sd

9 exploits Active since Sep 2001
CVE-2013-2094 NOMISEC HIGH WORKING POC
Linux Kernel < 3.0.75 - Numeric Error
The perf_swevent_init function in kernel/events/core.c in the Linux kernel before 3.8.9 uses an incorrect integer data type, which allows local users to gain privileges via a crafted perf_event_open system call.
4 stars
CVSS 8.4
CVE-2013-2094 NOMISEC HIGH WORKING POC
Linux Kernel < 3.0.75 - Numeric Error
The perf_swevent_init function in kernel/events/core.c in the Linux kernel before 3.8.9 uses an incorrect integer data type, which allows local users to gain privileges via a crafted perf_event_open system call.
CVSS 8.4
CVE-2013-1763 EXPLOITDB c WORKING POC
Linux Kernel < 3.4.34 - Improper Input Validation
Array index error in the __sock_diag_rcv_msg function in net/core/sock_diag.c in the Linux kernel before 3.7.10 allows local users to gain privileges via a large family value in a Netlink message.
CVE-2005-0736 EXPLOITDB c WORKING POC
Linux kernel <2.6.12 - Memory Corruption
Integer overflow in sys_epoll_wait in eventpoll.c for Linux kernel 2.6 to 2.6.11 allows local users to overwrite kernel memory via a large number of events.
CVE-2004-1235 EXPLOITDB c WORKING POC
Linux kernel <2.6.11 - RCE
Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor.
CVE-2001-0653 EXPLOITDB c WORKING POC
Sendmail <8.11.6 - Memory Corruption
Sendmail 8.10.0 through 8.11.5, and 8.12.0 beta, allows local users to modify process memory and possibly gain privileges via a large value in the 'category' part of debugger (-d) command line arguments, which is interpreted as a negative number.
CVE-2002-1337 EXPLOITDB c WORKING POC
Sendmail <8.12.7 - RCE
Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c.
CVE-2013-2094 EXPLOITDB HIGH c WORKING POC
Linux Kernel < 3.0.75 - Numeric Error
The perf_swevent_init function in kernel/events/core.c in the Linux kernel before 3.8.9 uses an incorrect integer data type, which allows local users to gain privileges via a crafted perf_event_open system call.
CVSS 8.4
CVE-2005-0736 EXPLOITDB c WORKING POC
Linux kernel <2.6.12 - Memory Corruption
Integer overflow in sys_epoll_wait in eventpoll.c for Linux kernel 2.6 to 2.6.11 allows local users to overwrite kernel memory via a large number of events.