search for: shellcodes

[Mod: Forwarded from bugtraq -- alex] Hi! I''m sorry if the information I''m going to tell about was already known, but I hope it wasn''t... I just occasionally found a vulnerability in Linux libc (actually, some of the versions seem not to be vulnerable; my Slackware 3.1 box was though). Unfortunately, I have no time for a real investigation right now, but

I was surprised to see that this hadn't made it to the samba list yet. Note I have not spent any time trying to confirm validity. ---------- Forwarded message ---------- Date: Fri, 26 Sep 1997 00:21:55 +0200 From: root <root@ADM.KIX-AZZ.ORG> To: BUGTRAQ@NETSPACE.ORG /* ___ ______ _ _ / \ | _ \ | \ / |

cxterm is a Chinese terminal emulator for the X Window System. It''s installed as suid-root by default if you did a make install. Just like xterm, it does needs to be suid to update /etc/utmp...blahblah... I discovered some buffer overflow bugs in it. The code attached below is the exploit. Quick fix? chmod -s /path/cxterm

Summary: Any user can gain root privileges on a Intel Linux system with suidperl 5.003 (having the suid bit, of course) even if "SUIDBUF" and "two suidperl security patches" have been applied. Non-Intel / non-Linux platforms may be affected as well. Quick fix: chmod u-s /usr/bin/sperl5.003 (what else?) Details: There is a nasty bug in mess() (util.c): it is possible to

On 02/04/2015 04:55 PM, Warren Young wrote: > Unless you have misconfigured your system, anyone who can copy > /etc/shadow already has root privileges. They don?t need to crack your > passwords now. You?re already boned. Not exactly. There have been remotely exploitable vulnerabilities where an arbitrary file could be read (not written), but otherwise root access wasn't given

On Fri, Mar 12, 2004 at 11:57:30AM +0100, Morten Rodal wrote: > On Fri, Mar 12, 2004 at 12:49:14PM +0200, Ruslan Ermilov wrote: > > On Fri, Mar 12, 2004 at 10:22:00AM +0100, Morten Rodal wrote: > > > >Description: > > > ls(1) calls the fts(3) functions for traversing a file hierarchy. > > > If ls(1) is executed via execve(2) system call with a NULL argv >

I just had a peek at the anaconda source for Fedora 21. Apparently you can waive the password strength tests (and the non-ASCII tests) by simply clicking "Done" twice. def _checkPasswordASCII(self, inputcheck): """Set an error message if the password contains non-ASCII characters. Like the password strength check, this check can be bypassed by

----- Forwarded message from Louis Kowolowski <louisk@bend.com> ----- Date: Thu, 28 Aug 2003 11:37:42 -0700 From: Louis Kowolowski <louisk@bend.com> To: freebsd-security@freebsd.org Subject: snort, postgres, bridge User-Agent: Mutt/1.5.4i I've been prowling through the FreeBSD and Snort list archives in search of information on setting up snort on a FreeBSD bridge(4) that logs

Hola: Para el desarrollo del nuevo PluginR de Tiki (para poder ejecutar scripts de R desde Tiki: en páginas Wiki, hojas de cálculo web, etc, http://dev.tiki.org/PluginR ), por ahora estamos usando la lista de funciones que se usaban en el proyecto r-php, y que fueran heredadas por la extensión R de MediaWiki. Como r-php se hizo hace algunos años (2006), me pregunto si alguien sabe si hay

Section I. Overview Hello, About a half year ago there was some rumour on bugtraq concerning a buffer overflow in Linux dynamic linkers, ld.so and ld-linux.so. You can take a look at the beginning of the thread at http://www.geek-girl.com/bugtraq/1997_3/0089.html to refresh old memories; I''ll capitalize anyway. Briefly, there exists a buffer overrun in ld-linux.so versions 1.7.14,

Before anything else, let me state this: Of course it''s going to be PAINFULLY slow on MRI. That''s not the point :) I thought I''d try out writing out a Ruby version of the parser for the purposes of Rubinius. For those of you who aren''t aware, Ragel supports a goto-driven FSM on Rubinius by injecting assembly directly, and Rubinus head honcho guy Evan Phoenix

Hello there, I'd like to have iso image version for ultra sparc 64bit. Recently, I downloaded centos version 4.2 beta iso image and installed on SunUltra sparc 64 bit machine. It was hang when it went to the screen " the CentOS 4.2 beta screen, <Tab>/<Alt tab> | <Space> selects | <F12> next screen ". Any idea? Please help. Thanks in advance. Amy on your

> From: Larry Vaden <vaden at texoma.net> > Date: Sun, Jan 23, 2011 at 8:03 PM > Subject: sources of bind-9.7.2-P3 rpms for Centos 4.8 and 5.5? > Our site running Centos 4.8 and 5.5 name servers was hacked with > the result that www.yahoo.com is now within our /19 and causing > some grief. Don't understand what you mean by 'within our /19'. Have your IP

George Brown sent this to my private Email address instead of to the list. Because I forwarded it, my addres is in the header. Roger. ----- Forwarded message from root ----- >From root@bull.bullnet.co.uk Mon Aug 24 16:20:29 1998 Received: from dutepp0.et.tudelft.nl by rosie.BitWizard.nl (fetchmail-4.2.9 POP3 run by wolff) for <wolff@localhost> (single-drop); Mon Aug 24

Woops... this didn't show up here but it did on BugTraq. Questions answered! -- Chuck Mead, CTO, MoonGroup Consulting, Inc. <http://moongroup.com> Mail problems? Send "s-u-b-s-c-r-i-b-e mailhelp" (no quotes and no hyphens) in the body of a message to mailhelp-request@moongroup.com. Public key available at: wwwkeys.us.pgp.net ----------