exploit-db-mirror/platforms/linux
Offensive Security 538da000af DB: 2017-10-24
10 new exploits

FreeBSD 6.1 /dev/crypto - Local Kernel Denial of Service
FreeBSD 6.1 - '/dev/crypto' Local Kernel Denial of Service

NetBSD FTPd / Tnftpd - Remote Stack Overflow (PoC)
NetBSD - 'FTPd / Tnftpd' Remote Stack Overflow (PoC)

FreeBSD 6/8 - ata device Local Denial of Service
FreeBSD 6/8 - ata Device Local Denial of Service

FreeBSD 7.2 - pecoff executable Local Denial of Service
FreeBSD 7.2 - 'pecoff' Local Denial of Service

FreeBSD / OpenBSD 'ftpd' - Null Pointer Dereference Denial of Service
FreeBSD / OpenBSD - 'ftpd' Null Pointer Dereference Denial of Service

FreeBSD 8.0 ftpd (FreeBSD-SA-10:05) - Off-By-One (PoC)
FreeBSD 8.0 - 'ftpd' (FreeBSD-SA-10:05) Off-By-One (PoC)

FreeBSD Kernel - 'mountnfs()' Exploit
FreeBSD - 'mountnfs()' Exploit

FreeBSD 8.1/7.3 - vm.pmap Kernel Local Race Condition
FreeBSD 8.1/7.3 - 'vm.pmap' Local Race Condition

Linux Kernel 2.3 (BSD/OS 4.0 / FreeBSD 3.2 / NetBSD 1.4) - Shared Memory Denial of Service
BSD/Linux Kernel 2.3 (BSD/OS 4.0 / FreeBSD 3.2 / NetBSD 1.4) - Shared Memory Denial of Service

FreeBSD 3.0/3.1/3.2 vfs_cache - Denial of Service
FreeBSD 3.0/3.1/3.2 - 'vfs_cache' Denial of Service

FreeBSD Kernel - SCTP Remote NULL Ptr Dereference Denial of Service
FreeBSD - SCTP Remote NULL Ptr Dereference Denial of Service

OpenBSD 3.3/3.4 sysctl - Local Denial of Service
OpenBSD 3.3/3.4 - 'sysctl' Local Denial of Service

FreeBSD 9.1 ftpd - Remote Denial of Service
FreeBSD 9.1 - 'ftpd' Remote Denial of Service

FreeBSD 6.0/6.1 Ftrucante - Local Denial of Service
FreeBSD 6.0/6.1 - Ftrucante Local Denial of Service

NetBSD 3.1 FTPd / Tnftpd - Port Remote Buffer Overflow
NetBSD 3.1 - 'FTPd / Tnftpd' Port Remote Buffer Overflow

Multiple BSD Distributions - 'strfmon()' Integer Overflow
BSD (Multiple Distributions) - 'strfmon()' Integer Overflow

Multiple BSD Distributions - 'gdtoa/misc.c' Memory Corruption
BSD (Multiple Distributions) - 'gdtoa/misc.c' Memory Corruption

Multiple BSD Distributions - 'printf(3)' Memory Corruption
BSD (Multiple Distributions) - 'printf(3)' Memory Corruption

FreeBSD Kernel - Multiple Vulnerabilities
FreeBSD - Multiple Vulnerabilities

FreeBSD 10.2 Kernel (x64) - 'amd64_set_ldt' Heap Overflow
FreeBSD 10.2 (x64) - 'amd64_set_ldt' Heap Overflow

ArGoSoft Mini Mail Server 1.0.0.2 - Denial of Service
FreeBSD 3.5.1/4.2 - ports package xklock Privilege Escalation
FreeBSD 3.5.1/4.2 - Ports Package elvrec Privilege Escalation
FreeBSD 3.5.1/4.2 - Ports Package 'xklock' Privilege Escalation
FreeBSD 3.5.1/4.2 - Ports Package 'elvrec' Privilege Escalation

OpenBSD ftp - Exploit
OpenBSD - 'ftp' Exploit

FreeBSD /usr/bin/top - Format String
FreeBSD - '/usr/bin/top' Format String

FreeBSD 4.x / < 5.4 - master.passwd Disclosure
FreeBSD 4.x / < 5.4 - 'master.passwd' Disclosure

FreeBSD mcweject 0.9 (eject) - Buffer Overflow Privilege Escalation
FreeBSD mcweject 0.9 'Eject' - Buffer Overflow Privilege Escalation

Oracle 10g - CTX_DOC.MARKUP SQL Injection
Oracle 10g - 'CTX_DOC.MARKUP' SQL Injection

FreeBSD 6x/7 protosw Kernel - Privilege Escalation
FreeBSD 6x/7 - 'protosw' Privilege Escalation

FreeBSD 7.0-RELEASE Telnet Daemon - Privilege Escalation
FreeBSD 7.0-RELEASE - Telnet Daemon Privilege Escalation

FreeBSD 7.0/7.1 - 'ktimer' Kernel Privilege Escalation
FreeBSD 7.0/7.1 - 'ktimer' Privilege Escalation

FreeBSD 7.0/7.1 vfs.usermount - Privilege Escalation
FreeBSD 7.0/7.1 - 'vfs.usermount' Privilege Escalation

Multiple BSD Distributions - 'setusercontext()' Vulnerabilities
BSD (Multiple Distributions) - 'setusercontext()' Vulnerabilities

FreeBSD Kernel - 'nfs_mount()' Exploit
FreeBSD - 'nfs_mount()' Exploit

FreeBSD 5.4-RELEASE ftpd 6.00LS - sendfile kernel mem-leak Exploit
FreeBSD 5.4-RELEASE ftpd 6.00LS - 'sendfile' Memory Leak Exploit

Sun Solaris 7.0 sdtcm_convert - Exploit
Sun Solaris 7.0 - 'sdtcm_convert' Exploit
BSD/OS 2.1 / Caldera UnixWare 7/7.1.0 / FreeBSD 1.1.5.1/2.0 / HP HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.3 / SunOS 4.1.4 - libXt library Exploit (1)
BSD/OS 2.1 / Caldera UnixWare 7/7.1.0 / FreeBSD 1.1.5.1/2.0 / HP HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.3 / SunOS 4.1.4 - libXt library Exploit (2)
BSD/OS 2.1 / Caldera UnixWare 7/7.1.0 / FreeBSD 1.1.5.1/2.0 / HP HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.3 / SunOS 4.1.4 - libXt library Exploit (3)
BSD/OS 2.1 / DG/UX 4.0 / Debian 0.93 / Digital UNIX 4.0 B / FreeBSD 2.1.5 / HP-UX 10.34 / IBM AIX 4.1.5 / NetBSD 1.0/1.1 / NeXTstep 4.0 / SGI IRIX 6.3 / SunOS 4.1.4 - rlogin Exploit
BSD/OS 2.1 / Caldera UnixWare 7/7.1.0 / FreeBSD 1.1.5.1/2.0 / HP HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.3 / SunOS 4.1.4 - 'libXt Library' Exploit (1)
BSD/OS 2.1 / Caldera UnixWare 7/7.1.0 / FreeBSD 1.1.5.1/2.0 / HP HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.3 / SunOS 4.1.4 - 'libXt Library' Exploit (2)
BSD/OS 2.1 / Caldera UnixWare 7/7.1.0 / FreeBSD 1.1.5.1/2.0 / HP HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.3 / SunOS 4.1.4 - 'libXt Library' Exploit (3)
BSD/OS 2.1 / DG/UX 4.0 / Debian 0.93 / Digital UNIX 4.0 B / FreeBSD 2.1.5 / HP-UX 10.34 / IBM AIX 4.1.5 / NetBSD 1.0/1.1 / NeXTstep 4.0 / SGI IRIX 6.3 / SunOS 4.1.4 - 'rlogin' Exploit

NetBSD 1.3.2 / SGI IRIX 6.5.1 at(1) - Exploit
NetBSD 1.3.2 / SGI IRIX 6.5.1 - 'at(1)' Exploit
Debian 2.0/2.0 r5 / FreeBSD 3.2 / OpenBSD 2.4 / RedHat 5.2 i386 / S.u.S.E. 6.1 - Lsof Buffer Overflow (1)
Debian 2.0/2.0 r5 / FreeBSD 3.2 / OpenBSD 2.4 / RedHat 5.2 i386 / S.u.S.E. 6.1 - Lsof Buffer Overflow (2)
Debian 2.0/2.0 r5 / FreeBSD 3.2 / OpenBSD 2.4 / RedHat 5.2 i386 / S.u.S.E. 6.1 - 'Lsof' Buffer Overflow (1)
Debian 2.0/2.0 r5 / FreeBSD 3.2 / OpenBSD 2.4 / RedHat 5.2 i386 / S.u.S.E. 6.1 - 'Lsof' Buffer Overflow (2)
BSD/OS 2.1 / FreeBSD 2.1.5 / NeXTstep 4.x / IRIX 6.4 / SunOS 4.1.3/4.1.4 - lpr Buffer Overrun (1)
BSD/OS 2.1 / FreeBSD 2.1.5 / NeXTstep 4.x / IRIX 6.4 / SunOS 4.1.3/4.1.4 - lpr Buffer Overrun (2)
BSD/OS 2.1 / FreeBSD 2.1.5 / NeXTstep 4.x / IRIX 6.4 / SunOS 4.1.3/4.1.4 - 'lpr' Buffer Overrun (1)
BSD/OS 2.1 / FreeBSD 2.1.5 / NeXTstep 4.x / IRIX 6.4 / SunOS 4.1.3/4.1.4 - 'lpr' Buffer Overrun (2)

BSD 2 / CND 1 / Sendmail 8.x / FreeBSD 2.1.x / HP-UX 10.x / AIX 4 / RedHat 4 - Sendmail Daemon
BSD 2 / CND 1 / Sendmail 8.x / FreeBSD 2.1.x / HP-UX 10.x / AIX 4 / RedHat 4 - Sendmail Daemon Exploit
FreeBSD 3.3 gdc - Buffer Overflow
FreeBSD 3.3 gdc - Symlink Exploit
FreeBSD 3.3 - Seyon setgid dialer
FreeBSD 3.3 xmindpath - Buffer Overflow
FreeBSD 3.3 angband - Buffer Overflow
FreeBSD 3.3 - 'gdc' Buffer Overflow
FreeBSD 3.3 - 'gdc' Symlink Exploit
FreeBSD 3.3 - Seyon setgid Dialer
FreeBSD 3.3 - 'xmindpath' Buffer Overflow
FreeBSD 3.3 - 'angband' Buffer Overflow

FreeBSD 3.0/3.1/3.2/3.3/3.4 Asmon/Ascpu - Exploit
FreeBSD 3.0/3.1/3.2/3.3/3.4 - 'Asmon'/'Ascpu' Exploit
BSD mailx 8.1.1-10 - Buffer Overflow (1)
BSD mailx 8.1.1-10 - Buffer Overflow (2)
BSD 'mailx' 8.1.1-10 - Buffer Overflow (1)
BSD 'mailx' 8.1.1-10 - Buffer Overflow (2)

OpenBSD 2.x - fstat Format String
OpenBSD 2.x - 'fstat' Format String

BSD lpr 0.54 -4 - Arbitrary Command Execution
BSD 'lpr' 0.54 -4 - Arbitrary Command Execution

FreeBSD 3.5/4.x /usr/bin/top - Format String
FreeBSD 3.5/4.x - '/usr/bin/top' Format String

Apple Mac OSX 10.x / FreeBSD 4.x / OpenBSD 2.x / Solaris 2.5/2.6/7.0/8 - exec C Library Standard I/O File Descriptor Closure
Apple Mac OSX 10.x / FreeBSD 4.x / OpenBSD 2.x / Solaris 2.5/2.6/7.0/8 - 'exec C Library' Standard I/O File Descriptor Closure
BSD lpr 2000.05.07/0.48/0.72 / lpr-ppd 0.72 - Local Buffer Overflow (2)
BSD lpr 2000.05.07/0.48/0.72 / lpr-ppd 0.72 - Local Buffer Overflow (1)
BSD 'lpr' 2000.05.07/0.48/0.72 / lpr-ppd 0.72 - Local Buffer Overflow (2)
BSD 'lpr' 2000.05.07/0.48/0.72 / lpr-ppd 0.72 - Local Buffer Overflow (1)

BSD Kernel - SHMAT System Call Privilege Escalation
BSD - SHMAT System Call Privilege Escalation

Linux Kernel < 3.8.x - open-time Capability file_ns_capable() Privilege Escalation
Linux Kernel < 3.8.x - open-time Capability 'file_ns_capable()' Privilege Escalation

FreeBSD 9.0 < 9.1 mmap/ptrace - Privilege Escalation
FreeBSD 9.0 < 9.1 - 'mmap/ptrace' Privilege Escalation

NetBSD mail.local(8) - Privilege Escalation (Metasploit)
NetBSD - 'mail.local(8)' Privilege Escalation (Metasploit)

OpenBSD 3.9/4.0 - ld.so Local Environment Variable Clearing
OpenBSD 3.9/4.0 - 'ld.so' Local Environment Variable Clearing

FreeBSD 7.1 libc - Berkley DB Interface Uninitialized Memory Local Information Disclosure
FreeBSD 7.1 - libc Berkley DB Interface Uninitialized Memory Local Information Disclosure

Apple Mac OSX 10.10 - DYLD_PRINT_TO_FILE Privilege Escalation
Apple Mac OSX 10.10 - 'DYLD_PRINT_TO_FILE' Privilege Escalation

Apple Mac OSX 10.10.5 - XNU Privilege Escalation
Apple Mac OSX 10.10.5 - 'XNU' Privilege Escalation

Apple Mac OSX 10.9.5/10.10.5 - rsh/libmalloc Privilege Escalation
Apple Mac OSX 10.9.5/10.10.5 - 'rsh/libmalloc' Privilege Escalation

Apple Mac OSX 10.9.5/10.10.5 - rsh/libmalloc Privilege Escalation (Metasploit)
Apple Mac OSX 10.9.5/10.10.5 - 'rsh/libmalloc' Privilege Escalation (Metasploit)

NetBSD mail.local(8) - Privilege Escalation (NetBSD-SA2016-006)
NetBSD - 'mail.local(8)' Privilege Escalation
Linux Kernel 4.8.0-41-generic (Ubuntu) - Packet Socket Local Privilege Escalation
Linux Kernel 3.11 < 4.8 0 - 'SO_SNDBUFFORCE' & 'SO_RCVBUFFORCE' Local Privilege Escalation
Linux Kernel 3.x (Ubuntu 14.04 / Mint 17.3 / Fedora 22) - Double-free usb-midi SMEP Local Privilege Escalation
Linux Kernel 4.8.0-41-generic (Ubuntu) - Packet Socket Privilege Escalation
Linux Kernel 3.11 < 4.8 0 - 'SO_SNDBUFFORCE' / 'SO_RCVBUFFORCE' Privilege Escalation
Linux Kernel 3.x (Ubuntu 14.04 / Mint 17.3 / Fedora 22) - Double-free usb-midi SMEP Privilege Escalation
Linux Kernel (Debian 7/8/9/10 / Fedora 23/24/25 / CentOS 5.3/5.11/6.0/6.8/7.2.1511) - 'ldso_hwcap Stack Clash' Local Privilege Escalation
Linux Kernel (Debian 7.7/8.5/9.0 / Ubuntu 14.04.2/16.04.2/17.04 / Fedora 22/25 / CentOS 7.3.1611) - 'ldso_hwcap_64 Stack Clash' Local Privilege Escalation
Linux Kernel (Debian 9/10 / Ubuntu 14.04.5/16.04.2/17.04 / Fedora 23/24/25) - 'ldso_dynamic Stack Clash' Local Privilege Escalation
Linux Kernel (Debian 7/8/9/10 / Fedora 23/24/25 / CentOS 5.3/5.11/6.0/6.8/7.2.1511) - 'ldso_hwcap Stack Clash' Privilege Escalation
Linux Kernel (Debian 7.7/8.5/9.0 / Ubuntu 14.04.2/16.04.2/17.04 / Fedora 22/25 / CentOS 7.3.1611) - 'ldso_hwcap_64 Stack Clash' Privilege Escalation
Linux Kernel (Debian 9/10 / Ubuntu 14.04.5/16.04.2/17.04 / Fedora 23/24/25) - 'ldso_dynamic Stack Clash' Privilege Escalation

Linux Kernel 4.14.0-rc4+ - 'waitid()' Privilege Escalation

BSD TelnetD - Remote Command Execution (1)
BSD - 'TelnetD' Remote Command Execution (1)

ftpd / ProFTPd (FreeBSD) - Remote Command Execution
FreeBSD - 'ftpd / ProFTPd' Remote Command Execution

FreeBSD Telnet Service - Encryption Key ID Buffer Overflow (Metasploit)
FreeBSD - Telnet Service Encryption Key ID Buffer Overflow (Metasploit)

BSD 4.2 fingerd - Buffer Overflow
BSD 4.2 - 'fingerd' Buffer Overflow
BSD/OS 3.1/4.0.1 / FreeBSD 3.0/3.1/3.2 / RedHat Linux 6.0 - amd Buffer Overflow (1)
BSD/OS 3.1/4.0.1 / FreeBSD 3.0/3.1/3.2 / RedHat Linux 6.0 - amd Buffer Overflow (2)
BSD/OS 3.1/4.0.1 / FreeBSD 3.0/3.1/3.2 / RedHat Linux 6.0 - 'amd' Buffer Overflow (1)
BSD/OS 3.1/4.0.1 / FreeBSD 3.0/3.1/3.2 / RedHat Linux 6.0 - 'amd' Buffer Overflow (2)

BSD TelnetD - Remote Command Execution (2)
BSD - 'TelnetD' Remote Command Execution (2)

FreeBSD 3.x/4.x - ipfw Filtering Evasion
FreeBSD 3.x/4.x - 'ipfw' Filtering Evasion
FreeBSD 2.2-4.2 / NetBSD 1.2-4.5 / OpenBSD 2.x FTPd - 'glob()' Buffer Overflow
FreeBSD 4.2-stable FTPd - 'glob()' Buffer Overflow Vulnerabilities
FreeBSD 2.2-4.2 / NetBSD 1.2-4.5 / OpenBSD 2.x - FTPd 'glob()' Buffer Overflow
FreeBSD 4.2-stable - FTPd 'glob()' Buffer Overflow Vulnerabilities

Solaris 2.x/7.0/8 / IRIX 6.5.x / OpenBSD 2.x / NetBSD 1.x / Debian 3 / HP-UX 10 - TelnetD Buffer Overflow
Solaris 2.x/7.0/8 / IRIX 6.5.x / OpenBSD 2.x / NetBSD 1.x / Debian 3 / HP-UX 10 - 'TelnetD' Buffer Overflow

NetBSD 1.x TalkD - User Validation
NetBSD 1.x - 'TalkD' User Validation

tnftp - clientside BSD Exploit
tnftp (FreeBSD 8/9/10) - 'tnftp' Client Eide Exploit
Ayukov NFTP FTP Client < 2.0 - Buffer Overflow
Unitrends UEB 9 - http api/storage Remote Root (Metasploit)
Unitrends UEB 9 - bpserverd Authentication Bypass Remote Command Execution (Metasploit)
Polycom - Command Shell Authorization Bypass (Metasploit)

Joomla! Component Photo Blog alpha 3 - alpha 3a SQL Injection
Joomla! Component Photo Blog alpha 3 < alpha 3a - SQL Injection

cPanel 10.9 - dosetmytheme 'theme' Cross-Site Scripting
cPanel 10.9 - 'dosetmytheme?theme' Cross-Site Scripting

Korean GHBoard - Component/upload.jsp Unspecified Arbitrary File Upload
Korean GHBoard - 'Component/upload.jsp' Unspecified Arbitrary File Upload

TP-Link TL-MR3220 - Cross-Site Scripting
Logitech Media Server - Cross-Site Scripting
CometChat < 6.2.0 BETA 1 - Local File Inclusion
Kaltura < 13.1.0 - Remote Code Execution
2017-10-24 05:02:00 +00:00
..
dos DB: 2017-10-21 2017-10-21 05:01:31 +00:00
local DB: 2017-10-24 2017-10-24 05:02:00 +00:00
remote DB: 2017-10-21 2017-10-21 05:01:31 +00:00
shellcode DB: 2017-08-23 2017-08-23 05:01:29 +00:00
webapps DB: 2017-10-18 2017-10-18 05:01:30 +00:00