中文版 | English

网站首页 | 个人作品 | 站长日志 | 给我留言 | 经典分享 | 友情链接 | 黑白人生

linux各版本对应溢出漏洞总结(溢出代码)

webmaster 发表于 2010, January 30, 4:53 AM. 发表在:

linux各版本对应溢出漏洞总结(溢出代码)转自:瘋吇 2.4.17 newlocal kmod 2.4.18 brk brk2 newlocal kmod km.2 2.4.19 brk brk2 newlocal kmod km.2 2.4.20 ptrace kmod ptrace-kmod km.2 brk brk2 2.4.21 km.2 brk brk2 ptrace ptrace-kmod 2.4.22 km.2 brk2 brk ptrace ptrace-kmod 2.4.22-10 loginx ./loginx 2.4.23 mremap_pte 2.4.24 mremap_pte Uselib24 2.4.25-1 uselib24 2.4.27 Uselib24 2.6.0 REDHAT 6.2 REDHAT 6.2 (zoot) SUSE 6.3 SUSE 6.4 REDHAT 6.2 (zoot) all top from rpm ------------------------- FreeBSD 3.4-STABLE from port FreeBSD 3.4-STABLE from packages freeBSD 3.4-RELEASE from port freeBSD 4.0-RELEASE from packages ---------------------------- all with wuftpd 2.6.0; = wuftpd h00lyshit 2.6.2 mremap_pte krad h00lyshit 2.6.5 to 2.6.10 krad krad2 h00lyshit 2.6.8-5 krad2 ./krad x x = 1..9 h00lyshit 2.6.9-34 r00t h00lyshit 2.6.13-17 prctl h00lyshit ------------------- 2.4.17 -> newlocal, kmod, uselib24 2.4.18 -> brk, brk2, newlocal, kmod 2.4.19 -> brk, brk2, newlocal, kmod 2.4.20 -> ptrace, kmod, ptrace-kmod, brk, brk2 2.4.21 -> brk, brk2, ptrace, ptrace-kmod 2.4.22 -> brk, brk2, ptrace, ptrace-kmod 2.4.22-10 -> loginx 2.4.23 -> mremap_pte 2.4.24 -> mremap_pte, uselib24 2.4.25-1 -> uselib24 2.4.27 -> uselib24 2.6.2 -> mremap_pte, krad, h00lyshit 2.6.5 -> krad, krad2, h00lyshit 2.6.6 -> krad, krad2, h00lyshit 2.6.7 -> krad, krad2, h00lyshit 2.6.8 -> krad, krad2, h00lyshit 2.6.8-5 -> krad2, h00lyshit 2.6.9 -> krad, krad2, h00lyshit 2.6.9-34 -> r00t, h00lyshit 2.6.10 -> krad, krad2, h00lyshit 2.6.13 -> raptor, raptor2, h0llyshit, prctl 2.6.14 -> raptor, raptor2, h0llyshit, prctl 2.6.15 -> raptor, raptor2, h0llyshit, prctl 2.6.16 -> raptor, raptor2, h0llyshit, prctl ----------------------------------------------------- Linux Common Linux 2.2.x ->Linux kernel ptrace/kmod local root exploit (http://milw0rm.com/exploits/3) Linux 2.2.x (on exported files, should be vuln) (http://milw0rm.com/exploits/718) Linux <= 2.2.25 ->Linux Kernel 2.x mremap missing do_munmap Exploit (http://milw0rm.com/exploits/160) Linux 2.4.x ->Linux kernel ptrace/kmod local root exploit (http://milw0rm.com/exploits/3) Linux 2.4.x -> pwned.c - Linux 2.4 and 2.6 sys_uselib local root exploit (http://milw0rm.com/exploits/895) Linux 2.4.x ->Linux kernel 2.4 uselib() privilege elevation exploit (http://milw0rm.com/exploits/778) Linux 2.4.20 ->Linux Kernel Module Loader Local R00t Exploit (http://milw0rm.com/exploits/12) Linux <= 2.4.22 ->Linux Kernel <= 2.4.22 (do_brk) Local Root Exploit (http://milw0rm.com/exploits/131) Linux 2.4.22 ->Linux Kernel 2.4.22 "do_brk()" local Root Exploit (PoC) (http://milw0rm.com/exploits/129) Linux <= 2.4.24 ->Linux Kernel 2.x mremap missing do_munmap Exploit (http://milw0rm.com/exploits/160) Linux 2.4.x < 2.4.27-rc3 (on nfs exported files) (http://milw0rm.com/exploits/718) Linux <= 2.6.2 ->Linux Kernel 2.x mremap missing do_munmap Exploit (http://milw0rm.com/exploits/160) Linux 2.6.11 -> Linux Kernel <= 2.6.11 (CPL 0) Local Root Exploit (k-rad3.c) (http://milw0rm.com/exploits/1397) Linux 2.6.13 <= 2.6.17.4 -> Linux Kernel 2.6.13 <= 2.6.17.4 prctl() Local Root Exploit (logrotate) (http://milw0rm.com/exploits/2031) Linux 2.6.13 <= 2.6.17.4 -> Linux Kernel 2.6.13 <= 2.6.17.4 sys_prctl() Local Root Exploit (http://milw0rm.com/exploits/2011) Linux 2.6.11 <= 2.6.17.4 -> h00lyshit.c -Linux Kernel <= 2.6.17.4 (proc) Local Root Exploit (http://milw0rm.com/exploits/2013) Linux 2.6.x < 2.6.7-rc3 (default configuration) (http://milw0rm.com/exploits/718) Linux 2.6.x -> pwned.c - Linux 2.4 and 2.6 sys_uselib local root exploit (http://milw0rm.com/exploits/895) Debian Debian 2.2 ->/usr/bin/pileup Local Root Exploit (http://milw0rm.com/exploits/1170) Ubuntu Ubuntu Breezy 5.10 Installer Password Disclosure Vulnerability (http://milw0rm.com/exploits/1579) Slackware Slackware 7.1 ->/usr/bin/Mail Exploit (http://milw0rm.com/exploits/285) Mandrake Mandrake 8.2 -> /usr/mail local exploit (http://milw0rm.com/exploits/40) Mandrake <= 10.2 -> cdrdao Local Root Exploit (http://milw0rm.com/exploits/997) Suse SuSE Linux 9.1 -> 'chfn' local root bug (http://milw0rm.com/exploits/1299) SuSE Linux 9.2 -> 'chfn' local root bug (http://milw0rm.com/exploits/1299) SuSE Linux 9.3 -> 'chfn' local root bug (http://milw0rm.com/exploits/1299) SuSE Linux 10.0 -> 'chfn' local root bug (http://milw0rm.com/exploits/1299) SuSE Linux Enterprise Server 8 -> 'chfn' local root bug (http://milw0rm.com/exploits/1299) SuSE Linux Enterprise Server 9 -> 'chfn' local root bug (http://milw0rm.com/exploits/1299) BSD Freebsd Freebsd 3.5.1 ->Ports package local root (http://milw0rm.com/exploits/286) Freebsd 4.2 ->Ports package local root (http://milw0rm.com/exploits/286) FreeBSD 4.x <= 5.4) master.passwd Disclosure Exploit (http://milw0rm.com/exploits/1311) Openbsd Openbsd 2.x - 3.3 ->exec_ibcs2_coff_prep_zmagic() Kernel Exploit (http://milw0rm.com/exploits/125) OpenBSD 3.x-4.0 ->vga_ioctl() root exploit (http://milw0rm.com/exploits/3094) Sun-Microsystems Solaris Solaris 2.4 ->lion24.c (http://milw0rm.com/exploits/328) Solaris 2.6 with 107733-10 and without 107733-11 (http://milw0rm.com/exploits/1182) Solaris 2.6 with 107733-10 and without 107733-11 (http://milw0rm.com/exploits/1182) Solaris 5.5.1 ->X11R6.3 xterm (http://milw0rm.com/exploits/338) Solaris 7 with 106950-14 through 106950-22 and without 106950-23 (http://milw0rm.com/exploits/1182) Solaris 7 with 106950-14 through 106950-22 and without 106950-23 (http://milw0rm.com/exploits/1182) Solaris 7 without patch 107178-03 (http://milw0rm.com/exploits/714) Solaris 7 without patch 107178-03 (http://milw0rm.com/exploits/713) Solaris 8 without patch 108949-08 (http://milw0rm.com/exploits/713) Solaris 8 without patch 108949-08 (http://milw0rm.com/exploits/714) Solaris 8 with 109147-07 through 109147-24 and without 109147-25 (http://milw0rm.com/exploits/1182) Solaris 8 with 108993-14 through 108993-31 and without 108993-32 (http://milw0rm.com/exploits/715) Solaris 8 with 109147-07 through 109147-24 and without 109147-25 (http://milw0rm.com/exploits/1182) Solaris 8 with 108993-14 through 108993-31 and without 108993-32 (http://milw0rm.com/exploits/715) Solaris 9 without patch 116308-01 (http://milw0rm.com/exploits/714) Solaris 9 without patch 116308-01 (http://milw0rm.com/exploits/713) Solaris 9 without 113476-11 (http://milw0rm.com/exploits/715) Solaris 9 without 112963-09 (http://milw0rm.com/exploits/1182) Solaris 9 without 113476-11 (http://milw0rm.com/exploits/715) Solaris 9 without 112963-09 (http://milw0rm.com/exploits/1182) Solaris 10 (libnspr) Arbitrary File Creation Local Root Exploit (http://milw0rm.com/exploits/2543) Solaris 10 (libnspr) constructor Local Root Exploit (http://milw0rm.com/exploits/2641) SunOS SunOS 5.10 Generic i86pc i386 i86pc (http://milw0rm.com/exploits/1073) SunOS 5.9 Generic_112233-12 sun4u (http://milw0rm.com/exploits/1073)


Copyright 1998-2021. All rights reserved.
工信部备案:冀ICP备19032940号-1|公安部备案号:13020802000209