header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

FreeBSD 9.0 Intel SYSRET Kernel Privilege Escalation exploit

This exploit targets a vulnerability in the FreeBSD 9.0 kernel that allows for privilege escalation. The exploit takes advantage of a flaw in the Intel SYSRET instruction. By manipulating the IDT (Interrupt Descriptor Table), the exploit is able to gain kernel-level privileges. The payload function is responsible for executing the privilege escalation.

Skype Remote Format String Vulnerability

Skype is prone to a remote format-string vulnerability because the application fails to properly sanitize user-supplied input before using it in the format-specification argument of a formatted-printing function. Exploiting this issue allows remote attackers to execute arbitrary machine code in the context of the affected application, potentially facilitating the remote compromise of affected computers.

FreeBSD ja-elvis & ko-helvis Local Root Exploit

The ja-elvis and ko-helvis packages on FreeBSD versions prior to ja-elvis-1.8.4_1 and ko-helvis-1.8h2_1 contain a file recovery utility called 'elvrec' that is installed suid root(4755) by default. This utility is vulnerable to a buffer overflow, which can be exploited to gain root privileges.

HylaFAX+ Buffer Overflow Vulnerability

HylaFAX+ contains a daemon, 'hfaxd', that allows a 'fax client' to communicate with the fax server to submit fax jobs, query status, configure modems, etc. The code path for authenticating users via LDAP allocates a 255-byte buffer and then 'strcats' user-supplied data buffered from the inbound FTP control channel. It is possible for an UNAUTHENTICATED remote attacker to overflow the heap with a limited character set, leading to potential crashes or hangs. No actual exploit leveraging this vulnerability has been constructed yet.

PHPGraphy 0.9.12 Zend_Hash_Del_Key_Or_Index/privilege escalation/remote command execution exploit

This exploit allows an attacker to execute remote commands and escalate privileges in PHPGraphy 0.9.12. It works against servers with register_globals=on. The attacker can specify the target server, path to PHPGraphy, and the command to execute. Optional parameters include specifying a different port or using a proxy. This exploit has been developed by rgod. The dork used to find vulnerable sites is intext:"This site is using phpGraphy" | intitle:"my phpgraphy site". Contact information for the author is provided as mail: retrog@alice.it and site: http://retrogod.altervista.org.

Directory Traversal Vulnerability in PLESK

PLESK is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to retrieve arbitrary files from the vulnerable system in the context of the affected application. Information obtained may aid in further attacks.

Vulnerabilities in CA eTrust Security Command Center and eTrust Audit

The vulnerabilities in CA eTrust Security Command Center and eTrust Audit are due to the lack of user input validation and design errors in user permissions and secure data-transmission protocols. An attacker can exploit these vulnerabilities to access sensitive information, delete files, and carry out replay attacks.

Recent Exploits: