Stealth

11 exploits Active since Jul 1999
CVE-2009-4147 METASPLOIT ruby WORKING POC
FreeBSD 7.1-8.0 - Privilege Escalation
The _rtld function in the Run-Time Link-Editor (rtld) in libexec/rtld-elf/rtld.c in FreeBSD 7.1 and 8.0 does not clear the (1) LD_LIBMAP, (2) LD_LIBRARY_PATH, (3) LD_LIBMAP_DISABLE, (4) LD_DEBUG, and (5) LD_ELF_HINTS_PATH environment variables, which allows local users to gain privileges by executing a setuid or setguid program with a modified variable containing an untrusted search path that points to a Trojan horse library, different vectors than CVE-2009-4146.
CVE-2017-8422 EXPLOITDB HIGH c WORKING POC
KDE Kauth < 5.33 - Authentication Bypass by Spoofing
KDE kdelibs before 4.14.32 and KAuth before 5.34 allow local users to gain root privileges by spoofing a callerID and leveraging a privileged helper app.
CVSS 7.8
CVE-2009-4146 METASPLOIT ruby WORKING POC
FreeBSD 7.1-8.0 - Privilege Escalation
The _rtld function in the Run-Time Link-Editor (rtld) in libexec/rtld-elf/rtld.c in FreeBSD 7.1, 7.2, and 8.0 does not clear the LD_PRELOAD environment variable, which allows local users to gain privileges by executing a setuid or setguid program with a modified LD_PRELOAD variable containing an untrusted search path that points to a Trojan horse library, a different vector than CVE-2009-4147.
CVE-1999-0879 EXPLOITDB c WORKING POC
Bsdi Bsd OS - Buffer Overflow
Buffer overflow in WU-FTPD and related FTP servers allows remote attackers to gain root privileges via macro variables in a message file.
EIP-2026-103157 EXPLOITDB c WORKING POC
Linux Kernel 2.2 - TCP/IP Spoof IP
CVE-2002-0048 EXPLOITDB c WORKING POC
Andrew Tridgell Rsync - Denial of Service
Multiple signedness errors (mixed signed and unsigned numbers) in the I/O functions of rsync 2.4.6, 2.3.2, and other versions allow remote attackers to cause a denial of service and execute arbitrary code in the rsync client or server.
CVE-2000-0223 EXPLOITDB c WORKING POC
SAM Hawker Wmcdplay - Buffer Overflow
Buffer overflow in the wmcdplay CD player program for the WindowMaker desktop allows local users to gain root privileges via a long parameter.
CVE-2017-8849 EXPLOITDB HIGH c WORKING POC
Smb4k < 2.0.0 - Improper Input Validation
smb4k before 2.0.1 allows local users to gain root privileges by leveraging failure to verify arguments to the mount helper DBUS service.
CVSS 7.8
CVE-2000-0230 EXPLOITDB c WORKING POC
Halloween Linux - Buffer Overflow
Buffer overflow in imwheel allows local users to gain root privileges via the imwheel-solo script and a long HOME environmental variable.
EIP-2026-102682 EXPLOITDB c WORKING POC
ml2 - Local users can Crash processes
CVE-1999-1394 EXPLOITDB text WRITEUP
BSD 4.4 - Privilege Escalation
BSD 4.4 based operating systems, when running at security level 1, allow the root user to clear the immutable and append-only flags for files by unmounting the file system and using a file system editor such as fsdb to directly modify the file through a device.