vladz

4 exploits Active since Jul 2012
CVE-2011-4029 EXPLOITDB c WORKING POC
X.Org xserver <1.11.2 - Info Disclosure
The LockServer function in os/utils.c in X.Org xserver before 1.11.2 allows local users to change the permissions of arbitrary files to 444, read those files, and possibly cause a denial of service (removed execution permission) via a symlink attack on a temporary lock file.
CVE-2013-0160 EXPLOITDB bash WORKING POC
Linux Kernel <= 3.7.9 - Sensitive Keystroke Timing Exposure via inotify on /dev/ptmx
The Linux kernel through 3.7.9 allows local users to obtain sensitive information about keystroke timing by using the inotify API on the /dev/ptmx device.
CVE-2011-4613 EXPLOITDB c WORKING POC
X.Org X Server - Local Access Restriction Bypass via TTY Verification Flaw
The X.Org X wrapper (xserver-wrapper.c) in Debian GNU/Linux and Ubuntu Linux does not properly verify the TTY of a user who is starting X, which allows local users to bypass intended access restrictions by associating stdin with a file that is misinterpreted as the console TTY.
CVE-2011-4089 EXPLOITDB c WORKING POC
bzip2 < 1.0.5 - Local Arbitrary Code Execution via Temporary File Handling
The bzexe command in bzip2 1.0.5 and earlier generates compressed executables that do not properly handle temporary files during extraction, which allows local users to execute arbitrary code by precreating a temporary directory.