This Metasploit module performs a Denial of Service Attack against Datagram TLS in OpenSSL version 0.9.8i and earlier. OpenSSL crashes under these versions when it receives a ChangeCipherspec Datagram before a ClientHello.
05418ed3c03396287c42e510c7ff652415886ee0d6face71a6516fb6e30d0ddeVersions of udev < 1.4.1 do not verify that netlink messages are coming from the kernel. This allows local users to gain privileges by sending netlink messages from userland.
a339530d415e4d147ac5e6556a603790385a27c54518e11e95069181161f0615This exploit leverages three vulnerabilities to escalate privileges. The primary vulnerability is a kernel stack overflow, not a stack buffer overflow as the CVE description incorrectly states. This may be the first public exploit for a kernel stack overflow, and it turns out to be a bit tricky due to some particulars of the econet vulnerability. It involves the econet_sendmsg function, ec_dev_ioctl function, and the ipc subsystem. Linux kernel versions prior to 2.6.36.2 are affected.
2d37f538eada970a47c67a722a79c8dce6b69007ccd606d4168c8d3c2c9a2c21Linux kernel versions prior to 2.6.37-rc2 ACPI custom_method local root privilege escalation exploit.
8e96652e9d0319db605344763c66b55b3366e06bdb9f068aa4c881ffd48bd76fWhitepaper called Exploiting Stack Overflows in the Linux Kernel.
016bb77dac51e83a5b49b22d5da3ab33e11a12156f1d991c106ca0fd1204189bLinux kernel versions prior to 2.6.36-rc6 pktcdvd kernel memory disclosure exploit.
bcaeadc0f0bddd7bd8801078daa8979e9919c284cca685426f03dee6b47267a6Linux Kernel versions prior to 2.6.36-rc1 CAN BCM privilege escalation exploit.
72e086a014a41a623ca930856f57c9a2e1ea6f163b29e800d67473f6e614b2f1Linux kernel versions 2.6.33.3 and below SCTP INIT remote denial of service exploit.
a35d8f03321604b0eee056d633f06be3f14c328a7fc6b0c000888fa3b75af760Linux Kernel versions 2.6.34-rc3 and below ReiserFS xattr privilege escalation exploit.
ec3e3da22ac58162ce7be7447d104d5ca1384de9ba4a5958c34ad37d6cb977dcISC DHCP dhclient scripts_write_params() stack buffer overflow exploit.
2014e6abc56455168433974101c55c09624023f1879081dc6ce5c0c8823eb70eDam Burst is a simple utility that allows an unprivileged user to disable the censorship functionality of the Green Dam Youth Escort software. Dam Burst operates by injecting code into a running application and removing the Green Dam hooks that enable it to monitor and block user activity, effectively restoring the running application to its original uncensored state.
0673f6b2281b49995b2f6ade3bc6f690015861420aff1882e86d5ffc75e31757Linux 2.6 kernel versions prior to 2.6.31-rc7 AF_IRDA 29 byte stack disclosure exploit.
90a78e8b742cc2eecf0c9710b57319b91e493fda7abff23b8e6a6810d96a39b5Linux kernel versions 2.6.31-rc7 and below AF_LLC getsockname 5-byte stack disclosure exploit.
b0e4c47e044db1a597742e8115493357309acc15b1e7785990b678662b54fbb2Linux kernel versions prior to 2.6.30.5 cfg80211 remote denial of service exploit.
45970a756cf7a9942c7a2e7c7b0dc26134f658d3ccb8fb4c7b15f7dd91b61591procfs memory disclosure exploit for Linux kernel versions prior to 2.6.14.6.
a870ac7b48160c6a68b2fabfa0d763085a457e0261e1bcfb589827d445df5e4dLinux kernel versions 2.6.31-rc5 and below sigaltstack 4-byte stack disclosure exploit.
52f0e66a6980d794824ef33af3f3f2f76b062c3ba6b5b2d6ca1c7555db98f160ISC DHCP dhclient versions below 3.1.2p1 remote buffer overflow proof of concept exploit.
3349faa893f5026dc2f5ad7d730fa3755ae56fe23834c0c9677e3b5a0eee16fcOpenSSL versions below 0.9.8i DTLS ChangeCipherSpec remote denial of service exploit.
c423dfdd2b8cf9bdc5f6306e55b415b44cbfafa64e6fbbae22549b1a42b3810cOpenSSL versions 0.9.8k and 1.0.0-beta2 DTLS remote memory exhaustion denial of service exploit.
707ecaa806e575970e45edb096353e9e70a251a1b313a57024ad97ba671abea1Linux 2.6 kernel udev versions below 1.4.1 local privilege escalation exploit.
bd6992d84b7f36f4d79d12ce8930abcac49295702f6e9938849399ecc5ab82cdlibvirt_proxy versions 0.5.1 and below local privilege escalation exploit.
d6a86f33d2c8f6b21caeda9e12fe29f7be896e99bc24a3e50439a596759674f8pam-krb5 versions below 3.13 local privilege escalation exploit.
ed6caf64e916f13fb22ba283a61616d7a4668b0cdd50588a48572cfcd9deedfbD-Bus Daemon versions prior to 1.2.4 remote denial of service exploit that uses a message with a malformed signature.
861cdf88bd58b60b9c5f7576049675820e167e1b3bd344ffabceb4395c096618Linux Kernel versions below 2.6.26.4 SCTP kernel memory disclosure exploit.
7e0bf7e87eb0ba0da140e07ab53740c3709083af939cf0f1e2a5c0226a2ac6dbCUPS versions below 1.3.8-4 privilege escalation exploit.
fcaa2f0c97580164e7c63808d96436a666a8c9465fb6a71edc363e7961c2dc20
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed