Wireshark 0.99.8 - X.509sat Dissector Unspecified Denial of Service Wireshark 0.99.8 - LDAP Dissector Unspecified Denial of Service Wireshark 0.99.8 - SCCP Dissector Decode As Feature Unspecified Denial of Service Wireshark 0.99.8 - X.509sat Dissector Denial of Service Wireshark 0.99.8 - LDAP Dissector Denial of Service Wireshark 0.99.8 - SCCP Dissector Decode As Feature Denial of Service Novell Client 4.91.5 - ActiveX Control 'nwsetup.dll' Unspecified Remote Denial of Service (1) Novell Client 4.91.5 - ActiveX Control 'nwsetup.dll' Unspecified Remote Denial of Service (2) Nokia Lotus Notes Connector - 'lnresobject.dll' Unspecified Remote Denial of Service Novell Client 4.91.5 - ActiveX Control 'nwsetup.dll' Remote Denial of Service (1) Novell Client 4.91.5 - ActiveX Control 'nwsetup.dll' Remote Denial of Service (2) Nokia Lotus Notes Connector - 'lnresobject.dll' Remote Denial of Service Wireshark 1.2.1 - OpcUa Dissector Unspecified Resource Exhaustion (Denial of Service) Wireshark 1.2.1 - TLS Dissector 1.2 Conversation Handling Unspecified Remote Denial of Service Wireshark 1.2.1 - GSM A RR Dissector packet.c Unspecified Remote Denial of Service Wireshark 1.2.1 - OpcUa Dissector Resource Exhaustion (Denial of Service) Wireshark 1.2.1 - TLS Dissector 1.2 Conversation Handling Remote Denial of Service Wireshark 1.2.1 - GSM A RR Dissector packet.c Remote Denial of Service Opera Web Browser < 11.60 - Multiple Denial of Service / Unspecified Vulnerabilities Opera Web Browser < 11.60 - Denial of Service / Multiple Vulnerabilities SmallFTPd - Unspecified Denial of Service SmallFTPd - Denial of Service Apple Mac OSX - 'IntelAccelerator::gstqConfigure' Exploitable Kernel NULL Dereference Apple Mac OSX - 'IntelAccelerator::gstqConfigure' Kernel NULL Dereference Apple Mac OSX - IOSCSIPeripheralDeviceType00 Userclient Type 12 Exploitable Kernel NULL Dereference Apple Mac OSX - IOSCSIPeripheralDeviceType00 Userclient Type 12 Kernel NULL Dereference Apple Mac OSX - OSMetaClassBase::safeMetaCast in IOAccelContext2::connectClient Exploitable NULL Dereference Apple Mac OSX - OSMetaClassBase::safeMetaCast in IOAccelContext2::connectClient NULL Dereference Microsoft Windows - 'gdi32.dll' Multiple Issues 'EMF CREATECOLORSPACEW' Record Handling (MS16-055) Microsoft Windows - 'gdi32.dll' Multiple Issues 'EMF COMMENT_MULTIFORMATS' Record Handling (MS16-055) Microsoft Windows - 'gdi32.dll' Multiple 'EMF CREATECOLORSPACEW' Record Handling (MS16-055) Microsoft Windows - 'gdi32.dll' Multiple 'EMF COMMENT_MULTIFORMATS' Record Handling (MS16-055) Apple Mac OSX Kernel - Exploitable Null Pointer Dereference in nvCommandQueue::GetHandleIndex in GeForce.kext Apple Mac OSX Kernel - Null Pointer Dereference in nvCommandQueue::GetHandleIndex in GeForce.kext Apple Mac OSX Kernel - Exploitable Null Pointer Dereference in AppleMuxControl.kext Apple Mac OSX Kernel - Exploitable Null Pointer Dereference in AppleGraphicsDeviceControl Apple Mac OSX Kernel - Exploitable NULL Dereference in IOAccelSharedUserClient2::page_off_resource Apple Mac OSX Kernel - Exploitable NULL Dereference in CoreCaptureResponder Due to Unchecked Return Value Apple Mac OSX Kernel - Exploitable Null Pointer Dereference in IOAudioEngine Apple Mac OSX Kernel - Null Pointer Dereference in AppleMuxControl.kext Apple Mac OSX Kernel - Null Pointer Dereference in AppleGraphicsDeviceControl Apple Mac OSX Kernel - NULL Dereference in IOAccelSharedUserClient2::page_off_resource Apple Mac OSX Kernel - NULL Dereference in CoreCaptureResponder Due to Unchecked Return Value Apple Mac OSX Kernel - Null Pointer Dereference in IOAudioEngine Apple OS X/iOS - mach_ports_register Multiple Memory Safety Issues Apple OS X/iOS - 'mach_ports_register' Multiple Memory Safety Exploits Linux Kernel 3.10.0-327/4.8.0-22 (Ubuntu 16.10 / RedHat) - 'keyctl' Null Pointer Dereference Linux Kernel 4.8.0-22/3.10.0-327 (Ubuntu 16.10 / RedHat) - 'keyctl' Null Pointer Dereference Microsoft MsMpEng - Remotely Exploitable Use-After-Free due to Design Issue in GC Engine Microsoft MsMpEng - Remote Use-After-Free Due to Design Issue in GC Engine Microsoft Windows Kernel - 'win32k.sys' Multiple Issues 'NtGdiGetDIBitsInternal' System Call Microsoft Windows Kernel - 'win32k.sys' Multiple 'NtGdiGetDIBitsInternal' System Call Mandrake Linux 8.2 /usr/mail - Local Exploit Mandrake Linux 8.2 - '/usr/mail' Local Exploit RedHat 6.2 /sbin/restore - Exploit RedHat 6.2 - '/sbin/restore' Privilege Escalation dump 0.4b15 (RedHat 6.2) - Exploit dump 0.4b15 (RedHat 6.2) - Privilege Escalation xsoldier 0.96 (RedHat 6.2) - Exploit Pine (Local Message Grabber) - Exploit xsoldier 0.96 (RedHat 6.2) - Buffer Overflow Pine (Local Message Grabber) - Local Message Read Seyon 2.1 rev. 4b i586-Linux - Exploit Seyon 2.1 rev. 4b i586-Linux (RedHat 4.0/5.1) - Overflow glibc-2.2 / openssh-2.3.0p1 / glibc 2.1.9x - Exploit glibc-2.2 / openssh-2.3.0p1 / glibc 2.1.9x - File Read suid_perl 5.001 - Exploit suid_perl 5.001 - Command Execution Sendmail 8.11.x (Linux/i386) - Exploit Sendmail 8.11.x (Linux/i386) - Privilege Escalation Microsoft Excel - Unspecified Remote Code Execution Microsoft Excel - Remote Code Execution Microsoft Word 2000 - Unspecified Code Execution Microsoft Word 2000 - Code Execution IBM AIX 5.3 sp6 - capture Terminal Sequence Privilege Escalation IBM AIX 5.3 sp6 - pioout Arbitrary Library Loading Privilege Escalation IBM AIX 5.3 SP6 - Capture Terminal Sequence Privilege Escalation IBM AIX 5.3 SP6 - 'pioout' Arbitrary Library Loading Privilege Escalation IBM AIX 5.3 libc - MALLOCDEBUG File Overwrite IBM AIX 5.3 - 'libc' MALLOCDEBUG File Overwrite Easy RM to MP3 Converter 2.7.3.700 - Exploit Easy RM to MP3 Converter 2.7.3.700 - Buffer Overflow Easy RM to MP3 27.3.700 (Windows XP SP3) - Exploit Easy RM to MP3 27.3.700 (Windows XP SP3) - Overflow Adobe Reader and Acrobat - Exploit Adobe Reader / Acrobat - '.PDF' File Overflow Mini-stream Ripper (Windows XP SP2/SP3) - Exploit Mini-stream Ripper (Windows XP SP2/SP3) - Local Overflow DJ Studio Pro 5.1.6.5.2 - Exploit (SEH) DJ Studio Pro 5.1.6.5.2 - Overflow (SEH) Winamp 5.572 - Exploit (SEH) Winamp 5.572 - Overflow (SEH) ZipScan 2.2c - Exploit (SEH) ZipScan 2.2c - Overflow (SEH) Local Glibc shared library (.so) 2.11.1 - Exploit (Linux Kernel 2.6.34-rc3) ReiserFS (RedHat / Ubuntu 9.10) - 'xattr' Privilege Escalation Local Glibc Shared Library (.so) 2.11.1 - Code Execution ReiserFS (Linux Kernel 2.6.34-rc3 / RedHat / Ubuntu 9.10) - 'xattr' Privilege Escalation SyncBack Freeware 3.2.20.0 - Exploit SyncBack Freeware 3.2.20.0 - Overflow (SEH) Mediacoder 0.7.3.4672 - Exploit (SEH) Mediacoder 0.7.3.4672 - Overflow (SEH) MP3 Workstation 9.2.1.1.2 - Exploit (SEH) MP3 Workstation 9.2.1.1.2 - Overflow (SEH) DJ Studio Pro 8.1.3.2.1 - Exploit (SEH) DJ Studio Pro 8.1.3.2.1 - Overflow (SEH) MP3 Workstation 9.2.1.1.2 - Exploit (SEH) (Metasploit) MP3 Workstation 9.2.1.1.2 - Overflow (SEH) (Metasploit) iworkstation 9.3.2.1.4 - Exploit (SEH) iworkstation 9.3.2.1.4 - Overflow (SEH) Nokia MultiMedia Player 1.0 - Exploit (SEH Unicode) Nokia MultiMedia Player 1.0 - Overflow (SEH Unicode) POP Peeper 3.7 - Exploit (SEH) POP Peeper 3.7 - Overflow (SEH) DVD X Player 5.5 Pro - SEH + ASLR + DEP Bypass DVD X Player 5.5 Pro - Overflow (SEH + ASLR + DEP Bypass) DJ Studio Pro 5.1.6.5.2 - Exploit (SEH) (Metasploit) DJ Studio Pro 5.1.6.5.2 - Overflow (SEH) (Metasploit) BlazeVideo HDTV Player 6.6 Professional - SEH + ASLR + DEP Bypass BlazeVideo HDTV Player 6.6 Professional - Overflow (SEH + ASLR + DEP Bypass) Slackware Linux 3.4 - 'liloconfig-color' Temporary file Slackware Linux 3.4 - 'makebootdisk' Temporary file Slackware Linux 3.4 - 'liloconfig-color' Temporary File Slackware Linux 3.4 - 'makebootdisk' Temporary File Slackware Linux 3.4 - 'netconfig' Temporary file Slackware Linux 3.4 - 'pkgtool' Temporary file Slackware Linux 3.4 - 'netconfig' Temporary File Slackware Linux 3.4 - 'pkgtool' Temporary File Debian suidmanager 0.18 - Command Execution BSDI BSD/OS 2.1 / FreeBSD 2.1 / IBM AIX 4.2 / SGI IRIX 6.4 / Sun SunOS 4.1.3 - Exploit HP HP-UX 10.20/11.0 / IBM AIX 4.3 / SCO Unixware 7.0 / Sun Solaris 2.6 - Exploit Slackware Linux 3.5 - Missing /etc/group Privilege Escalation BSDI BSD/OS 2.1 / FreeBSD 2.1 / IBM AIX 4.2 / SGI IRIX 6.4 / Sun SunOS 4.1.3 - Buffer Overrun HP HP-UX 10.20/11.0 / IBM AIX 4.3 / SCO Unixware 7.0 / Sun Solaris 2.6 - Change File Permission Slackware Linux 3.5 - '/etc/group' Privilege Escalation Sun Solaris 2.6 power management - Exploit Sun Solaris 2.6 - power management Exploit DataLynx suGuard 1.0 - Exploit Sun Solaris 2.5.1 PAM & unix_scheme - Exploit Solaris 2.5.1 ffbconfig - Exploit Solaris 2.5.1 chkey - Exploit Solaris 2.5.1 Ping - Exploit SGI IRIX 6.4 ioconfig - Exploit DataLynx suGuard 1.0 - Privilege Escalation Sun Solaris 2.5.1 PAM / unix_scheme - 'passwd' Privilege Escalation Solaris 2.5.1 - 'ffbconfig' Exploit Solaris 2.5.1 - 'chkey' Exploit Solaris 2.5.1 - 'Ping' Exploit SGI IRIX 6.4 - 'ioconfig' Exploit BSD/OS 2.1 / DG/UX 7.0 / Debian 1.3 / HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.4 / Solaris 2.5.1 - xlock Exploit (1) BSD/OS 2.1 / DG/UX 7.0 / Debian 1.3 / HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.4 / Solaris 2.5.1 - xlock Exploit (2) BSD/OS 2.1 / DG/UX 7.0 / Debian 1.3 / HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.4 / Solaris 2.5.1 - 'xlock' Exploit (1) BSD/OS 2.1 / DG/UX 7.0 / Debian 1.3 / HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.4 / Solaris 2.5.1 - '/usr/bin/X11/xlock' Privilege Escalation (2) Solaris 2.5.1 automount - Exploit Solaris 2.5.1 - 'automount' Exploit BSD/OS 2.1 / DG/UX 4.0 / Debian 0.93 / Digital UNIX 4.0 B / FreeBSD 2.1.5 / HP-UX 10.34 / IBM AIX 4.1.5 / NetBSD 1.0/1.1 / NeXTstep 4.0 / SGI IRIX 6.3 / SunOS 4.1.4 - 'rlogin' Exploit Sun Solaris 7.0 dtprintinfo - Buffer Overflow Sun Solaris 7.0 lpset - Buffer Overflow BSD/OS 2.1 / DG/UX 4.0 / Debian 0.93 / Digital UNIX 4.0 B / FreeBSD 2.1.5 / HP-UX 10.34 / IBM AIX 4.1.5 / NetBSD 1.0/1.1 / NeXTstep 4.0 / SGI IRIX 6.3 / SunOS 4.1.4 - 'rlogin' Privilege Escalation Sun Solaris 7.0 - '/usr/dt/bin/dtprintinfo' Buffer Overflow Sun Solaris 7.0 - '/usr/bin/lpset' Buffer Overflow IBM Remote Control Software 1.0 - Exploit IBM Remote Control Software 1.0 - Code Execution Xcmail 0.99.6 - Exploit Xcmail 0.99.6 - Buffer Overflow Sun Solaris 7.0 ff.core - Exploit S.u.S.E. 5.2 lpc - Exploit Sun Solaris 7.0 - 'ff.core' Exploit S.u.S.E. 5.2 - 'lpc' Exploit SGI IRIX 6.2 cdplayer - Exploit SGI IRIX 6.2 - 'cdplayer' Exploit SGI IRIX 5.3 Cadmin - Exploit SGI IRIX 6.0.1 colorview - Exploit SGI IRIX 5.3 - 'Cadmin' Exploit SGI IRIX 6.0.1 - 'colorview' Exploit SGI IRIX 6.3 df - Exploit SGI IRIX 6.4 - datman/cdman Exploit SGI IRIX 6.3 - 'df' Exploit SGI IRIX 6.4 - datman/cdman Exploit RedHat Linux 2.1 - abuse.console Exploit SGI IRIX 6.2 fsdump - Exploit RedHat Linux 5.1 xosview - Exploit Slackware Linux 3.1 - Buffer Overflow RedHat Linux 2.1 - 'abuse.console' Exploit SGI IRIX 6.2 - 'fsdump' Exploit RedHat Linux 5.1 - xosview Slackware Linux 3.1 - '/usr/X11/bin/SuperProbe' Buffer Overflow IBM AIX 4.3 infod - Exploit IBM AIX 4.3 - 'infod' Exploit IBM AIX 4.2.1 snap - Insecure Temporary File Creation IBM AIX 4.2.1 - 'snap' Insecure Temporary File Creation SGI IRIX 6.4 inpview - Exploit RedHat Linux 5.0 msgchk - Exploit IBM AIX 4.2.1 portmir - Buffer Overflow / Insecure Temporary File Creation IBM AIX 4.2 ping - Buffer Overflow IBM AIX 4.2 lchangelv - Buffer Overflow SGI IRIX 6.4 - 'inpview' Exploit RedHat Linux 5.0 - 'msgchk' Exploit IBM AIX 4.2.1 - '/usr/bin/portmir' Buffer Overflow / Insecure Temporary File Creation IBM AIX 4.2 - 'ping' Buffer Overflow IBM AIX 4.2 - '/usr/sbin/lchangelv' Buffer Overflow RedHat Linux 4.2 / SGI IRIX 6.3 / Solaris 2.6 mailx - Exploit (1) RedHat Linux 4.2 / SGI IRIX 6.3 / Solaris 2.6 - 'mailx' Exploit (1) SGI IRIX 6.4 netprint - Exploit SGI IRIX 6.4 - 'netprint' Exploit SGI IRIX 5.3/6.2 ordist - Exploit SGI IRIX 5.3/6.2 - 'ordist' Exploit SGI IRIX 5.3 pkgadjust - Exploit SGI IRIX 5.3 - 'pkgadjust' Exploit Sun Solaris 7.0 procfs - Exploit IBM AIX 3.2.5 - IFS Exploit IBM AIX 4.2.1 lquerypv - Exploit IBM AIX 3.2.5 - 'IFS' Exploit IBM AIX 4.2.1 - 'lquerypv' File Read SGI IRIX 6.3 pset - Exploit SGI IRIX 6.4 rmail - Exploit SGI IRIX 6.3 - 'pset' Exploit SGI IRIX 6.4 - 'rmail' Exploit SGI IRIX 5.2/5.3 serial_ports - Exploit SGI IRIX 6.4 suid_exec - Exploit SGI IRIX 5.1/5.2 sgihelp - Exploit SGI IRIX 6.4 startmidi - Exploit SGI IRIX 5.2/5.3 - 'serial_ports' Exploit SGI IRIX 6.4 - 'suid_exec' Exploit SGI IRIX 5.1/5.2- 'sgihelp' Exploit SGI IRIX 6.4 - 'startmidi' Exploit SGI IRIX 6.4 xfsdump - Exploit SGI IRIX 6.4 - 'xfsdump' Exploit IBM AIX 4.3.1 adb - Exploit IBM AIX 4.3.1 - 'adb' Denial of Service Apple At Ease 5.0 - Exploit Samba < 2.0.5 - Exploit Apple At Ease 5.0 - Information Disclosure Samba < 2.0.5 - Overflow NetBSD 1.4 / OpenBSD 2.5 /Solaris 7.0 profil(2) - Exploit NetBSD 1.4 / OpenBSD 2.5 / Solaris 7.0 - 'profil(2)' Modify The Internal Data Space Mandriva Linux Mandrake 6.0 / Gnome Libs 1.0.8 espeaker - Local Buffer Overflow Mandriva Linux Mandrake 6.0 / Gnome Libs 1.0.8 - 'espeaker' Local Buffer Overflow HP-UX 10.20 newgrp - Exploit HP-UX 10.20 newgrp - Privilege Escalation BSD/OS 2.1 / FreeBSD 2.1.5 / NeXTstep 4.x / IRIX 6.4 / SunOS 4.1.3/4.1.4 - 'lpr' Buffer Overrun (2) BSD/OS 2.1 / FreeBSD 2.1.5 / NeXTstep 4.x / IRIX 6.4 / SunOS 4.1.3/4.1.4 - '/usr/bin/lpr' Buffer Overrun Privilege Escalation (2) BSD 2 / CND 1 / Sendmail 8.x / FreeBSD 2.1.x / HP-UX 10.x / AIX 4 / RedHat 4 - Sendmail Daemon Exploit BSD 2 / CND 1 / Sendmail 8.x / FreeBSD 2.1.x / HP-UX 10.x / AIX 4 / RedHat 4 - Sendmail Daemon FreeBSD 3.3/Linux Mandrake 7.0 - 'xsoldier' Buffer Overflow (1) FreeBSD 3.3/Linux Mandrake 7.0 - 'xsoldier' Buffer Overflow (2) xsoldier (FreeBSD 3.3/Linux Mandrake 7.0) - Buffer Overflow (1) xsoldier (FreeBSD 3.3/Linux Mandrake 7.0) - Buffer Overflow (2) Solaris 7.0 kcms_configure - Exploit Solaris 7.0 - 'kcms_configure Exploit Windowmaker wmmon 1.0 b2 - Exploit Windowmaker wmmon 1.0 b2 - Command Execution Oracle8i Standard Edition 8.1.5 for Linux Installer - Exploit Oracle8i Standard Edition 8.1.5 for Linux Installer - Privilege Escalation Standard & Poors ComStock 4.2.4 - Exploit Standard & Poors ComStock 4.2.4 - Command Execution KDE 1.1.2 KApplication configfile - Exploit (1) KDE 1.1.2 KApplication configfile - Exploit (2) KDE 1.1.2 KApplication configfile - Exploit (3) KDE 1.1.2 KApplication configfile - Privilege Escalation (1) KDE 1.1.2 KApplication configfile - Privilege Escalation (2) KDE 1.1.2 KApplication configfile - Privilege Escalation (3) BSD 'mailx' 8.1.1-10 - Buffer Overflow (2) mailx 8.1.1-10 (BSD/Slackware) - Buffer Overflow (2) Mandrake 7.0/7.1 / RedHat Kon2 0.3.9 - fld Input File Overflow Mandrake 7.0/7.1 / RedHat Kon2 0.3.9 - '/usr/bin/fld' Input File Overflow IRIX 6.5.x - GR_OSView Buffer Overflow SGI IRIX 6.2 libgl.so - Buffer Overflow IRIX 6.5.x - dmplay Buffer Overflow IRIX 6.2/6.3 lpstat - Buffer Overflow IRIX 6.5.x - inpview Race Condition IRIX 6.5.x - '/usr/sbin/gr_osview' Buffer Overflow SGI IRIX 6.2 - 'libgl.so' Buffer Overflow IRIX 6.5.x - '/usr/sbin/dmplay' Buffer Overflow IRIX 6.2/6.3 - '/bin/lpstat' Buffer Overflow IRIX 6.5.x - '/usr/lib/InPerson/inpview' Race Condition IRIX 5.3/6.x - mail Exploit IRIX 5.3/6.x - '/usr/bin/mail' Buffer Overflow Libc locale - Exploit (1) Libc locale - Exploit (2) Libc locale - Privilege Escalation (1) Libc locale - Privilege Escalation (2) GNOME esound 0.2.19 - Unix Domain Socket Race Condition Apple Mac OSX 10 / HP-UX 9/10/11 / Mandriva 6/7 / RedHat 5/6 / SCO 5 / IRIX 6 - Shell redirection Race Condition Apple Mac OSX 10 / HP-UX 9/10/11 / Mandriva 6/7 / RedHat 5/6 / SCO 5 / IRIX 6 - Shell Redirection Race Condition IBM AIX 4.x - setsenv Buffer Overflow IBM AIX 4.3 digest - Buffer Overflow IBM AIX 4.x - enq Buffer Overflow IBM AIX 4.3.x - piobe Buffer Overflow IBM AIX 4.x - '/usr/bin/setsenv' Buffer Overflow IBM AIX 4.3 - '/usr/lib/lpd/digest' Buffer Overflow IBM AIX 4.x - 'enq' Buffer Overflow IBM AIX 4.3.x - '/usr/lib/lpd/piobe' Buffer Overflow SGI IRIX 6.5 / Solaris 7.0/8 - CDE dtsession Buffer Overflow SGI IRIX 6.5 / Solaris 7.0/8 CDE - '/usr/dt/bin/dtsession' Buffer Overflow AIX 4.2/4.3 - piomkapqd Buffer Overflow AIX 4.2/4.3 - '/usr/lib/lpd/pio/etc/piomkapqd' Buffer Overflow (Linux Kernel 2.4.17-8) User-Mode Linux - Memory Access Privilege Escalation User-Mode Linux (Linux Kernel 2.4.17-8) - Memory Access Privilege Escalation (Linux Kernel) Grsecurity Kernel Patch 1.9.4 - Memory Protection Grsecurity Kernel Patch 1.9.4 (Linux Kernel) - Memory Protection QNX RTOS 6.1 - phlocale Environment Variable Buffer Overflow QNX RTOS 6.1 - PKG-Installer Buffer Overflow QNX RTOS 6.1 - '/usr/photon/bin/phlocale' Environment Variable Buffer Overflow QNX RTOS 6.1 - 'PKG-Installer' Buffer Overflow NCMedia Sound Editor Pro 7.5.1 - SEH + DEP Bypass NCMedia Sound Editor Pro 7.5.1 - Overflow (SEH + DEP Bypass) AFD 1.2.x - Working Directory Local Buffer Overflow AFD 1.2.x - Working Directory Local Buffer Overflow Privilege Escalation IBM AIX 4.3.x/5.1 - ERRPT Local Buffer Overflow IBM AIX 4.3.x/5.1 - 'ERRPT' Local Buffer Overflow HP-UX 10.x - rs.F3000 Unspecified Unauthorized Access HP-UX 10.x - rs.F3000 Unauthorized Access Leksbot 1.2 - Multiple Unspecified Vulnerabilities Leksbot 1.2 - Multiple Vulnerabilities IBM AIX 4.3.x/5.1 - LSMCODE Environment Variable Local Buffer Overflow IBM AIX 4.3.x/5.1 - 'LSMCODE' Environment Variable Local Buffer Overflow IBM UniVerse 10.0.0.9 - uvadmsh Privilege Escalation IBM UniVerse 10.0.0.9 - 'uvadmsh' Privilege Escalation ViRobot Linux Server 2.0 - Overflow (Linux Kernel 2.6) Samba 2.2.8 (Debian / Mandrake) - Share Privilege Escalation Samba 2.2.8 (Linux Kernel 2.6 / Debian / Mandrake) - Share Privilege Escalation Veritas NetBackup 3.5/4.5/5.0 - Multiple Unspecified Local Memory Corruption Vulnerabilities (1) Veritas NetBackup 3.5/4.5/5.0 - Multiple Unspecified Local Memory Corruption Vulnerabilities (2) Veritas NetBackup 3.5/4.5/5.0 - Multiple Unspecified Local Memory Corruption Vulnerabilities (3) Veritas NetBackup 3.5/4.5/5.0 - Multiple Local Memory Corruption Vulnerabilities (1) Veritas NetBackup 3.5/4.5/5.0 - Multiple Local Memory Corruption Vulnerabilities (2) Veritas NetBackup 3.5/4.5/5.0 - Multiple Local Memory Corruption Vulnerabilities (3) Nvidia Display Driver Service (Nsvr) - Exploit Nvidia Display Driver Service (Nsvr) - Buffer Overflow IBM AIX 5.3 - GetShell and GetCommand File Enumeration IBM AIX 5.3 - GetShell and GetCommand Partial File Disclosure IBM AIX 5.3 - 'GetShell' / 'GetCommand' File Enumeration IBM AIX 5.3 - 'GetShell' / 'GetCommand' File Disclosure Apple 2.0.4 - Safari Unspecified Local Apple 2.0.4 - Safari Local Exploit Systrace - Multiple System Call Wrappers Concurrency Vulnerabilities IBM AIX 6.1.8 libodm - Arbitrary File Write IBM AIX 6.1.8 - 'libodm' Arbitrary File Write Apple iOS 4.0.2 - Networking Packet Filter Rules Privilege Escalation VeryPDF HTML Converter 2.0 - SEH/ToLower() Bypass Buffer Overflow VeryPDF HTML Converter 2.0 - Buffer Overflow (SEH/ToLower() Bypass) Symantec Encryption Desktop 10 - Buffer Overflow Privilege Escalation QEMU (Gentoo) - Local Priv Escalation QEMU (Gentoo) - Privilege Escalation Apache Tomcat 8/7/6 (RedHat-Based Distros) - Privilege Escalation Apache Tomcat 8/7/6 (RedHat Based Distros) - Privilege Escalation RedStar 3.0 Server - 'BEAM & RSSMON' Command Execution (Shellshock) RedStar 3.0 Server - 'BEAM' / 'RSSMON' Command Injection (Shellshock) Microsoft WordPerfect Document Converter - Exploit (MS03-036) Microsoft WordPerfect Document Converter (Windows NT4 Workstation SP5/SP6 French) - File Template Buffer Overflow (MS03-036) CA BrightStor ARCserve Backup - Exploiter Tool CA BrightStor ARCserve Backup - Overflow NCTAudioEditor2 ActiveX DLL 'NCTWMAFile2.dll 2.6.2.157' - Exploit NCTAudioEditor2 ActiveX DLL 'NCTWMAFile2.dll 2.6.2.157' - File Write CDBurnerXP 4.2.4.1351 - Exploit PeerCast 0.1216 - Exploit (Metasploit) PeerCast 0.1216 - Stack Overflow (Metasploit) BigAnt Server 2.52 - Exploit (SEH) BigAnt Server 2.52 - Overflow (SEH) NetTransport Download Manager 2.90.510 - Exploit NetTransport Download Manager 2.90.510 - Overflow (SEH) File Sharing Wizard 1.5.0 - Exploit (SEH) File Sharing Wizard 1.5.0 - Overflow (SEH) Real Player 12.0.0.879 - Exploit Sun Java Web Server 7.0 u7 - Exploit (DEP Bypass) Real Player 12.0.0.879 - Code Execution Sun Java Web Server 7.0 u7 - Overflow (DEP Bypass) IBM AIX 5l FTPd - Remote DES Hash Exploit IBM AIX 5l - 'FTPd' Remote DES Hash Exploit Microsoft Data Access Components - Exploit (MS11-002) Microsoft Data Access Components - Overflow (PoC) (MS11-002) FileCOPA FTP Server (Pre 18 Jul Version) - Exploit (Metasploit) FileCOPA FTP Server (Pre 18 Jul Version) - 'LIST' Buffer Overflow (Metasploit) Viscom Software Movie Player Pro SDK ActiveX 6.8 - Exploit (Metasploit) Viscom Software Movie Player Pro SDK ActiveX 6.8 - Stack-Based Buffer Overflow (Metasploit) Apple Personal Web Sharing 1.1 - Exploit id Software Solaris Quake II 3.13/3.14 / QuakeWorld 2.0/2.1 / Quake 1.9/3.13/3.14 - Exploit id Software Solaris Quake II 3.13/3.14 / QuakeWorld 2.0/2.1 / Quake 1.9/3.13/3.14 - Command Execution Metainfo Sendmail 2.0/2.5 & MetaIP 3.1 - Exploit Metainfo Sendmail 2.0/2.5 / MetaIP 3.1 - Upload / Execute Read Scripts IBM AIX 3.2/4.1 & SCO Unixware 7.1.1 & SGI IRIX 5.3 & Sun Solaris 2.5.1 - Exploit IBM AIX 3.2/4.1 / SCO Unixware 7.1.1 / SGI IRIX 5.3 / Sun Solaris 2.5.1 - Privilege Escalation HP HP-UX 10.34 rlpdaemon - Exploit HP HP-UX 10.34 rlpdaemon - Remote Overflow Ray Chan WWW Authorization Gateway 0.1 - Exploit Ray Chan WWW Authorization Gateway 0.1 - Command Execution Solaris 7.0 Coredump - Exploit Solaris 7.0 - 'Coredump' File Write IBM Scalable POWERparallel (SP) 2.0 sdrd - Exploit SGI IRIX 6.2 cgi-bin wrap - Exploit IBM Scalable POWERparallel (SP) 2.0 - 'sdrd' File Read SGI IRIX 6.2 - cgi-bin wrap Exploit SGI IRIX 6.5.2 nsd - Exploit SGI IRIX 6.5.2 - 'nsd'' Exploit IBM AIX 3.2.5 - login(1) Exploit IBM AIX 3.2.5 - 'login(1)' Exploit Compaq Java Applet for Presario SpawnApp - Exploit Compaq Java Applet for Presario SpawnApp - Code Execution Network Security Wizards Dragon-Fire IDS 1.0 - Exploit Network Security Wizards Dragon-Fire IDS 1.0 - Command Execution Hughes Technologies Mini SQL (mSQL) 2.0/2.0.10 - Exploit Hughes Technologies Mini SQL (mSQL) 2.0/2.0.10 - Information Disclosure IBM AIX 4.3.2 ftpd - Remote Buffer Overflow IBM AIX 4.3.2 - 'ftpd' Remote Buffer Overflow glFTPd 1.17.2 - Exploit glFTPd 1.17.2 - Code Execution Netopia R-series routers 4.6.2 - Exploit Netopia R-series Routers 4.6.2 - Modifying SNMP Tables Sun Java Web Server 1.1.3/2.0 Servlets - Exploit Sun Java Web Server 1.1.3/2.0 Servlets - information Disclosure IPFilter 3.x - Fragment Rule Bypass CGIWrap 2.x/3.x - Cross-Site Scripting AIX 4.1/4.2 - pdnsd Buffer Overflow AIX 4.1/4.2 - 'pdnsd' Buffer Overflow RedHat Linux 7.0 Apache - Remote 'Username' Enumeration RedHat Linux 7.0 Apache - Remote Username Enumeration Hylafax 4.1.x - HFaxD Unspecified Format String Hylafax 4.1.x - HFaxD Format String EZMeeting 3.x - 'EZNet.exe' Long HTTP Request Remote Buffer Overflow LHA 1.x - Multiple extract_one Buffer Overflow Vulnerabilities LHA 1.x - 'extract_one' Multiple Buffer Overflow Vulnerabilities Ethereal 0.x - Multiple Unspecified iSNS / SMB / SNMP Protocol Dissector Vulnerabilities Ethereal 0.x - Multiple iSNS / SMB / SNMP Protocol Dissector Vulnerabilities Oracle 9i - Multiple Unspecified Vulnerabilities Oracle 9i - Multiple Vulnerabilities File ELF 4.x - Header Unspecified Buffer Overflow File ELF 4.x - Header Buffer Overflow Microsoft PowerPoint 2003 - 'mso.dll' .PPT Processing Unspecified Code Execution Microsoft PowerPoint 2003 - 'powerpnt.exe' Unspecified Issue Microsoft PowerPoint 2003 - 'mso.dll' '.PPT' Processing Code Execution Microsoft PowerPoint 2003 - 'powerpnt.exe' Exploit CA eSCC r8/1.0 / eTrust Audit r8/1.5 - Unspecified Arbitrary File Manipulation CA eSCC r8/1.0 / eTrust Audit r8/1.5 - Audit Event System Unspecified Replay Attack CA eSCC r8/1.0 / eTrust Audit r8/1.5 - Arbitrary File Manipulation CA eSCC r8/1.0 / eTrust Audit r8/1.5 - Audit Event System Replay Attack Microsoft Internet Explorer 6 - Unspecified Code Execution (1) Microsoft Internet Explorer 6 - Unspecified Code Execution (2) Microsoft Internet Explorer 6 - Code Execution (1) Microsoft Internet Explorer 6 - Code Execution (2) GNU Tar 1.1x - GNUTYPE_NAMES Directory Traversal GNU Tar 1.1x - 'GNUTYPE_NAMES' Directory Traversal TFTP Server TFTPDWin 0.4.2 - Unspecified Directory Traversal TFTP Server TFTPDWin 0.4.2 - Directory Traversal Novell eDirectory 8.x - eMBox Utility 'edirutil' Command Unspecified Novell eDirectory 8.x - eMBox Utility 'edirutil' Command Exploit Multiple CA Service Management Products - Unspecified Remote Command Execution Multiple CA Service Management Products - Remote Command Execution NovaStor NovaNET 12 - 'DtbClsLogin()' Remote Stack Buffer Overflow Bash - Environment Variables Code Injection (Shellshock) Bash - Environment Variables Command Injection (Shellshock) OpenVPN 2.2.29 - Remote Exploit (Shellshock) OpenVPN 2.2.29 - Remote Command Injection (Shellshock) Postfix SMTP 4.2.x < 4.2.48 - Remote Exploit (Shellshock) Apache mod_cgi - Remote Exploit (Shellshock) Postfix SMTP 4.2.x < 4.2.48 - Remote Command Injection (Shellshock) Apache mod_cgi - Remote Command Injection (Shellshock) Poison Ivy 2.3.2 - Unspecified Remote Buffer Overflow Poison Ivy 2.3.2 - Remote Buffer Overflow Samba 3.5.11/3.6.3 - Unspecified Remote Code Execution Samba 3.5.11/3.6.3 - Remote Code Execution Advantech Switch - Bash Environment Variable Code Injection (Shellshock) (Metasploit) Advantech Switch - Bash Environment Variable Command Injection (Shellshock) (Metasploit) Cisco UCS Manager 2.1(1b) - Remote Exploit (Shellshock) Cisco UCS Manager 2.1(1b) - Remote Command Injection (Shellshock) IPFire - Bash Environment Variable Injection (Shellshock) (Metasploit) IPFire - Bash Environment Variable Command Injection (Shellshock) (Metasploit) TrendMicro InterScan Web Security Virtual Appliance - Remote Code Execution (Shellshock) TrendMicro InterScan Web Security Virtual Appliance - Remote Command Injection (Shellshock) Microsoft Security Essentials / SCEP (Microsoft Windows 8/8.1/10 / Windows Server) - 'MsMpEng' Remotely Exploitable Type Confusion Microsoft Security Essentials / SCEP (Microsoft Windows 8/8.1/10 / Windows Server) - 'MsMpEng' Remote Type Confusion Poll It CGI 2.0 - Exploit Poll It CGI 2.0 - Multiple Vulnerabilities DreamPoll 3.1 - Exploit DreamPoll 3.1 - SQL Injection WordPress Plugin WP-Cumulus 1.20 - Exploit WordPress Plugin WP-Cumulus 1.20 - Full Path Disclosure / Cross-Site Scripting Public Media Manager - Exploit Public Media Manager - Remote File Inclusion Joomla! Component com_adagency - Exploit Joomla! Component com_adagency - Local File Inclusion File Upload Manager 1.3 - Exploit File Upload Manager 1.3 - Web Shell File Upload Joomla! Component com_caddy - Exploit Renista CMS - Exploit Renista CMS - SQL Injection BtiTracker 1.3.x < 1.4.x - Exploit BtiTracker 1.3.x < 1.4.x - SQL Injection WordPress Plugin Cimy Counter - Exploit WordPress Plugin Cimy Counter - Full Path Disclosure / Redirector / Cross-Site Scripting / HTTP Response Spitting Belkin F5D7234-4 v5 G Wireless Router - Exploit Belkin F5D7234-4 v5 G Wireless Router - Remote Hash Exposed WhatsApp Status Changer 0.2 - Exploit WhatsApp - Remote Change Status MySimpleNews 1.0 - Remotely Readable Administrator Password MySimpleNews 1.0 - Remote Readable Administrator Password SquirrelMail 1.2.11 - Exploit SquirrelMail 1.2.11 - Multiple Vulnerabilities D-Link DCS-936L Network Camera - Cross-Site Request Forgery Yappa-ng 1.x/2.x - Unspecified Remote File Inclusion Yappa-ng 1.x/2.x - Unspecified Cross-Site Scripting Yappa-ng 1.x/2.x - Remote File Inclusion Yappa-ng 1.x/2.x - Cross-Site Scripting Aenovo - Multiple Unspecified Cross-Site Scripting Vulnerabilities Aenovo - Multiple Cross-Site Scripting Vulnerabilities Codegrrl - 'Protection.php' Unspecified Code Execution Codegrrl - 'Protection.php' Code Execution Red Mombin 0.7 - 'index.php' Unspecified Cross-Site Scripting Red Mombin 0.7 - 'process_login.php' Unspecified Cross-Site Scripting Red Mombin 0.7 - 'index.php' Cross-Site Scripting Red Mombin 0.7 - 'process_login.php' Cross-Site Scripting A-Blog 1.0 - Unspecified Cross-Site Scripting A-Blog 1.0 - Cross-Site Scripting Liens_Dynamiques 2.1 - Multiple Unspecified Cross-Site Scripting Vulnerabilities Liens_Dynamiques 2.1 - Multiple Cross-Site Scripting Vulnerabilities WordPress Plugin Akismet 2.1.3 - Unspecified WordPress Plugin Akismet 2.1.3 - Exploit SquirrelMail G/PGP Encryption Plugin 2.0/2.1 - Multiple Unspecified Remote Command Execution Vulnerabilities SquirrelMail G/PGP Encryption Plugin 2.0/2.1 - Multiple Remote Command Execution Vulnerabilities UPC Ireland Cisco EPC 2425 Router / Horizon Box - Exploit UPC Ireland Cisco EPC 2425 Router / Horizon Box - WPA-PSK Handshake Information Korean GHBoard - 'Component/upload.jsp' Unspecified Arbitrary File Upload Korean GHBoard - 'Component/upload.jsp' Arbitrary File Upload MyPHP Forum 3.0 - 'search.php' Multiple Unspecified SQL Injections MyPHP Forum 3.0 - 'search.php' Multiple SQL Injections Zoph 0.7.2.1 - Unspecified SQL Injection Zoph 0.7.2.1 - SQL Injection Joomla! Component FreiChat 1.0/2.x - Unspecified HTML Injection Joomla! Component FreiChat 1.0/2.x - HTML Injection Bash CGI - Remote Code Execution (Shellshock) (Metasploit) Bash CGI - Remote Command Injection (Shellshock) (Metasploit) PHP < 5.6.2 - 'disable_functions()' Bypass Exploit (Shellshock) PHP < 5.6.2 - 'disable_functions()' Bypass Command Injection (Shellshock) Hyperic HQ Enterprise 4.5.1 - Cross-Site Scripting / Multiple Unspecified Security Vulnerabilities Hyperic HQ Enterprise 4.5.1 - Cross-Site Scripting / Multiple Security Vulnerabilities Atlassian JIRA FishEye 2.5.7 / Crucible 2.5.7 Plugins - XML Parsing Unspecified Security Atlassian JIRA FishEye 2.5.7 / Crucible 2.5.7 Plugins - XML Parsing Security Exploit Netsweeper 4.0.8 - Authentication Bypass Issue Netsweeper 4.0.8 - Authentication Bypass SimpleInvoices invoices Module - Unspecified Customer Field Cross-Site Scripting SimpleInvoices invoices Module - Customer Field Cross-Site Scripting Bugzilla 4.2 - Tabular Reports Unspecified Cross-Site Scripting Bugzilla 4.2 - Tabular Reports Cross-Site Scripting iScripts AutoHoster - 'main_smtp.php' Unspecified Traversal iScripts AutoHoster - 'main_smtp.php' Traversal Exploit Trend Micro - 'CoreServiceShell.exe' Multiple HTTP Issues Trend Micro - 'CoreServiceShell.exe' Multiple HTTP Exploits Sun Secure Global Desktop and Oracle Global Desktop 4.61.915 - Exploit (Shellshock) Sun Secure Global Desktop and Oracle Global Desktop 4.61.915 - Command Injection (Shellshock) NUUO NVRmini 2 3.0.8 - Remote Code Execution (Shellshock) NUUO NVRmini 2 3.0.8 - Remote Command Injection (Shellshock) Squid Analysis Report Generator 2.3.10 - Remote Code Execution |
||
|
Offensive Security
|
635e0e935f |
DB: 2017-07-15
4 new exploits Counter Strike: Condition Zero - '.BSP' Map File Code Execution Firefox 50.0.1 - ASM.JS JIT-Spray Remote Code Execution Apache Struts 2.3.x Showcase - Remote Code Execution (PoC) WDTV Live SMP 2.03.20 - Remote Password Reset |
||
|
Offensive Security
|
1a4e6f50a9 |
DB: 2017-02-01
65 new exploits Quake 3 Engine Client (Windows x86) - CS_ITEms Remote Overflow Mercur IMAPD 5.00.14 (Windows x86) - Remote Denial of Service PHP 5.2.0 (Windows x86) - (PHP_win32sti) Local Buffer Overflow PHP 5.2.0 (Windows x86) - 'PHP_iisfunc.dll' Local Buffer Overflow 32bit FTP (09.04.24) - 'Banner' Remote Buffer Overflow (PoC) Apple Safari 3.2.3 (Windows x86) - JavaScript (eval) Remote Denial of Service Apple Safari 4.0.3 (Windows x86) - CSS Remote Denial of Service Apple Safari 4.0.3 (Windows x86) - CSS Remote Denial of Service ESET Smart Security 4.2 and NOD32 AntiVirus 4.2 (x32/x64) - LZH archive parsing (PoC) ESET Smart Security 4.2 and NOD32 AntiVirus 4.2 (x86/x64) - LZH archive parsing (PoC) Linux Kernel 2.6.x (x64) - Personality Handling Local Denial of Service VMware Workstations 10.0.0.40273 - 'vmx86.sys' Arbitrary Kernel Read Samba < 3.6.2 (x86) - Denial of Serviec (PoC) Adobe Flash - Bad Dereference at 0x23c on Linux x64 Adobe Flash (Linux x64) - Bad Dereference at 0x23c Linux (x86) - Disable ASLR by Setting the RLIMIT_STACK Resource to Unlimited Core FTP Server 32-bit Build 587 - Heap Overflow Windows 10 x86/x64 WLAN AutoConfig - Denial of Service (POC) Windows 10 (x86/x64) WLAN AutoConfig - Denial of Service (POC) RedHat 6.2 /usr/bin/rcp - SUID Privilege Escalation RedHat 6.2 /usr/bin/rcp - 'SUID' Privilege Escalation Setuid perl - PerlIO_Debug() Root Owned File Creation Privilege Escalation Setuid perl - 'PerlIO_Debug()' Root Owned File Creation Privilege Escalation Wireless Tools 26 (IWConfig) - Privilege Escalation (some setuid) Qpopper 4.0.8 (Linux) - (poppassd) Privilege Escalation Wireless Tools 26 (IWConfig) - Privilege Escalation Qpopper 4.0.8 (Linux) - 'poppassd' Privilege Escalation Navicat Premium 11.2.11 (x64) - Local Database Password Disclosure Rocks Clusters 4.1 - (umount-loop) Privilege Escalation Rocks Clusters 4.1 - (mount-loop) Privilege Escalation Rocks Clusters 4.1 - 'umount-loop' Privilege Escalation Rocks Clusters 4.1 - 'mount-loop' Privilege Escalation PrivateTunnel Client 2.7.0 (x64) - Local Credentials Disclosure Linux Kernel 2.4 / 2.6 (x86-64) - System Call Emulation Privilege Escalation Postfix 2.6-20080814 - (symlink) Privilege Escalation Postfix 2.6-20080814 - 'symlink' Privilege Escalation Oracle Database Vault - ptrace(2) Privilege Escalation Oracle Database Vault - 'ptrace(2)' Privilege Escalation Linux Kernel 2.6.24_16-23 / 2.6.27_7-10 / 2.6.28.3 (Ubuntu 8.04/8.10 / Fedora Core 10 x86_64) - set_selection() UTF-8 Off-by-One Local Exploit Linux Kernel 2.6.24_16-23 / 2.6.27_7-10 / 2.6.28.3 (Ubuntu 8.04/8.10 / Fedora Core 10 x86-64) - set_selection() UTF-8 Off-by-One Local Exploit Linux Kernel 2.6 < 2.6.19 (White Box 4 / CentOS 4.4/4.5 / Fedora Core 4/5/6 x86) - 'ip_append_data()' Ring0 Privilege Escalation (1) Linux Kernel < 2.6.36-rc4-git2 (x86-64) - 'ia32syscall' Emulation Privilege Escalation Linux Kernel 2.6.27 < 2.6.36 (RedHat x86-64) - 'compat' Privilege Escalation Linux Kernel < 2.6.36-rc4-git2 (x86-64) - 'ia32syscall' Emulation Privilege Escalation Linux Kernel 2.6.27 < 2.6.36 (RedHat x86-64) - 'compat' Privilege Escalation GNU C Library 2.x (libc6) - Dynamic Linker LD_AUDIT Arbitrary DSO Load (Privilege Escalation) GNU C Library 2.x (libc6) - (Dynamic Linker LD_AUDIT Arbitrary DSO Load) Privilege Escalation Linux Kernel < 2.6.34 (Ubuntu 10.10 x86) - 'CAP_SYS_ADMIN' Privilege Escalation (1) Free Download Manager - Torrent Parsing Buffer Overflow (Metasploit) Free Download Manager 3.0 Build 844 - Torrent Parsing Buffer Overflow (Metasploit) VideoLAN VLC Client (Windows x86) - 'smb://' URI Buffer Overflow (Metasploit) PolicyKit polkit-1 < 0.101 - Linux Privilege Escalation PolicyKit polkit-1 < 0.101 - Privilege Escalation Linux Kernel 2.2.x 2.4.0-test1 (SGI ProPack 1.2/1.3) - Capabilities Privilege Escalation (Sendmail) (1) Linux Kernel 2.2.x 2.4.0-test1 (SGI ProPack 1.2/1.3) - Capabilities Privilege Escalation (Sendmail 8.10.1) (2) Linux Kernel 2.2.x 2.4.0-test1 (SGI ProPack 1.2/1.3) - (Sendmail) Capabilities Privilege Escalation(1) Linux Kernel 2.2.x 2.4.0-test1 (SGI ProPack 1.2/1.3) - (Sendmail 8.10.1) Capabilities Privilege Escalation (2) QNX RTOS 4.25/6.1 - phgrafxPrivilege Escalation QNX RTOS 4.25/6.1 - phgrafx-startup Privilege Escalation QNX RTOS 4.25/6.1 - 'phgrafx' Privilege Escalation QNX RTOS 4.25/6.1 - 'phgrafx-startup' Privilege Escalation Dropbox Desktop Client 9.4.49 (x64) - Local Credentials Disclosure Microsoft Windows 10 10586 (x32/x64) / 8.1 Update 2 - NtLoadKeyEx User Hive Attachment Point Privilege Escalation (MS16-111) Microsoft Windows 10 10586 (x86/x64) / 8.1 Update 2 - NtLoadKeyEx User Hive Attachment Point Privilege Escalation (MS16-111) MySQL 3.23.x - mysqld Privilege Escalation MySQL 3.23.x - 'mysqld' Privilege Escalation Platform Load Sharing Facility 4/5/6 - EAuth Privilege Escalation MTools 3.9.x - MFormat Privilege Escalation Platform Load Sharing Facility 4/5/6 - 'EAuth' Privilege Escalation MTools 3.9.x - 'MFormat' Privilege Escalation Linux Kernel < 3.3.x < 3.7.x (Arch Linux x86-64) - 'sock_diag_handlers[]' Privilege Escalation (1) sudo 1.8.0 < 1.8.3p1 (sudo_debug) - Privilege Escalation + glibc FORTIFY_SOURCE Bypass sudo 1.8.0 < 1.8.3p1 (sudo_debug) - glibc FORTIFY_SOURCE Bypass + Privilege Escalation Linux Kernel < 3.8.9 (x86-64) - 'perf_swevent_init' Privilege Escalation (2) ZABBIX 1.1.4/1.4.2 - daemon_start Privilege Escalation ZABBIX 1.1.4/1.4.2 - 'daemon_start' Privilege Escalation Linux Kernel 3.4 < 3.13.2 (Ubuntu 13.04/13.10) - 'CONFIG_X86_X32=y' Privilege Escalation (3) LogMeIn Client 1.3.2462 (x64) - Local Credentials Disclosure Systrace 1.x (x64) - Aware Linux Kernel Privilege Escalation Microsoft Windows - NTUserMessageCall Win32k Kernel Pool Overflow 'schlamperei.x86.dll' (MS13-053) (Metasploit) Linux Kernel 3.14-rc1 < 3.15-rc4 (x64) - Raw Mode PTY Local Echo Race Condition Privilege Escalation Linux Kernel 3.2.0-23 / 3.5.0-23 (Ubuntu 12.04/12.04.1/12.04.2 x64) - 'perf_swevent_init' Privilege Escalation (3) TeamViewer 11.0.65452 (x64) - Local Credentials Disclosure Linux Kernel 3.13 - Privilege Escalation PoC (SGID) Linux Kernel 3.13 - (SGID) Privilege Escalation (PoC) OSSEC 2.8 - hosts.deny Privilege Escalation OSSEC 2.8 - 'hosts.deny' Privilege Escalation Ninja Privilege Escalation Detection and Prevention System 0.1.3 - Race Condition Ninja Privilege Escalation Detection and Prevention System 0.1.3 - Race Condition Privilege Escalation Linux espfix64 - Privilege Escalation (Nested NMIs Interrupting) Linux (x86) - Memory Sinkhole Privilege Escalation (PoC) Linux espfix64 - (Nested NMIs Interrupting) Privilege Escalation Linux (x86) - Memory Sinkhole Privilege Escalation (PoC) RHEL 7.0/7.1 - abrt/sosreport Privilege Escalation RHEL 7.0/7.1 - 'abrt/sosreport' Privilege Escalation MySQL 5.5.45 (x64) - Local Credentials Disclosure Linux Kernel 4.4.x (Ubuntu 16.04) - 'double-fdput()' in bpf(BPF_PROG_LOAD) Privilege Escalation Linux Kernel 4.4.x (Ubuntu 16.04) - 'double-fdput()' bpf(BPF_PROG_LOAD) Privilege Escalation ACROS Security 0patch 2016.05.19.539 - '0PatchServicex64.exe' Unquoted Service Path Privilege Escalation Linux Kernel 4.4.0-21 (Ubuntu 16.04 x64) - Netfilter target_offset Out-of-Bounds Privilege Escalation Microsoft Windows 7 (x32/x64) - Group Policy Privilege Escalation (MS16-072) Microsoft Windows 7 (x86/x64) - Group Policy Privilege Escalation (MS16-072) Linux Kernel 2.6.32-rc1 (x86-64) - Register Leak Linux Kernel 4.4.0 (Ubuntu 14.04/16.04 x86-64) - 'AF_PACKET' Race Condition Privilege Escalation Microsoft Windows 8.1 (x64) - RGNOBJ Integer Overflow (MS16-098) Viscosity 1.6.7 - Privilege Escalation BeroFTPD 1.3.4(1) (Linux/x86) - Remote Code Execution BeroFTPD 1.3.4(1) (Linux x86) - Remote Code Execution Solaris /bin/login (SPARC/x86) - Remote Code Execution gpsdrive 2.09 (x86) - (friendsd2) Remote Format String PrivateWire Gateway 3.7 (Windows x86) - Remote Buffer Overflow (Metasploit) dproxy-nexgen (Linux/x86) - Buffer Overflow dproxy-nexgen (Linux x86) - Buffer Overflow 32bit FTP (09.04.24) - 'CWD Response' Remote Buffer Overflow 32bit FTP (09.04.24) - 'Banner' Remote Buffer Overflow 32bit FTP (09.04.24) - 'CWD Response' Universal Overwrite (SEH) 32bit FTP - 'PASV' Reply Client Remote Overflow (Metasploit) 32bit FTP (09.04.24) - 'CWD Response' Remote Buffer Overflow 32bit FTP (09.04.24) - 'Banner' Remote Buffer Overflow 32bit FTP (09.04.24) - 'CWD Response' Universal Overwrite (SEH) 32bit FTP - 'PASV' Reply Client Remote Overflow (Metasploit) Oracle 9i XDB (Windows x86) - FTP UNLOCK Overflow (Metasploit) AASync 2.2.1.0 (Windows x86) - Stack Buffer Overflow 'LIST' (Metasploit) 32bit FTP Client - Stack Buffer Overflow (Metasploit) Free Download Manager - Remote Control Server Buffer Overflow (Metasploit) Free Download Manager 2.5 Build 758 - Remote Control Server Buffer Overflow (Metasploit) Apache (Windows x86) - Chunked Encoding (Metasploit) PeerCast 0.1216 (Windows x86) - URL Handling Buffer Overflow (Metasploit) CA CAM (Windows x86) - log_security() Stack Buffer Overflow (Metasploit) Samba 3.3.12 (Linux/x86) - 'chain_reply' Memory Corruption (Metasploit) Samba 2.2.8 (Linux x86) - 'trans2open' Overflow (Metasploit) Samba 3.3.12 (Linux x86) - 'chain_reply' Memory Corruption (Metasploit) Samba 2.2.8 (Linux x86) - 'trans2open' Overflow (Metasploit) Samba 2.2.8 (*BSD x86) - 'trans2open' Overflow Exploit (Metasploit) Webmin 0.x - RPC Function Privilege Escalation Webmin 0.x - 'RPC' Function Privilege Escalation Nginx 1.3.9/1.4.0 (x86) - Brute Force Remote Exploit Nginx 1.4.0 (x64) - (Generic Linux) Remote Exploit Nginx 1.4.0 (x64) (Generic Linux) - Remote Exploit technote 7.2 - Remote File Inclusion Technote 7.2 - Remote File Inclusion JAWS 0.2/0.3 - 'index.php' gadget Parameter Traversal Arbitrary File Access JAWS 0.2/0.3 - Cookie Manipulation Authentication Bypass JAWS 0.2/0.3 - 'index.php' action Parameter Cross-Site Scripting Jaws 0.2/0.3 - 'gadget' Parameter Traversal Arbitrary File Access Jaws 0.2/0.3 - Cookie Manipulation Authentication Bypass Jaws 0.2/0.3 - 'action' Parameter Cross-Site Scripting JAWS 0.2/0.3/0.4 - ControlPanel.php SQL Injection Jaws 0.2/0.3/0.4 - ControlPanel.php SQL Injection JAWS Glossary 0.4/0.5 - Cross-Site Scripting Jaws Glossary 0.4/0.5 - Cross-Site Scripting JAWS 0.x - Remote File Inclusion Jaws 0.x - Remote File Inclusion FlatNux 2009-03-27 - Multiple Cross-Site Scripting Vulnerabilities Flatnux 2009-03-27 - Multiple Cross-Site Scripting Vulnerabilities Multiple Netgear Routers - Password Disclosure Video Sharing Script 4.94 - 'uid' Parameter SQL Injection Netman 204 - Backdoor Account / Password Reset |
Renamed from platforms/linux/remote/32277.txt (Browse further)