zen-parse

11 exploits Active since Jun 2001
CVE-2001-0873 EXPLOITDB text WORKING POC
Taylor UUCP - Privilege Escalation via uuxqt Long Option Injection
uuxqt in Taylor UUCP package does not properly remove dangerous long options, which allows local users to gain privileges by calling uux and specifying an alternate configuration file with the --config option.
CVE-2001-0787 EXPLOITDB c WORKING POC
Red Hat Linux 7.0 and 7.1 - Local Privilege Escalation via LPRng Supplemental Group Handling
LPRng in Red Hat Linux 7.0 and 7.1 does not properly drop memberships in supplemental groups when lowering privileges, which could allow a local user to elevate privileges.
CVE-2002-1165 EXPLOITDB text WORKING POC
Sendmail 8.11-8.12.6 - Command Injection via SMRSH Bypass
Sendmail Consortium's Restricted Shell (SMRSH) in Sendmail 8.12.6, 8.11.6-15, and possibly other versions after 8.11 from 5/19/1998, allows attackers to bypass the intended restrictions of smrsh by inserting additional commands after (1) "||" sequences or (2) "/" characters, which are not properly filtered or verified.
CVE-2001-1022 EXPLOITDB c WORKING POC
groff - Remote Code Execution via Format String in pic Utility
Format string vulnerability in pic utility in groff 1.16.1 and other versions, and jgroff before 1.15, allows remote attackers to bypass the -S option and execute arbitrary commands via format string specifiers in the plot command.
EIP-2026-103011 EXPLOITDB text WRITEUP
SUIDPerl 5.6 - Information Disclosure
CVE-2001-0409 EXPLOITDB c WORKING POC
vim - Unauthenticated Arbitrary File Modification via Symlink Attack on Backup and Swap Files
vim (aka gvim) allows local users to modify files being edited by other users via a symlink attack on the backup and swap files, when the victim is editing the file in a world writable directory.
CVE-2001-0906 EXPLOITDB c WORKING POC
teTeX filter <1.0.7 - Privilege Escalation
teTeX filter before 1.0.7 allows local users to gain privileges via a symlink attack on temporary files that are produced when printing .dvi files using lpr.
CVE-2002-0838 EXPLOITDB c WORKING POC
gv 3.5.8 - Buffer Overflow via Malformed PDF or PostScript File
Buffer overflow in (1) gv 3.5.8 and earlier, (2) gvv 1.0.2 and earlier, (3) ggv 1.99.90 and earlier, (4) gnome-gv, and (5) kghostview in kdegraphics 2.2.2 and earlier, allows attackers to execute arbitrary code via a malformed (a) PDF or (b) PostScript file, which is processed by an unsafe call to sscanf.
EIP-2026-102899 EXPLOITDB c WORKING POC
Linux Kernel 2.2/2.4 - procfs Stream redirection to Process Memory Privilege Escalation
EIP-2026-102914 EXPLOITDB text WRITEUP
Linux Man Page 6.1/6.2/7.0/7.1- Source Buffer Overflow
CVE-2004-0722 EXPLOITDB text WORKING POC
Mozilla < 1.6 and Netscape Navigator 7.0-7.1 - Remote Code Execution via SOAPParameter Integer Overflow
Integer overflow in the SOAPParameter object constructor in (1) Netscape version 7.0 and 7.1 and (2) Mozilla 1.6, and possibly earlier versions, allows remote attackers to execute arbitrary code.