Marco Ivaldi

83 exploits Active since Dec 1999
EIP-2026-102929 EXPLOITDB c WORKING POC
MySQL 4.0.17 (Linux) - User-Defined Function (UDF) Dynamic Library (1)
CVE-2004-0497 EXPLOITDB c WORKING POC
Linux kernel <2.x - Privilege Escalation
Unknown vulnerability in Linux kernel 2.x may allow local users to modify the group ID of files, such as NFS exported files in kernel 2.4.
CVE-2006-2451 EXPLOITDB c WORKING POC
Linux Kernel 2.6.13-2.6.17.3 & 2.6.16-2.6.16.23 - DoS & Privilege Escalation via suid_dumpable
The suid_dumpable support in Linux kernel 2.6.13 up to versions before 2.6.17.4, and 2.6.16 before 2.6.16.24, allows a local user to cause a denial of service (disk consumption) and possibly gain privileges via the PR_SET_DUMPABLE argument of the prctl function and a program that causes a core dump file to be created in a directory for which the user does not have permissions.
CVE-2006-2451 EXPLOITDB c WORKING POC
Linux Kernel 2.6.13-2.6.17.3 & 2.6.16-2.6.16.23 - DoS & Privilege Escalation via suid_dumpable
The suid_dumpable support in Linux kernel 2.6.13 up to versions before 2.6.17.4, and 2.6.16 before 2.6.16.24, allows a local user to cause a denial of service (disk consumption) and possibly gain privileges via the PR_SET_DUMPABLE argument of the prctl function and a program that causes a core dump file to be created in a directory for which the user does not have permissions.
CVE-2010-3856 EXPLOITDB ruby WORKING POC
glibc < 2.11.3 and 2.12.x < 2.12.2 - Privilege Escalation via LD_AUDIT Environment Variable
ld.so in the GNU C Library (aka glibc or libc6) before 2.11.3, and 2.12.x before 2.12.2, does not properly restrict use of the LD_AUDIT environment variable to reference dynamic shared objects (DSOs) as audit objects, which allows local users to gain privileges by leveraging an unsafe DSO located in a trusted library directory, as demonstrated by libpcprofile.so.
CVE-2019-10149 EXPLOITDB CRITICAL bash WORKING POC
Exim 4.87 - 4.91 Local Privilege Escalation
A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution.
CVSS 9.8
EIP-2026-101505 EXPLOITDB text WORKING POC
Zyxel zysh - Format string
CVE-2009-2669 EXPLOITDB bash WORKING POC
IBM AIX <6.1 - Privilege Escalation
A certain debugging component in IBM AIX 5.3 and 6.1 does not properly handle the (1) _LIB_INIT_DBG and (2) _LIB_INIT_DBG_FILE environment variables, which allows local users to gain privileges by leveraging a setuid-root program to create an arbitrary root-owned file with world-writable permissions, related to libC.a (aka the XL C++ runtime library) in AIX 5.3 and libc.a in AIX 6.1.