linux/Unix各版本对应溢出漏洞总结(溢出代码)

简介:

转自:瘋吇

2.4.17
newlocal
kmod


2.4.18
brk
brk2
newlocal
kmod
km.2


2.4.19
brk
brk2
newlocal
kmod
km.2


2.4.20
ptrace
kmod
ptrace-kmod
km.2
brk
brk2


2.4.21
km.2
brk
brk2
ptrace
ptrace-kmod


2.4.22
km.2
brk2
brk
ptrace
ptrace-kmod


2.4.22-10
loginx
./loginx


2.4.23
mremap_pte


2.4.24
mremap_pte
Uselib24


2.4.25-1
uselib24


2.4.27
Uselib24


2.6.0
REDHAT 6.2
REDHAT 6.2 (zoot)
SUSE 6.3
SUSE 6.4
REDHAT 6.2 (zoot)
all top from rpm
-------------------------
FreeBSD 3.4-STABLE from port
FreeBSD 3.4-STABLE from packages
freeBSD 3.4-RELEASE from port
freeBSD 4.0-RELEASE from packages
----------------------------
all with wuftpd 2.6.0;
=
wuftpd
h00lyshit


2.6.2
mremap_pte
krad
h00lyshit


2.6.5 to 2.6.10
krad
krad2
h00lyshit


2.6.8-5
krad2
./krad x
x = 1..9
h00lyshit


2.6.9-34
r00t
h00lyshit


2.6.13-17
prctl
h00lyshit

-------------------

2.4.17 -> newlocal, kmod, uselib24
2.4.18 -> brk, brk2, newlocal, kmod
2.4.19 -> brk, brk2, newlocal, kmod
2.4.20 -> ptrace, kmod, ptrace-kmod, brk, brk2
2.4.21 -> brk, brk2, ptrace, ptrace-kmod
2.4.22 -> brk, brk2, ptrace, ptrace-kmod
2.4.22-10 -> loginx
2.4.23 -> mremap_pte
2.4.24 -> mremap_pte, uselib24
2.4.25-1 -> uselib24
2.4.27 -> uselib24
2.6.2 -> mremap_pte, krad, h00lyshit
2.6.5 -> krad, krad2, h00lyshit
2.6.6 -> krad, krad2, h00lyshit
2.6.7 -> krad, krad2, h00lyshit
2.6.8 -> krad, krad2, h00lyshit
2.6.8-5 -> krad2, h00lyshit
2.6.9 -> krad, krad2, h00lyshit
2.6.9-34 -> r00t, h00lyshit
2.6.10 -> krad, krad2, h00lyshit
2.6.13 -> raptor, raptor2, h0llyshit, prctl
2.6.14 -> raptor, raptor2, h0llyshit, prctl
2.6.15 -> raptor, raptor2, h0llyshit, prctl
2.6.16 -> raptor, raptor2, h0llyshit, prctl 
-----------------------------------------------------

Linux 
Common 
Linux 2.2.x ->Linux kernel ptrace/kmod local root exploit (http://milw0rm.com/exploits/3
Linux 2.2.x (on exported files, should be vuln) (http://milw0rm.com/exploits/718
Linux <= 2.2.25 ->Linux Kernel 2.x mremap missing do_munmap Exploit (http://milw0rm.com/exploits/160)

Linux 2.4.x ->Linux kernel ptrace/kmod local root exploit (http://milw0rm.com/exploits/3
Linux 2.4.x -> pwned.c - Linux 2.4 and 2.6 sys_uselib local root exploit (http://milw0rm.com/exploits/895
Linux 2.4.x ->Linux kernel 2.4 uselib() privilege elevation exploit (http://milw0rm.com/exploits/778
Linux 2.4.20 ->Linux Kernel Module Loader Local R00t Exploit (http://milw0rm.com/exploits/12
Linux <= 2.4.22 ->Linux Kernel <= 2.4.22 (do_brk) Local Root Exploit (http://milw0rm.com/exploits/131
Linux 2.4.22 ->Linux Kernel 2.4.22 "do_brk()" local Root Exploit (PoC) (http://milw0rm.com/exploits/129
Linux <= 2.4.24 ->Linux Kernel 2.x mremap missing do_munmap Exploit (http://milw0rm.com/exploits/160
Linux 2.4.x < 2.4.27-rc3 (on nfs exported files) (http://milw0rm.com/exploits/718)

Linux <= 2.6.2 ->Linux Kernel 2.x mremap missing do_munmap Exploit (http://milw0rm.com/exploits/160
Linux 2.6.11 -> Linux Kernel <= 2.6.11 (CPL 0) Local Root Exploit (k-rad3.c) (http://milw0rm.com/exploits/1397
Linux 2.6.13 <= 2.6.17.4 -> Linux Kernel 2.6.13 <= 2.6.17.4 prctl() Local Root Exploit (logrotate) (http://milw0rm.com/exploits/2031
Linux 2.6.13 <= 2.6.17.4 -> Linux Kernel 2.6.13 <= 2.6.17.4 sys_prctl() Local Root Exploit (http://milw0rm.com/exploits/2011
Linux 2.6.11 <= 2.6.17.4 -> h00lyshit.c -Linux Kernel <= 2.6.17.4 (proc) Local Root Exploit (http://milw0rm.com/exploits/2013
Linux 2.6.x < 2.6.7-rc3 (default configuration) (http://milw0rm.com/exploits/718
Linux 2.6.x -> pwned.c - Linux 2.4 and 2.6 sys_uselib local root exploit (http://milw0rm.com/exploits/895)

Debian 
Debian 2.2 ->/usr/bin/pileup Local Root Exploit (http://milw0rm.com/exploits/1170)

Ubuntu 
Ubuntu Breezy 5.10 Installer Password Disclosure Vulnerability (http://milw0rm.com/exploits/1579)

Slackware 
Slackware 7.1 ->/usr/bin/Mail Exploit (http://milw0rm.com/exploits/285)

Mandrake 
Mandrake 8.2 -> /usr/mail local exploit (http://milw0rm.com/exploits/40
Mandrake <= 10.2 -> cdrdao Local Root Exploit (http://milw0rm.com/exploits/997)

Suse 
SuSE Linux 9.1 -> 'chfn' local root bug (http://milw0rm.com/exploits/1299
SuSE Linux 9.2 -> 'chfn' local root bug (http://milw0rm.com/exploits/1299
SuSE Linux 9.3 -> 'chfn' local root bug (http://milw0rm.com/exploits/1299
SuSE Linux 10.0 -> 'chfn' local root bug (http://milw0rm.com/exploits/1299
SuSE Linux Enterprise Server 8 -> 'chfn' local root bug (http://milw0rm.com/exploits/1299
SuSE Linux Enterprise Server 9 -> 'chfn' local root bug (http://milw0rm.com/exploits/1299)

BSD 
Freebsd 
Freebsd 3.5.1 ->Ports package local root (http://milw0rm.com/exploits/286
Freebsd 4.2 ->Ports package local root (http://milw0rm.com/exploits/286
FreeBSD 4.x <= 5.4) master.passwd Disclosure Exploit (http://milw0rm.com/exploits/1311)

Openbsd 
Openbsd 2.x - 3.3 ->exec_ibcs2_coff_prep_zmagic() Kernel Exploit (http://milw0rm.com/exploits/125
OpenBSD 3.x-4.0 ->vga_ioctl() root exploit (http://milw0rm.com/exploits/3094)


Sun-Microsystems 
Solaris 
Solaris 2.4 ->lion24.c (http://milw0rm.com/exploits/328
Solaris 2.6 with 107733-10 and without 107733-11 (http://milw0rm.com/exploits/1182
Solaris 2.6 with 107733-10 and without 107733-11 (http://milw0rm.com/exploits/1182
Solaris 5.5.1 ->X11R6.3 xterm (http://milw0rm.com/exploits/338
Solaris 7 with 106950-14 through 106950-22 and without 106950-23 (http://milw0rm.com/exploits/1182
Solaris 7 with 106950-14 through 106950-22 and without 106950-23 (http://milw0rm.com/exploits/1182
Solaris 7 without patch 107178-03 (http://milw0rm.com/exploits/714
Solaris 7 without patch 107178-03 (http://milw0rm.com/exploits/713
Solaris 8 without patch 108949-08 (http://milw0rm.com/exploits/713
Solaris 8 without patch 108949-08 (http://milw0rm.com/exploits/714
Solaris 8 with 109147-07 through 109147-24 and without 109147-25 (http://milw0rm.com/exploits/1182
Solaris 8 with 108993-14 through 108993-31 and without 108993-32 (http://milw0rm.com/exploits/715
Solaris 8 with 109147-07 through 109147-24 and without 109147-25 (http://milw0rm.com/exploits/1182
Solaris 8 with 108993-14 through 108993-31 and without 108993-32 (http://milw0rm.com/exploits/715
Solaris 9 without patch 116308-01 (http://milw0rm.com/exploits/714
Solaris 9 without patch 116308-01 (http://milw0rm.com/exploits/713
Solaris 9 without 113476-11 (http://milw0rm.com/exploits/715
Solaris 9 without 112963-09 (http://milw0rm.com/exploits/1182
Solaris 9 without 113476-11 (http://milw0rm.com/exploits/715
Solaris 9 without 112963-09 (http://milw0rm.com/exploits/1182
Solaris 10 (libnspr) Arbitrary File Creation Local Root Exploit (http://milw0rm.com/exploits/2543
Solaris 10 (libnspr) constructor Local Root Exploit (http://milw0rm.com/exploits/2641)

SunOS 
SunOS 5.10 Generic i86pc i386 i86pc (http://milw0rm.com/exploits/1073
SunOS 5.9 Generic_112233-12 sun4u (http://milw0rm.com/exploits/1073)














本文转sinojelly51CTO博客,原文链接:http://blog.51cto.com/pnig0s1992/412046,如需转载请自行联系原作者

相关文章
|
16天前
|
安全 Linux 虚拟化
|
10天前
|
安全 算法 Linux
Linux 服务器还有漏洞?建议使用 OpenVAS 日常检查!
在数字化时代,Linux 服务器的安全至关重要。OpenVAS 是一款优秀的开源漏洞扫描工具,可以帮助及时发现并修复服务器中的安全隐患。本文将介绍 OpenVAS 的主要功能、使用方法及应对漏洞的措施,帮助用户加强服务器安全管理,确保企业数字化安全。
30 7
|
17天前
|
Ubuntu Linux Shell
Linux 系统中的代码类型或脚本类型内容
在 Linux 系统中,代码类型多样,包括 Shell 脚本、配置文件、网络配置、命令行工具和 Cron 定时任务。这些代码类型广泛应用于系统管理、自动化操作、网络配置和定期任务,掌握它们能显著提高系统管理和开发的效率。
|
26天前
|
Kubernetes Linux 测试技术
|
1月前
|
Linux C语言 C++
vsCode远程执行c和c++代码并操控linux服务器完整教程
这篇文章提供了一个完整的教程,介绍如何在Visual Studio Code中配置和使用插件来远程执行C和C++代码,并操控Linux服务器,包括安装VSCode、安装插件、配置插件、配置编译工具、升级glibc和编写代码进行调试的步骤。
218 0
vsCode远程执行c和c++代码并操控linux服务器完整教程
|
2月前
|
Java Linux Python
Linux环境下 代码java调用python出错
Linux环境下 代码java调用python出错
56 3
|
2月前
|
Linux 编译器 开发工具
快速在linux上配置python3.x的环境以及可能报错的解决方案(python其它版本可同样方式安装)
这篇文章介绍了在Linux系统上配置Python 3.x环境的步骤,包括安装系统依赖、下载和解压Python源码、编译安装、修改环境变量,以及常见安装错误的解决方案。
145 1
|
1月前
|
Java Linux Maven
用sdkman在linux上管理多个java版本
本文介绍了如何在Linux上使用SDKMAN来管理多个Java版本,包括安装SDKMAN、验证安装、列出和安装不同版本的JDK、Maven和Gradle,以及如何切换使用不同版本。
52 0
|
2月前
|
安全 Linux API
关于Linux稳定版本的一切你想知道的内容 【ChatGPT】
关于Linux稳定版本的一切你想知道的内容 【ChatGPT】
|
2月前
|
Linux Shell Python
9-7|salt代码在linux机子那个目录
9-7|salt代码在linux机子那个目录