Firebird has 3 binaries: gds_inet_server, gds_drop, and gds_lock_mgr, which all use insufficent bounds checking in conjunction with getenv(), making each one susceptible to local exploitation. Enclosed are two local root exploits tested against versions 1.0.0 and 1.0.2 on FreeBSD.
7841bcf9369b0cfc917765429ceb7118d676bfc4a650b097f57716bfab790d9a
Local root exploit for the bounds checking vulnerability found in the utility youbin.
87875ae0421b2986889e445fb60844fbfbac8b79aed78b2e768d51ed7601cfdf
youbin, the utility that acts as a network version of the utility biff, has insufficient bounds checking that allows arbitrary code execution.
246db609e0835a2434298e984b43373b3bfa91bc54ee98a12910070f03a1b529
mIRC versions 6.03 and below has limited visibility during a DCC GET that allows for an attacker to spoof a legitimate file and instead send an executable that can lead to a compromise.
1526285a6cfee9ec7f27c916f95f1a43e3c750528310833886e933edd45409b5
UnitedLinux 1.0 ships with /usr/src/packages recursively set with full read, write, and execute permissions which makes way for planting of rogue source, ultimately leading to a full system compromise.
1ec77d05a51e34bf8f10fddbcea60b702cb5fe474c39d04ba118f2d496c1a10e
Rs_iis_xpl.pl is a remote exploit for rs_iis.c, a remote IIS exploit. Sets up a web server, and if rs_iis.c is used to attempt an exploit, a shell will be spawned on the attacking host. Tested against FreeBSD 4.7-RELEASE-p7.
53a1d6f18d614b512a0d0c1ca5a75101a70147c7534c005448527d40e2891a82
Local exploit to get gid of games for toppler.
dafe4a741510221ea6c66764660c6cb121ba22750610c8274faa4a3558e27179
Sircd v0.4.0 and below and v0.4.4 from CVS before 04/02-03 contains buffer overflow vulnerabilities which allow remote users to execute arbitrary code. Exploit available here.
e6cd4e6b3ed5a50f2058983327655cd6782b4cf9f1554404cf8127b30d18f04c
Moxftp v2.2 and below contains buffer overflow vulnerabilities which allow remote code execution. Includes exploit code which sends a shell.
54be2adad039f538737f860941fe34b2b93d3ad224244b1cd758a91759d8f841
Local Exploit for a buffer overflow in /usr/ports/games/nethack32 which gives a privilege escalation to group id games.
abb5288b7bfd7cc323676bad19715c4a998d3dc8a42907c4990dee00d5bc2822
iDEFENSE Security Advisory 02.10.03: Eset Software's NOD32 Antivirus System is a cross-platform anti-virus application which contains a locally exploitable buffer overflow on the Unix version which could allow attackers to gain root privileges.
9c873e85cfe6992b13b2e8da5382e348d3979db26cf79e682de57495f210babf
The code that sets the programs title bar in AbsoluteTelnet contains a buffer overflow vulnerability that can allow code execution. This affects AbsoluteTelnet version 2.00, 2.11 and has been fixed in this beta version of AbsoluteTelnet.
65f6d610ec78851f395bbebde3a968de65fed38e03e1bd3371bc86a90631695f
iDEFENSE Security Advisory 01.28.03 - It has been found that several SSH clients leave authentication data unprotected in the system memory while connecting to a remote host using the SSH2 protocol. Anyone with read access to the system memory can retrieve and abuse this information.
f96e214d26eae0377c74c3630c49679d41e66ba1f20315afe47ab9a17bed5cd3
Cbos2.4.3DoS.rar is a small demo video showing how to perform a denial of service attack against a cisco CBOS 2.4.3 using mIRC.
fa556397eedbb0b4b20661bef78b1659786aff6c9f31946f3c955ff5fc3a5b35