|
2001-01-13
|
|
SuSE 6.x/7.0 - MkDir Error Handling rctab Race Condition (1)
|
33 |
LOCAL
|
IhaQueR
|
|
2012-08-15
|
|
Microsoft Windows - Service Trusted Path Privilege Escalation (Metasploit)
|
36 |
LOCAL
|
Metasploit
|
|
2012-08-15
|
|
GlobalScape CuteZIP - Local Stack Buffer Overflow (Metasploit)
|
34 |
LOCAL
|
Metasploit
|
|
2001-01-02
|
|
GTK+ 1.2.8 - Arbitrary Loadable Module Execution
|
28 |
LOCAL
|
V9
|
|
2000-11-21
|
|
Solaris 2.x/7.0/8 - 'Catman' Race Condition (2)
|
32 |
LOCAL
|
Vapid Labs
|
|
2000-11-21
|
|
Solaris 2.x/7.0/8 - 'Catman' Race Condition (1)
|
32 |
LOCAL
|
Vapid Labs
|
|
2000-12-19
|
|
Itetris 1.6.1/1.6.2 - Privileged Arbitrary Command Execution
|
29 |
LOCAL
|
V9
|
|
2000-12-18
|
|
Solaris 2.5.1/2.6/7.0/8 - patchadd Race Condition
|
31 |
LOCAL
|
Larry W. Cashdollar
|
|
2000-12-14
|
|
Secure Computing e.iD Authenticator for Palm 2.0 - PIN Brute Force
|
32 |
LOCAL
|
@stake
|
|
2000-12-11
|
|
University of Washington Pico 3.x/4.x - File Overwrite
|
27 |
LOCAL
|
mat
|
|
2012-08-13
|
|
Viscosity - Local Privilege Escalation
|
27 |
LOCAL
|
zx2c4
|
|
2000-11-30
|
|
Linux Kernel 2.2.x - Non-Readable File Ptrace Local Information Leak
|
30 |
LOCAL
|
Lamagra Argamal
|
|
2000-12-01
|
|
Microsoft SQL Server 7.0/2000 / Data Engine 1.0/2000 - xp_peekqueue Buffer Overflow
|
37 |
LOCAL
|
@stake
|
|
2000-12-01
|
|
Microsoft SQL Server 7.0/2000 / Data Engine 1.0/2000 - xp_showcolv Buffer Overflow
|
42 |
LOCAL
|
David Litchfield
|
|
2000-12-01
|
|
IBM AIX 4.3.x - '/usr/lib/lpd/piobe' Local Buffer Overflow
|
33 |
LOCAL
|
Last Stage of Delirium
|
|
2003-04-24
|
|
IBM AIX 4.x - 'enq' Local Buffer Overflow
|
35 |
LOCAL
|
watercloud
|
|
2000-12-01
|
|
IBM AIX 4.3 - '/usr/lib/lpd/digest' Local Buffer Overflow
|
27 |
LOCAL
|
Last Stage of Delirium
|
|
2000-12-01
|
|
IBM AIX 4.x - '/usr/bin/setsenv' Local Buffer Overflow
|
31 |
LOCAL
|
Last Stage of Delirium
|
|
2000-12-01
|
|
Microsoft SQL Server 7.0/2000 / Data Engine 1.0/2000 - xp_displayparamstmt Buffer Overflow
|
34 |
LOCAL
|
David Litchfield
|
|
2012-08-11
|
|
Tunnelblick - Local Privilege Escalation (2)
|
32 |
LOCAL
|
zx2c4
|
|
2000-01-02
|
|
Apple Mac OSX 10 / HP-UX 9/10/11 / Mandriva 6/7 / RedHat 5/6 / SCO 5 / IRIX 6 - Shell Redirection Ra
|
29 |
LOCAL
|
proton
|
|
2012-08-11
|
|
Solaris 10 Patch 137097-01 - Symlink Privilege Escalation
|
34 |
LOCAL
|
Larry Cashdollar
|
|
2012-08-11
|
|
Tunnelblick - Local Privilege Escalation (1)
|
25 |
LOCAL
|
zx2c4
|
|
2000-11-20
|
|
Oracle 8.x - cmctl Buffer Overflow
|
31 |
LOCAL
|
anonymous
|
|
2000-11-20
|
|
Jan Hubicka Koules 1.4 - 'Svgalib' Local Buffer Overflow
|
31 |
LOCAL
|
Synnergy.net
|
|
2000-11-18
|
|
NetcPlus BrowseGate 2.80.2 - Weak Encryption
|
30 |
LOCAL
|
Steven Alexander
|
|
2000-11-18
|
|
NetcPlus SmartServer3 3.75 - Weak Encryption
|
36 |
LOCAL
|
Steven Alexander
|
|
2000-11-12
|
|
Linux modutils 2.3.9 - 'modprobe' Arbitrary Command Execution
|
33 |
LOCAL
|
Michal Zalewski
|
|
2000-11-10
|
|
Computer Associates InoculateIT 4.53 - Microsoft Exchange Agent
|
30 |
LOCAL
|
Hugo Caye
|
|
1998-10-18
|
|
HP-UX 10.x/11.x - Aserver PATH
|
34 |
LOCAL
|
Loneguard
|
|
2000-11-08
|
|
HP-UX 10.20 - registrar Local Arbitrary File Read
|
33 |
LOCAL
|
J.A. Gutierrez
|
|
2000-11-04
|
|
RedHat 0.4 b15 restore - Insecure Environment Variables
|
36 |
LOCAL
|
fish
|
|
2000-11-06
|
|
Microsoft IIS 4.0 - ISAPI Buffer Overflow
|
28 |
LOCAL
|
Marc Maiffret
|
|
2000-11-01
|
|
Debian 2.x / RedHat 6.2 / IRIX 5/6 / Solaris 2.x - Mail Reply-To Field
|
28 |
LOCAL
|
Gregory Duchemin
|
|
2000-11-01
|
|
ManTrap 1.6.1 - Root Directory Inode Disclosure
|
22 |
LOCAL
|
f8labs
|
|
2000-11-01
|
|
ManTrap 1.6.1 - Hidden Process Disclosure
|
27 |
LOCAL
|
f8labs
|
|
2004-12-12
|
|
Debian top - Format String
|
27 |
LOCAL
|
Kevin Finisterre
|
|
2000-11-01
|
|
FreeBSD 3.5/4.x - '/usr/bin/top' Format String
|
24 |
LOCAL
|
truefinder
|
|
2000-11-01
|
|
Samba 2.0.7 - SWAT Logfile Permissions
|
24 |
LOCAL
|
miah
|
|
2000-11-01
|
|
Samba 2.0.7 - SWAT Symlink (2)
|
27 |
LOCAL
|
Optyx
|
|
2000-11-01
|
|
Samba 2.0.7 - SWAT Symlink (1)
|
27 |
LOCAL
|
Optyx
|
|
1997-07-21
|
|
Exim Buffer 1.6.2/1.6.51 - Local Overflow
|
28 |
LOCAL
|
D. J. Bernstein
|
|
2000-10-20
|
|
HP-UX 10.20/11.0 - crontab '/tmp' File
|
26 |
LOCAL
|
Kyong-won Cho
|
|
2000-10-18
|
|
ntop 1.x - i Local Format String
|
30 |
LOCAL
|
Paul Starzetz
|
|
2000-10-23
|
|
Microsoft Windows NT 4.0 - MSIEXEC Registry Permissions
|
33 |
LOCAL
|
Mnemonix
|
|
2000-10-20
|
|
BSD 'lpr' 0.54 -4 - Arbitrary Command Execution
|
26 |
LOCAL
|
zenith parsec
|
|
2000-10-18
|
|
Oracle Internet Directory 2.0.6 - oidldap
|
26 |
LOCAL
|
Juan Manuel Pascual Escribá
|
|
2012-08-06
|
|
CoolPlayer+ Portable 2.19.2 - Local Buffer Overflow (ASLR Bypass)
|
31 |
LOCAL
|
Robert Larsen
|
|
2000-10-12
|
|
XFree86 3.3.5/3.3.6 - Xlib Display Buffer Overflow
|
26 |
LOCAL
|
Michal Zalewski
|
|
1995-12-26
|
|
Elm 2.4 - 'filter' Arbitrary Mail Disclosure
|
28 |
LOCAL
|
David J Meltzer
|
|
1997-09-08
|
|
AIX 3.x - bugfiler Arbitrary File Creation
|
27 |
LOCAL
|
Johannes Schwabe
|
|
2000-10-06
|
|
RedHat 6.2/7.0 Tmpwatch - Arbitrary Command Execution
|
24 |
LOCAL
|
X-Force
|
|
2000-10-10
|
|
Netscape iCal 2.1 Patch2 - iPlanet iCal 'csstart' Local Privilege Escalation
|
28 |
LOCAL
|
@stake
|
|
2000-10-10
|
|
Netscape iCal 2.1 Patch2 - iPlanet iCal 'iplncal.sh' Permissions
|
26 |
LOCAL
|
@stake
|
|
1999-10-24
|
|
IBM Websphere 2.0/3.0 - ikeyman Weak Encrypted Password
|
31 |
LOCAL
|
Ben Laurie
|
|
2000-10-03
|
|
Microsoft Windows NT 4.0/2000 - Spoofed LPC Request (MS00-003)
|
26 |
LOCAL
|
BindView's Razor Team
|
|
1995-03-02
|
|
IRIX 5.2/6.0 - Permissions File Manipulation
|
28 |
LOCAL
|
Larry Glaze
|
|
2012-08-05
|
|
CoolPlayer Portable 2.19.2 - Local Buffer Overflow (ASLR Bypass) (2)
|
28 |
LOCAL
|
pole
|
|
2000-10-03
|
|
Microsoft Windows NT 4.0/2000 Predictable LPC Message Identifier - Multiple Vulnerabilities
|
27 |
LOCAL
|
BindView's Razor Team
|
|
2000-10-04
|
|
OpenBSD 2.x - 'fstat' Format String
|
28 |
LOCAL
|
K2
|
|
2000-09-28
|
|
LBL Traceroute 1.4 a5 - Heap Corruption (3)
|
38 |
LOCAL
|
Michel Kaempf
|
|
2000-09-28
|
|
LBL Traceroute 1.4 a5 - Heap Corruption (2)
|
35 |
LOCAL
|
Perry Harrington
|
|
2000-09-28
|
|
LBL Traceroute 1.4 a5 - Heap Corruption (1)
|
29 |
LOCAL
|
Dvorak
|
|
2000-09-26
|
|
Palm OS 3.5.2 - Weak Encryption
|
24 |
LOCAL
|
@stake
|
|
2000-09-18
|
|
Microsoft Windows NT 4.0/2000 - DLL Search Path
|
25 |
LOCAL
|
Georgi Guninski
|
|
2000-06-24
|
|
Tridia DoubleVision 3.0 7.00 - Local Privilege Escalation
|
27 |
LOCAL
|
Stephen J. Friedl
|
|
2000-09-03
|
|
AIX 4.2/4.3 - netstat -Z Statistic Clearing
|
29 |
LOCAL
|
alex medvedev
|
|
2000-08-31
|
|
GNOME esound 0.2.19 - Unix Domain Socket Race Condition
|
30 |
LOCAL
|
Kris Kennaway
|
|
2000-09-06
|
|
Microsoft Windows Server 2000 - Still Image Service Privilege Escalation
|
25 |
LOCAL
|
dildog
|
|
2012-08-02
|
|
Nvidia Linux Driver - Local Privilege Escalation
|
31 |
LOCAL
|
anonymous
|
|
2000-09-06
|
|
LPPlus 3.2.2/3.3 - dccscan Unprivileged read
|
27 |
LOCAL
|
Dixie Flatline
|
|
2000-09-05
|
|
Juergen Weigert screen 3.9 - User Supplied Format String
|
34 |
LOCAL
|
IhaQueR@IRCnet
|
|
2000-09-04
|
|
Libc locale - Local Privilege Escalation (2)
|
27 |
LOCAL
|
anonymous
|
|
2000-09-04
|
|
Libc locale - Local Privilege Escalation (1)
|
39 |
LOCAL
|
Synnergy.net
|
|
2000-09-08
|
|
Solaris 2.6/7.0 'eject' locale - Subsystem Format String
|
31 |
LOCAL
|
warning3
|
|
2000-09-04
|
|
Immunix OS 6.2 - LC glibc format string
|
25 |
LOCAL
|
Kil3r of Lam3rZ
|
|
2000-11-02
|
|
Solaris 2.6/7.0 /locale - Subsystem Format String
|
37 |
LOCAL
|
warning3
|
|
2000-09-06
|
|
RedHat 6 GLIBC/locale - Subsystem Format String
|
39 |
LOCAL
|
warning3
|
|
2000-08-25
|
|
Gert Doering mgetty 1.1.19/1.1.20/1.1.21/1.22.8 - Symbolic Link Traversal
|
32 |
LOCAL
|
Stan Bubrouski
|
|
2000-08-22
|
|
HP-UX 11.0 - net.init RC Script
|
34 |
LOCAL
|
Kyong-won Cho
|
|
2000-08-19
|
|
Minicom 1.82/1.83 - Capture-file Group Ownership
|
33 |
LOCAL
|
Michal Zalewski
|
|
2000-08-10
|
|
Multisoft FlagShip 4.4 - Installation Permission
|
33 |
LOCAL
|
Narrow
|
|
2000-10-21
|
|
David Bagley xlock 4.16 - User Supplied Format String (2)
|
36 |
LOCAL
|
Ben Williams
|
|
2000-08-15
|
|
David Bagley xlock 4.16 - User Supplied Format String (1)
|
28 |
LOCAL
|
noir
|
|
2000-08-02
|
|
Tech-Source Raptor GFX PGX32 2.3.1 - Config Tool
|
30 |
LOCAL
|
suid
|
|
2000-08-07
|
|
SUIDPerl 5.00503 - Mail Shell Escape (2)
|
36 |
LOCAL
|
Michal Zalewski
|
|
2000-08-07
|
|
SUIDPerl 5.00503 - Mail Shell Escape (1)
|
34 |
LOCAL
|
Sebastian Krahmer
|
|
1997-09-01
|
|
IRIX 5.3/6.x - '/usr/bin/mail' Local Buffer Overflow
|
37 |
LOCAL
|
Last Stage of Delirium
|
|
1997-02-01
|
|
IRIX 6.2/6.3/6.4 - xfs truncate() Privilege Check
|
28 |
LOCAL
|
Last Stage of Delirium
|
|
2000-08-01
|
|
Microsoft Windows Server 2000 - Named Pipes Predictability
|
31 |
LOCAL
|
Maceo
|
|
2000-01-01
|
|
IRIX 6.5.x - '/usr/lib/InPerson/inpview' Race Condition
|
31 |
LOCAL
|
Last Stage of Delirium
|
|
1998-11-01
|
|
IRIX 6.2/6.3 - '/bin/lpstat' Local Buffer Overflow
|
39 |
LOCAL
|
Last Stage of Delirium
|
|
2000-08-02
|
|
IRIX 6.5.x - '/usr/sbin/dmplay' Local Buffer Overflow
|
28 |
LOCAL
|
Last Stage of Delirium
|
|
1997-09-01
|
|
SGI IRIX 6.2 - 'libgl.so' Local Buffer Overflow
|
29 |
LOCAL
|
Last Stage of Delirium
|
|
1997-01-01
|
|
IRIX 6.5.x - '/usr/sbin/gr_osview' Local Buffer Overflow
|
39 |
LOCAL
|
Last Stage of Delirium
|
|
2012-07-27
|
|
Mini-stream RM-MP3 Converter 3.1.2.1.2010.03.30 - Local Buffer Overflow (ASLR + DEP Bypass)
|
36 |
LOCAL
|
Ptrace Security
|
|
2012-07-27
|
|
Photodex ProShow Producer 5.0.3256 - load File Handling Buffer Overflow (Metasploit)
|
38 |
LOCAL
|
Metasploit
|
|
2000-06-28
|
|
CVS Kit CVS Server 1.10.8 - 'Checkin.prog' Binary Execution
|
32 |
LOCAL
|
Tanaka Akira
|
|
2000-07-28
|
|
CVS Kit CVS Server 1.10.8 - Instructed File Create
|
32 |
LOCAL
|
Tanaka Akira
|
|
2000-06-22
|
|
Stanley T. Shebs Xconq 7.2.2 - xconq Buffer Overflow
|
42 |
LOCAL
|
V9
|
|
2001-06-11
|
|
Sean MacGuire Big Brother 1.0/1.3/1.4 - CGI File Creation
|
33 |
LOCAL
|
xternal
|
|
2000-07-18
|
|
NetZero ZeroPort 3.0 - Weak Encryption Method
|
36 |
LOCAL
|
Brian Carrier
|
|
2000-07-12
|
|
CVSWeb Developer CVSWeb 1.80 - Insecure Perl 'open' Code Execution
|
32 |
LOCAL
|
Joey Hess
|
|
2000-06-15
|
|
Visible Systems Razor 4.1 - Password File (2)
|
32 |
LOCAL
|
Shawn A. Clifford
|
|
2000-06-16
|
|
Visible Systems Razor 4.1 - Password File (1)
|
31 |
LOCAL
|
pbw
|
|
2012-07-23
|
|
MyMp3 Player Stack - '.m3u' File DEP Bypass
|
32 |
LOCAL
|
Daniel Romero
|
|
2000-06-19
|
|
X 11.0/3.3.3/3.3.4/3.3.5/3.3.6/4.0 - libX11 '_XAsyncReply()' Stack Corruption
|
35 |
LOCAL
|
Chris Evans
|
|
2000-06-26
|
|
Flowerfire Sawmill 5.0.21 - Weak Password Encryption
|
27 |
LOCAL
|
Larry W. Cashdollar
|
|
2012-07-23
|
|
Photodex ProShow Producer 5.0.3256 - Local Buffer Overflow
|
34 |
LOCAL
|
mr.pr0n
|
|
2000-08-01
|
|
Mandrake 7.0/7.1 / RedHat Kon2 0.3.9 - '/usr/bin/fld' Input File Overflow
|
29 |
LOCAL
|
E-Ligth
|
|
2000-06-15
|
|
HM Software S to Infinity 3.0 - Multiple Vulnerabilities
|
28 |
LOCAL
|
Synapt1c
|
|
2000-06-09
|
|
RedHat 6.2 - Piranha Virtual Server Package Plaintext Password
|
33 |
LOCAL
|
arkth
|
|
2000-06-16
|
|
Veritas Software Volume Manager 3.0.2/3.0.3/3.0.4 - File Permission
|
27 |
LOCAL
|
Dixie Flatline
|
|
2000-06-14
|
|
Solaris 2.5/2.6/7.0/8 ufsrestore - Local Buffer Overflow
|
34 |
LOCAL
|
Job de Haas of ITSX
|
|
2000-06-01
|
|
Sam Lantinga splitvt 1.6.3 - Local Buffer Overflow
|
32 |
LOCAL
|
Syzop
|
|
2000-06-07
|
|
Computer Associates eTrust Intrusion Detection 1.4.1.13 - Weak Encryption
|
32 |
LOCAL
|
Phate.net
|
|
2000-06-07
|
|
Stelian Pop dump 0.4 - restore Buffer Overflow
|
30 |
LOCAL
|
Stan Bubrouski
|
|
2000-06-06
|
|
Intel Corporation Shiva Access Manager 5.0 - Solaris World Readable LDAP Password
|
38 |
LOCAL
|
Blaise St. Laurent
|
|
2000-06-07
|
|
HP-UX 10.20/11.0 - '.SNMPD' File Permission
|
30 |
LOCAL
|
loveyou
|
|
2000-06-07
|
|
Linux Kernel 2.2.x 2.4.0-test1 (SGI ProPack 1.2/1.3) - Sendmail 8.10.1 Capabilities Privilege Escala
|
31 |
LOCAL
|
Wojciech Purczynski
|
|
2000-06-07
|
|
Linux Kernel 2.2.x 2.4.0-test1 (SGI ProPack 1.2/1.3) - Sendmail Capabilities Privilege Escalation(1)
|
31 |
LOCAL
|
Florian Heinz
|
|
2000-06-05
|
|
BRU 15.1/16.0 - BRUEXECLOG Environment Variable
|
28 |
LOCAL
|
Riley Hassell
|
|
2000-06-06
|
|
Mirabilis ICQ 2000.0 A - Mailclient Temporary Link
|
33 |
LOCAL
|
Gert Fokkema
|
|
1999-07-03
|
|
mailx 8.1.1-10 (BSD/Slackware) - Local Buffer Overflow (2)
|
35 |
LOCAL
|
funkysh
|
|
2000-06-02
|
|
BSD 'mailx' 8.1.1-10 - Local Buffer Overflow (1)
|
30 |
LOCAL
|
Paulo Ribeiro
|
