badc0ded

11 exploits Active since Sep 2002
CVE-2002-1125 EXPLOITDB text WORKING POC
FreeBSD <= 4.6.2-RELEASE - Kernel Memory Exposure via libkvm File Descriptor Leak
FreeBSD port programs that use libkvm for FreeBSD 4.6.2-RELEASE and earlier, including (1) asmon, (2) ascpu, (3) bubblemon, (4) wmmon, and (5) wmnet2, leave open file descriptors for /dev/mem and /dev/kmem, which allows local users to read kernel memory.
CVE-2002-1125 EXPLOITDB text WORKING POC
FreeBSD <= 4.6.2-RELEASE - Kernel Memory Exposure via libkvm File Descriptor Leak
FreeBSD port programs that use libkvm for FreeBSD 4.6.2-RELEASE and earlier, including (1) asmon, (2) ascpu, (3) bubblemon, (4) wmmon, and (5) wmnet2, leave open file descriptors for /dev/mem and /dev/kmem, which allows local users to read kernel memory.
CVE-2002-2040 EXPLOITDB bash WORKING POC
QNX RTOS <6.1.0 - Privilege Escalation
The (1) phrafx and (2) phgrafx-startup programs in QNX realtime operating system (RTOS) 4.25 and 6.1.0 do not properly drop privileges before executing the system command, which allows local users to execute arbitrary commands by modifying the PATH environment variable to reference a malicious crttrap program.
CVE-2002-2040 EXPLOITDB bash WORKING POC
QNX RTOS <6.1.0 - Privilege Escalation
The (1) phrafx and (2) phgrafx-startup programs in QNX realtime operating system (RTOS) 4.25 and 6.1.0 do not properly drop privileges before executing the system command, which allows local users to execute arbitrary commands by modifying the PATH environment variable to reference a malicious crttrap program.
CVE-2002-2042 EXPLOITDB bash WORKING POC
QNX RTOS <6.1.0 - Privilege Escalation
ptrace in the QNX realtime operating system (RTOS) 4.25 and 6.1.0 allows programs to attach to privileged processes, which could allow local users to execute arbitrary code by modifying running processes.
CVE-2002-2039 EXPLOITDB text WORKING POC
QNX RTOS 4.25 and 6.1.0 - Information Disclosure via /bin/su Core Dump
/bin/su in QNX realtime operating system (RTOS) 4.25 and 6.1.0 allows local users to obtain sensitive information from core dump files by sending the SIGSERV (invalid memory reference) signal.
CVE-2002-2041 EXPLOITDB c WORKING POC
QNX RTOS 6.1.0 - Local Buffer Overflow via ABLANG Environment Variable or pkg-installer -u Option
Multiple buffer overflows in realtime operating system (RTOS) 6.1.0 allows local users to execute arbitrary code via (1) a long ABLANG environment variable in phlocale or (2) a long -u option to pkg-installer.
CVE-2002-2041 EXPLOITDB c WORKING POC
QNX RTOS 6.1.0 - Local Buffer Overflow via ABLANG Environment Variable or pkg-installer -u Option
Multiple buffer overflows in realtime operating system (RTOS) 6.1.0 allows local users to execute arbitrary code via (1) a long ABLANG environment variable in phlocale or (2) a long -u option to pkg-installer.
CVE-2002-1125 EXPLOITDB text WRITEUP
FreeBSD <= 4.6.2-RELEASE - Kernel Memory Exposure via libkvm File Descriptor Leak
FreeBSD port programs that use libkvm for FreeBSD 4.6.2-RELEASE and earlier, including (1) asmon, (2) ascpu, (3) bubblemon, (4) wmmon, and (5) wmnet2, leave open file descriptors for /dev/mem and /dev/kmem, which allows local users to read kernel memory.
CVE-2002-1125 EXPLOITDB text WORKING POC
FreeBSD <= 4.6.2-RELEASE - Kernel Memory Exposure via libkvm File Descriptor Leak
FreeBSD port programs that use libkvm for FreeBSD 4.6.2-RELEASE and earlier, including (1) asmon, (2) ascpu, (3) bubblemon, (4) wmmon, and (5) wmnet2, leave open file descriptors for /dev/mem and /dev/kmem, which allows local users to read kernel memory.
EIP-2026-100963 EXPLOITDB c WORKING POC
ATPhttpd 0.4b - Remote Buffer Overflow