Charles Stevenson

13 exploits Active since Mar 2001
EIP-2026-114759 EXPLOITDB bash WORKING POC
Cobalt Linux 6.0 - RaQ (Authenticated) Privilege Escalation
EIP-2026-114727 EXPLOITDB perl WORKING POC
Solaris 10 (x86) - DtPrintinfo/Session Privilege Escalation
CVE-2005-3523 EXPLOITDB perl WORKING POC
gpsdrive < 2.09 - Remote Code Execution via Format String in Friendsd2 Direction Field
Format string vulnerability in friendsd2 in GpsDrive allows remote attackers to execute arbitrary code via the dir (direction) field.
CVE-2002-0143 EXPLOITDB c WORKING POC
Imlib2 <= 1.0.4 - Buffer Overflow via HOME Environment Variable
Buffer overflow in Eterm of Enlightenment Imlib2 1.0.4 and earlier allows local users to execute arbitrary code via a long HOME environment variable.
CVE-2001-1085 EXPLOITDB c WORKING POC
Lmail <2.7 - Local Privilege Escalation
Lmail 2.7 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file.
CVE-2005-3533 EXPLOITDB perl WORKING POC
osh < 1.7.14 - Buffer Overflow via Long Working Directory and Filename
Buffer overflow in OSH before 1.7-15 allows local users to execute arbitrary code via a long current working directory and filename.
CVE-2005-3346 EXPLOITDB bash WORKING POC
osh 1.7-14 - Buffer Overflow via Environment Variable Substitution
Buffer overflow in the environment variable substitution code in main.c in OSH 1.7-14 allows local users to inject arbitrary environment variables, such as LD_PRELOAD, via pathname arguments of the form "$VAR/EVAR=arg", which cause the EVAR portion to be appended to a buffer returned by a getenv function call.
CVE-2002-0043 EXPLOITDB bash WORKING POC
sudo <1.6.3p7 - Privilege Escalation
sudo 1.6.0 through 1.6.3p7 does not properly clear the environment before calling the mail program, which could allow local users to gain root privileges by modifying environment variables and changing how the mail program is invoked.
EIP-2026-103012 EXPLOITDB bash WORKING POC
Sun Cobalt RaQ 4.0 - Predictable Temporary Filename Symbolic Link Attack
CVE-2005-3533 EXPLOITDB perl WORKING POC
osh < 1.7.14 - Buffer Overflow via Long Working Directory and Filename
Buffer overflow in OSH before 1.7-15 allows local users to execute arbitrary code via a long current working directory and filename.
CVE-2001-0989 EXPLOITDB c WORKING POC
Pileup - Local Buffer Overflow via Long Command Line Arguments or Callsign
Buffer overflows in Pileup before 1.2 allows local users to gain root privileges via (1) long command line arguments, or (2) a long callsign.
CVE-2001-0170 EXPLOITDB bash WORKING POC
glibc <2.1.9x - Info Disclosure
glibc 2.1.9x and earlier does not properly clear the RESOLV_HOST_CONF, HOSTALIASES, or RES_OPTIONS environmental variables when executing setuid/setgid programs, which could allow local users to read arbitrary files.
CVE-2001-1177 EXPLOITDB c WORKING POC
Samsung ML-85G GDI <0.2.0 - Local Privilege Escalation
ml85p in Samsung ML-85G GDI printer driver before 0.2.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files.