zoukankan      html  css  js  c++  java
  • 提权 EXP

    windows:

    漏洞列表
     
    #Security Bulletin   #KB     #Description    #Operating System
     
    CVE-2017-0213  [Windows COM Elevation of Privilege Vulnerability]  (windows 10/8.1/7/2016/2010/2008)
    MS17-010  [KB4013389]  [Windows Kernel Mode Drivers]  (windows 7/2008/2003/XP)
    MS16-135  [KB3199135]  [Windows Kernel Mode Drivers]  (2016)
    MS16-098  [KB3178466]  [Kernel Driver]  (Win 8.1)
    MS16-075  [KB3164038]  [Hot Potato]  (2003/2008/7/8/2012)
    MS16-032  [KB3143141]  [Secondary Logon Handle]  (2008/7/8/10/2012)
    MS16-016  [KB3136041]  [WebDAV]  (2008/Vista/7)
    MS15-097  [KB3089656]  [remote code execution]  (win8.1/2012)
    MS15-076  [KB3067505]  [RPC]  (2003/2008/7/8/2012)
    MS15-077  [KB3077657]  [ATM]  (XP/Vista/Win7/Win8/2000/2003/2008/2012)
    MS15-061  [KB3057839]  [Kernel Driver]  (2003/2008/7/8/2012)
    MS15-051  [KB3057191]  [Windows Kernel Mode Drivers]  (2003/2008/7/8/2012)
    MS15-010  [KB3036220]  [Kernel Driver]  (2003/2008/7/8)
    MS15-015  [KB3031432]  [Kernel Driver]  (Win7/8/8.1/2012/RT/2012 R2/2008 R2)
    MS15-001  [KB3023266]  [Kernel Driver]  (2008/2012/7/8)
    MS14-070  [KB2989935]  [Kernel Driver]  (2003)
    MS14-068  [KB3011780]  [Domain Privilege Escalation]  (2003/2008/2012/7/8)
    MS14-058  [KB3000061]  [Win32k.sys]  (2003/2008/2012/7/8)
    MS14-040  [KB2975684]  [AFD Driver]  (2003/2008/2012/7/8)
    MS14-002  [KB2914368]  [NDProxy]  (2003/XP)
    MS13-053  [KB2850851]  [win32k.sys]  (XP/Vista/2003/2008/win 7)
    MS13-046  [KB2840221]  [dxgkrnl.sys]  (Vista/2003/2008/2012/7)
    MS13-005  [KB2778930]  [Kernel Mode Driver]  (2003/2008/2012/win7/8)
    MS12-042  [KB2972621]  [Service Bus]  (2008/2012/win7)
    MS12-020  [KB2671387]  [RDP]  (2003/2008/7/XP)
    MS11-080  [KB2592799]  [AFD.sys]  (2003/XP)
    MS11-062  [KB2566454]  [NDISTAPI]  (2003/XP)
    MS11-046  [KB2503665]  [AFD.sys]  (2003/2008/7/XP)
    MS11-011  [KB2393802]  [kernel Driver]  (2003/2008/7/XP/Vista)
    MS10-092  [KB2305420]  [Task Scheduler]  (2008/7)
    MS10-065  [KB2267960]  [FastCGI]  (IIS 5.1, 6.0, 7.0, and 7.5)
    MS10-059  [KB982799]   [ACL-Churraskito]  (2008/7/Vista)
    MS10-048  [KB2160329]  [win32k.sys]  (XP SP2 & SP3/2003 SP2/Vista SP1 & SP2/2008 Gold & SP2 & R2/Win7)
    MS10-015  [KB977165]   [KiTrap0D]  (2003/2008/7/XP)
    MS09-050  [KB975517]   [Remote Code Execution]  (2008/Vista)
    MS09-020  [KB970483]   [IIS 6.0]  (IIS 5.1 and 6.0)
    MS09-012  [KB959454]   [Chimichurri]  (Vista/win7/2008/Vista)
    MS08-068  [KB957097]   [Remote Code Execution]  (2000/XP)
    MS08-067  [KB958644]   [Remote Code Execution]  (Windows 2000/XP/Server 2003/Vista/Server 2008)
    MS08-025  [KB941693]   [Win32.sys]  (XP/2003/2008/Vista)
    MS06-040  [KB921883]   [Remote Code Execution]  (2003/xp/2000)
    MS05-039  [KB899588]   [PnP Service]  (Win 9X/ME/NT/2000/XP/2003)
    MS03-026  [KB823980]   [Buffer Overrun In RPC Interface]  (/NT/2000/XP/2003)

    项目下载地址:

    https://github.com/SecWiki/windows-kernel-exploits

    linux:

    #CVE  #Description  #Kernels
     
    CVE-2017-1000367  [Sudo]
    (Sudo 1.8.6p7 - 1.8.20)
     
    CVE-2017-7494  [Samba Remote execution]
    (Samba 3.5.0-4.6.4/4.5.10/4.4.14)
     
    CVE-2016-5195  [Dirty cow]
    (Linux kernel>2.6.22 (released in 2007))
     
    CVE-2016-0728  [pp_key]
    (3.8.0, 3.8.1, 3.8.2, 3.8.3, 3.8.4, 3.8.5, 3.8.6, 3.8.7, 3.8.8, 3.8.9, 3.9, 3.10, 3.11, 3.12, 3.13, 3.4.0, 3.5.0, 3.6.0, 3.7.0, 3.8.0, 3.8.5, 3.8.6, 3.8.9, 3.9.0, 3.9.6, 3.10.0, 3.10.6, 3.11.0, 3.12.0, 3.13.0, 3.13.1)
     
    CVE-2015-7547  [glibc getaddrinfo]
    (before Glibc 2.9)
     
    CVE-2015-1328  [overlayfs]
    (3.13, 3.16.0, 3.19.0)
     
    CVE-2014-5284  [OSSEC]
    (2.8)
     
    CVE-2014-4699  [ptrace]
    (before 3.15.4)
     
    CVE-2014-4014  [Local Privilege Escalation]
    (before 3.14.8)
     
    CVE-2014-3153  [futex]
    (3.3.5 ,3.3.4 ,3.3.2 ,3.2.13 ,3.2.9 ,3.2.1 ,3.1.8 ,3.0.5 ,3.0.4 ,3.0.2 ,3.0.1 ,2.6.39 ,2.6.38 ,2.6.37 ,2.6.35 ,2.6.34 ,2.6.33 ,2.6.32 ,2.6.9 ,2.6.8 ,2.6.7 ,2.6.6 ,2.6.5 ,2.6.4 ,3.2.2 ,3.0.18 ,3.0 ,2.6.8.1)
     
    CVE-2014-0196  [rawmodePTY]
    (2.6.31, 2.6.32, 2.6.33, 2.6.34, 2.6.35, 2.6.36, 2.6.37, 2.6.38, 2.6.39, 3.14, 3.15)
     
    CVE-2014-0038  [timeoutpwn]
    (3.4, 3.5, 3.6, 3.7, 3.8, 3.8.9, 3.9, 3.10, 3.11, 3.12, 3.13, 3.4.0, 3.5.0, 3.6.0, 3.7.0, 3.8.0, 3.8.5, 3.8.6, 3.8.9, 3.9.0, 3.9.6, 3.10.0, 3.10.6, 3.11.0, 3.12.0, 3.13.0, 3.13.1)
     
    CVE-2013-2094  [perf_swevent]
    (3.0.0, 3.0.1, 3.0.2, 3.0.3, 3.0.4, 3.0.5, 3.0.6, 3.1.0, 3.2, 3.3, 3.4.0, 3.4.1, 3.4.2, 3.4.3, 3.4.4, 3.4.5, 3.4.6, 3.4.8, 3.4.9, 3.5, 3.6, 3.7, 3.8.0, 3.8.1, 3.8.2, 3.8.3, 3.8.4, 3.8.5, 3.8.6, 3.8.7, 3.8.8, 3.8.9)
     
    CVE-2013-0268  [msr]
    (2.6.18, 2.6.19, 2.6.20, 2.6.21, 2.6.22, 2.6.23, 2.6.24, 2.6.25, 2.6.26, 2.6.27, 2.6.27, 2.6.28, 2.6.29, 2.6.30, 2.6.31, 2.6.32, 2.6.33, 2.6.34, 2.6.35, 2.6.36, 2.6.37, 2.6.38, 2.6.39, 3.0.0, 3.0.1, 3.0.2, 3.0.3, 3.0.4, 3.0.5, 3.0.6, 3.1.0, 3.2, 3.3, 3.4, 3.5, 3.6, 3.7.0, 3.7.6)
     
    CVE-2012-3524  [libdbus]
    (libdbus 1.5.x and earlier)
     
    CVE-2012-0056  [memodipper]
    (2.6.39, 3.0.0, 3.0.1, 3.0.2, 3.0.3, 3.0.4, 3.0.5, 3.0.6, 3.1.0)
     
    CVE-2010-4347  [american-sign-language]
    (   2.6.0, 2.6.1, 2.6.2, 2.6.3, 2.6.4, 2.6.5, 2.6.6, 2.6.7, 2.6.8, 2.6.9, 2.6.10, 2.6.11, 2.6.12, 2.6.13, 2.6.14, 2.6.15, 2.6.16, 2.6.17, 2.6.18, 2.6.19, 2.6.20, 2.6.21, 2.6.22, 2.6.23, 2.6.24, 2.6.25, 2.6.26, 2.6.27, 2.6.28, 2.6.29, 2.6.30, 2.6.31, 2.6.32, 2.6.33, 2.6.34, 2.6.35, 2.6.36)
     
    CVE-2010-4258  [full-nelson]
    (2.6.31, 2.6.32, 2.6.35, 2.6.37)
     
    CVE-2010-4073  [half_nelson]
    (2.6.0, 2.6.1, 2.6.2, 2.6.3, 2.6.4, 2.6.5, 2.6.6, 2.6.7, 2.6.8, 2.6.9, 2.6.10, 2.6.11, 2.6.12, 2.6.13, 2.6.14, 2.6.15, 2.6.16, 2.6.17, 2.6.18, 2.6.19, 2.6.20, 2.6.21, 2.6.22, 2.6.23, 2.6.24, 2.6.25, 2.6.26, 2.6.27, 2.6.28, 2.6.29, 2.6.30, 2.6.31, 2.6.32, 2.6.33, 2.6.34, 2.6.35, 2.6.36)
     
    CVE-2010-3904  [rds]
    (2.6.30, 2.6.31, 2.6.32, 2.6.33, 2.6.34, 2.6.35, 2.6.36)
     
    CVE-2010-3437  [pktcdvd]
    (2.6.0, 2.6.1, 2.6.2, 2.6.3, 2.6.4, 2.6.5, 2.6.6, 2.6.7, 2.6.8, 2.6.9, 2.6.10, 2.6.11, 2.6.12, 2.6.13, 2.6.14, 2.6.15, 2.6.16, 2.6.17, 2.6.18, 2.6.19, 2.6.20, 2.6.21, 2.6.22, 2.6.23, 2.6.24, 2.6.25, 2.6.26, 2.6.27, 2.6.28, 2.6.29, 2.6.30, 2.6.31, 2.6.32, 2.6.33, 2.6.34, 2.6.35, 2.6.36)
     
    CVE-2010-3301  [ptrace_kmod2]
    (2.6.26, 2.6.27, 2.6.28, 2.6.29, 2.6.30, 2.6.31, 2.6.32, 2.6.33, 2.6.34)
     
    CVE-2010-3081  [video4linux]
    (2.6.0, 2.6.1, 2.6.2, 2.6.3, 2.6.4, 2.6.5, 2.6.6, 2.6.7, 2.6.8, 2.6.9, 2.6.10, 2.6.11, 2.6.12, 2.6.13, 2.6.14, 2.6.15, 2.6.16, 2.6.17, 2.6.18, 2.6.19, 2.6.20, 2.6.21, 2.6.22, 2.6.23, 2.6.24, 2.6.25, 2.6.26, 2.6.27, 2.6.28, 2.6.29, 2.6.30, 2.6.31, 2.6.32, 2.6.33)
     
    CVE-2010-2959  [can_bcm]
    (2.6.18, 2.6.19, 2.6.20, 2.6.21, 2.6.22, 2.6.23, 2.6.24, 2.6.25, 2.6.26, 2.6.27, 2.6.28, 2.6.29, 2.6.30, 2.6.31, 2.6.32, 2.6.33, 2.6.34, 2.6.35, 2.6.36)
     
    CVE-2010-1146  [reiserfs]
    (2.6.18, 2.6.19, 2.6.20, 2.6.21, 2.6.22, 2.6.23, 2.6.24, 2.6.25, 2.6.26, 2.6.27, 2.6.28, 2.6.29, 2.6.30, 2.6.31, 2.6.32, 2.6.33, 2.6.34)
     
    CVE-2010-0415  [do_pages_move]
    (2.6.18, 2.6.19, 2.6.20, 2.6.21, 2.6.22, 2.6.23, 2.6.24, 2.6.25, 2.6.26, 2.6.27, 2.6.28, 2.6.29, 2.6.30, 2.6.31)
     
    CVE-2009-3547  [pipe.c_32bit]
    (2.4.4, 2.4.5, 2.4.6, 2.4.7, 2.4.8, 2.4.9, 2.4.10, 2.4.11, 2.4.12, 2.4.13, 2.4.14, 2.4.15, 2.4.16, 2.4.17, 2.4.18, 2.4.19, 2.4.20, 2.4.21, 2.4.22, 2.4.23, 2.4.24, 2.4.25, 2.4.26, 2.4.27, 2.4.28, 2.4.29, 2.4.30, 2.4.31, 2.4.32, 2.4.33, 2.4.34, 2.4.35, 2.4.36, 2.4.37, 2.6.15, 2.6.16, 2.6.17, 2.6.18, 2.6.19, 2.6.20, 2.6.21, 2.6.22, 2.6.23, 2.6.24, 2.6.25, 2.6.26, 2.6.27, 2.6.28, 2.6.29, 2.6.30, 2.6.31)
     
    CVE-2009-2698  [udp_sendmsg_32bit]
    (2.6.1, 2.6.2, 2.6.3, 2.6.4, 2.6.5, 2.6.6, 2.6.7, 2.6.8, 2.6.9, 2.6.10, 2.6.11, 2.6.12, 2.6.13, 2.6.14, 2.6.15, 2.6.16, 2.6.17, 2.6.18, 2.6.19)
     
    CVE-2009-2692  [sock_sendpage]
    (2.4.4, 2.4.5, 2.4.6, 2.4.7, 2.4.8, 2.4.9, 2.4.10, 2.4.11, 2.4.12, 2.4.13, 2.4.14, 2.4.15, 2.4.16, 2.4.17, 2.4.18, 2.4.19, 2.4.20, 2.4.21, 2.4.22, 2.4.23, 2.4.24, 2.4.25, 2.4.26, 2.4.27, 2.4.28, 2.4.29, 2.4.30, 2.4.31, 2.4.32, 2.4.33, 2.4.34, 2.4.35, 2.4.36, 2.4.37, 2.6.0, 2.6.1, 2.6.2, 2.6.3, 2.6.4, 2.6.5, 2.6.6, 2.6.7, 2.6.8, 2.6.9, 2.6.10, 2.6.11, 2.6.12, 2.6.13, 2.6.14, 2.6.15, 2.6.16, 2.6.17, 2.6.18, 2.6.19, 2.6.20, 2.6.21, 2.6.22, 2.6.23, 2.6.24, 2.6.25, 2.6.26, 2.6.27, 2.6.28, 2.6.29, 2.6.30)
     
    CVE-2009-2692  [sock_sendpage2]
    (2.4.4, 2.4.5, 2.4.6, 2.4.7, 2.4.8, 2.4.9, 2.4.10, 2.4.11, 2.4.12, 2.4.13, 2.4.14, 2.4.15, 2.4.16, 2.4.17, 2.4.18, 2.4.19, 2.4.20, 2.4.21, 2.4.22, 2.4.23, 2.4.24, 2.4.25, 2.4.26, 2.4.27, 2.4.28, 2.4.29, 2.4.30, 2.4.31, 2.4.32, 2.4.33, 2.4.34, 2.4.35, 2.4.36, 2.4.37, 2.6.0, 2.6.1, 2.6.2, 2.6.3, 2.6.4, 2.6.5, 2.6.6, 2.6.7, 2.6.8, 2.6.9, 2.6.10, 2.6.11, 2.6.12, 2.6.13, 2.6.14, 2.6.15, 2.6.16, 2.6.17, 2.6.18, 2.6.19, 2.6.20, 2.6.21, 2.6.22, 2.6.23, 2.6.24, 2.6.25, 2.6.26, 2.6.27, 2.6.28, 2.6.29, 2.6.30)
     
    CVE-2009-1337  [exit_notify]
    (2.6.25, 2.6.26, 2.6.27, 2.6.28, 2.6.29)
     
    CVE-2009-1185  [udev]
    (2.6.25, 2.6.26, 2.6.27, 2.6.28, 2.6.29)
     
    CVE-2008-4210  [ftrex]
    (2.6.11, 2.6.12, 2.6.13, 2.6.14, 2.6.15, 2.6.16, 2.6.17, 2.6.18, 2.6.19, 2.6.20, 2.6.21, 2.6.22)
     
    CVE-2008-0600  [vmsplice2]
    (2.6.23, 2.6.24)
     
    CVE-2008-0600  [vmsplice1]
    (2.6.17, 2.6.18, 2.6.19, 2.6.20, 2.6.21, 2.6.22, 2.6.23, 2.6.24, 2.6.24.1)
     
    CVE-2006-3626  [h00lyshit]
    (2.6.8, 2.6.10, 2.6.11, 2.6.12, 2.6.13, 2.6.14, 2.6.15, 2.6.16)
     
    CVE-2006-2451  [raptor_prctl]
    (2.6.13, 2.6.14, 2.6.15, 2.6.16, 2.6.17)
     
    CVE-2005-0736  [krad3]
    (2.6.5, 2.6.7, 2.6.8, 2.6.9, 2.6.10, 2.6.11)
     
    CVE-2004-1235  [elflbl]
    (2.4.29)
     
    CVE-N/A  [caps_to_root]
    (2.6.34, 2.6.35, 2.6.36)
     
    CVE-2004-0077  [mremap_pte]
    (2.4.20, 2.2.24, 2.4.25, 2.4.26, 2.4.27)

    项目下载地址:

    https://github.com/SecWiki/linux-kernel-exploits

    --转自大牛

  • 相关阅读:
    cocos2dx 将cocosbuilder输出文件映射成对象的原理
    网络游戏剧情副本的一种实现方式(上)
    2D游戏中的碰撞检测
    es学习笔记2:php版本es包
    go语法:参数传递
    go语法专题:信号量,iota,锁原理
    https协议原理与实现(整理中)
    我眼中的幸福
    戏剧的一天
    开通了
  • 原文地址:https://www.cnblogs.com/s1ye/p/8464715.html
Copyright © 2011-2022 走看看