Git Product home page Git Product logo

h0w1 / linuxflaw Goto Github PK

View Code? Open in Web Editor NEW

This project forked from mudongliang/linuxflaw

0.0 1.0 0.0 45.93 MB

This repo records all the vulnerabilities of linux software I have reproduced in my local workspace

C 54.01% Perl 6 0.44% Perl 15.01% ASP 0.76% HTML 1.15% Rich Text Format 0.27% Visual Basic 0.12% TeX 0.28% Assembly 0.47% Shell 0.56% Python 22.80% PHP 2.89% XSLT 0.07% Ruby 0.57% Makefile 0.02% C++ 0.58%

linuxflaw's Introduction

LinuxFlaw

This repo records all the vulnerabilities of linux software I have reproduced in my local workspace.

If the vulnerability has both CVE-ID and EDB-ID, CVE-ID is preferred as its directory name. All the vulnerable source code packages are stored in source-packages

Vmware Workstation Images

Image Name username password
Ubuntu 8.10 exploit exploit
Ubuntu 10.04LTS exploit exploit
CentOS 6.5 core core
CentOS 5.5 core core
Ubuntu 11.04 dzm77 dzm77
Ubuntu 12.04 ubuntu ubuntu
Fedora fedora fedora
OpenSUSE core core
Ubuntu 14.04_core core core
Kali root kali
Ubuntu_14.04_alex research-cve toortoor
Ubuntu_14.04_pt pt pt

For details of vulnerabilities(in which virtual machine, what is the reproduction workspace, etc.), please refer to virtualmachine.csv

If you encounter problems with keyword "Failed to lock files", you could try to delete any .lck or .lock files or folders in the directory of the problematic VM.

CVE-ID List

  • CVE-2001-0144
  • CVE-2001-0550
  • CVE-2002-0656
  • CVE-2002-1496
  • CVE-2002-1896
  • CVE-2003-0577 (Fail to reproduce)
  • CVE-2004-0238
  • CVE-2004-0270
  • CVE-2004-0557
  • CVE-2004-0597
  • CVE-2004-0990
  • CVE-2004-1120
  • CVE-2004-1255
  • CVE-2004-1256 (Fail to reproduce)
  • CVE-2004-1257
  • CVE-2004-1258 (Fail to reproduce)
  • CVE-2004-1259 (Fail to reproduce)
  • CVE-2004-1260 (Fail to reproduce)
  • CVE-2004-1261
  • CVE-2004-1262
  • CVE-2004-1265
  • CVE-2004-1266 (Fail to reproduce)
  • CVE-2004-1271
  • CVE-2004-1272 (Fail to reproduce)
  • CVE-2004-1275
  • CVE-2004-1278
  • CVE-2004-1279
  • CVE-2004-1283 (Fail to reproduce)
  • CVE-2004-1287
  • CVE-2004-1288
  • CVE-2004-1289
  • CVE-2004-1290
  • CVE-2004-1292
  • CVE-2004-1293
  • CVE-2004-1297
  • CVE-2004-1298
  • CVE-2004-1299
  • CVE-2004-1455 (Fail to reproduce)
  • CVE-2004-2093
  • CVE-2004-2167
  • CVE-2005-0101
  • CVE-2005-0199
  • CVE-2005-1275
  • CVE-2005-3120
  • CVE-2005-3252
  • CVE-2005-3862
  • CVE-2005-4667
  • CVE-2005-4807
  • CVE-2006-0539
  • CVE-2006-1148
  • CVE-2006-1542
  • CVE-2006-2025
  • CVE-2006-2362
  • CVE-2006-2465
  • CVE-2006-2656
  • CVE-2006-2971
  • CVE-2006-3082
  • CVE-2006-3124
  • CVE-2006-3581
  • CVE-2006-3582
  • CVE-2006-3746
  • CVE-2006-4018
  • CVE-2006-4089
  • CVE-2006-4144
  • CVE-2006-4182
  • CVE-2006-4812
  • CVE-2006-5276
  • CVE-2006-5295
  • CVE-2006-5465
  • CVE-2006-5815
  • CVE-2006-6563
  • CVE-2007-0368
  • CVE-2007-1001
  • CVE-2007-1286
  • CVE-2007-1371
  • CVE-2007-1383
  • CVE-2007-1465
  • CVE-2007-1777
  • CVE-2007-1825
  • CVE-2007-2052
  • CVE-2007-2446
  • CVE-2007-2683
  • CVE-2007-2872
  • CVE-2007-3473
  • CVE-2007-3947
  • CVE-2007-4060
  • CVE-2007-4965
  • CVE-2007-5301
  • CVE-2007-5759
  • CVE-2007-6015
  • CVE-2007-6454
  • CVE-2007-6697
  • CVE-2007-6731
  • CVE-2008-1721
  • CVE-2008-1767
  • CVE-2008-1801
  • CVE-2008-1802
  • CVE-2008-1887
  • CVE-2008-2292 (Fail to reproduce)
  • CVE-2008-2315
  • CVE-2008-2316 (Fail to reproduce)
  • CVE-2008-2950
  • CVE-2008-3142
  • CVE-2008-3143
  • CVE-2008-3144 (Fail to reproduce)
  • CVE-2008-4864
  • CVE-2008-5031
  • CVE-2008-5314
  • CVE-2008-5904
  • CVE-2009-1759
  • CVE-2009-1886
  • CVE-2009-2285
  • CVE-2009-2286
  • CVE-2009-3050
  • CVE-2009-3586
  • CVE-2009-4134
  • CVE-2009-4880
  • CVE-2009-4881
  • CVE-2009-5018
  • CVE-2010-1147
  • CVE-2010-1159
  • CVE-2010-1449
  • CVE-2010-1450
  • CVE-2010-1634
  • CVE-2010-1866
  • CVE-2010-2089
  • CVE-2010-2481
  • CVE-2010-2482
  • CVE-2010-2810
  • CVE-2010-2891
  • CVE-2010-2959
  • CVE-2010-4221
  • CVE-2010-4259
  • CVE-2010-4409
  • CVE-2011-0420
  • CVE-2011-0708
  • CVE-2011-0761
  • CVE-2011-1071
  • CVE-2011-1092
  • CVE-2011-1137
  • CVE-2011-1938
  • CVE-2011-5033
  • CVE-2012-0809
  • CVE-2012-2386
  • CVE-2012-3480
  • CVE-2012-4409
  • CVE-2012-4412
  • CVE-2012-4424
  • CVE-2012-5612
  • CVE-2012-5667
  • CVE-2012-5867
  • CVE-2013-0221
  • CVE-2013-0222
  • CVE-2013-0223
  • CVE-2013-0722
  • CVE-2013-2028
  • CVE-2013-2131
  • CVE-2013-3724
  • CVE-2013-4123
  • CVE-2013-4243
  • CVE-2013-4473
  • CVE-2013-4474
  • CVE-2013-4788
  • CVE-2013-7226
  • CVE-2013-7446
  • CVE-2014-0226
  • CVE-2014-0749
  • CVE-2014-1912
  • CVE-2014-2851
  • CVE-2014-4616
  • CVE-2014-6277
  • CVE-2014-7185
  • CVE-2014-8322
  • CVE-2014-8768
  • CVE-2014-9295
  • CVE-2015-0235
  • CVE-2015-0252
  • CVE-2015-1265
  • CVE-2015-3205
  • CVE-2015-3890
  • CVE-2015-5895
  • CVE-2015-7547
  • CVE-2015-7805
  • CVE-2015-8396
  • CVE-2015-8617
  • CVE-2015-8668
  • CVE-2016-0728
  • CVE-2016-10092
  • CVE-2016-10093
  • CVE-2016-10094
  • CVE-2016-10095
  • CVE-2016-10251
  • CVE-2016-10268
  • CVE-2016-10269
  • CVE-2016-10270
  • CVE-2016-10271
  • CVE-2016-10272
  • CVE-2016-2233
  • CVE-2016-2563
  • CVE-2016-4557
  • CVE-2016-5636
  • CVE-2016-6187
  • CVE-2016-6516
  • CVE-2016-6832 (Fail to reproduce)
  • CVE-2016-7393 (Fail to reproduce)
  • CVE-2016-7445
  • CVE-2016-7477 (Fail to reproduce)
  • CVE-2016-8655
  • CVE-2016-8676
  • CVE-2016-8678
  • CVE-2016-8883
  • CVE-2016-8887 (PoC not found)
  • CVE-2016-9560
  • CVE-2016-9819
  • CVE-2016-9820
  • CVE-2016-9821
  • CVE-2017-10688
  • CVE-2017-11403
  • CVE-2017-12858
  • CVE-2017-12936
  • CVE-2017-12937
  • CVE-2017-14103
  • CVE-2017-14638
  • CVE-2017-14639
  • CVE-2017-14640
  • CVE-2017-14641
  • CVE-2017-14642
  • CVE-2017-14643
  • CVE-2017-14644
  • CVE-2017-14645
  • CVE-2017-14646
  • CVE-2017-15020
  • CVE-2017-15938
  • CVE-2017-15939
  • CVE-2017-5502
  • CVE-2017-5852
  • CVE-2017-5853
  • CVE-2017-5854
  • CVE-2017-5855
  • CVE-2017-5886
  • CVE-2017-5974
  • CVE-2017-5975
  • CVE-2017-5976
  • CVE-2017-5977
  • CVE-2017-5978
  • CVE-2017-5980
  • CVE-2017-6840
  • CVE-2017-6842
  • CVE-2017-6843
  • CVE-2017-6847
  • CVE-2017-6848
  • CVE-2017-6850
  • CVE-2017-6852
  • CVE-2017-7184
  • CVE-2017-7308
  • CVE-2017-7378
  • CVE-2017-7379
  • CVE-2017-7380
  • CVE-2017-7381
  • CVE-2017-7382
  • CVE-2017-7383
  • CVE-2017-7533
  • CVE-2017-7596
  • CVE-2017-7597
  • CVE-2017-7598
  • CVE-2017-7599
  • CVE-2017-7600
  • CVE-2017-7601
  • CVE-2017-7602
  • CVE-2017-7606
  • CVE-2017-8890
  • CVE-2017-9038
  • CVE-2017-9147
  • CVE-2017-9154
  • CVE-2017-9160
  • CVE-2017-9162
  • CVE-2017-9163
  • CVE-2017-9164
  • CVE-2017-9165
  • CVE-2017-9166
  • CVE-2017-9167
  • CVE-2017-9168
  • CVE-2017-9169
  • CVE-2017-9170
  • CVE-2017-9171
  • CVE-2017-9172
  • CVE-2017-9173
  • CVE-2017-9174
  • CVE-2017-9177
  • CVE-2017-9180
  • CVE-2017-9182
  • CVE-2017-9183
  • CVE-2017-9184
  • CVE-2017-9186
  • CVE-2017-9189
  • CVE-2017-9190
  • CVE-2017-9191
  • CVE-2017-9192
  • CVE-2017-9193
  • CVE-2017-9194
  • CVE-2017-9195
  • CVE-2017-9196
  • CVE-2017-9204
  • CVE-2017-9205
  • CVE-2017-9206
  • CVE-2017-9207
  • CVE-2018-9138

EDB-ID List

  • EDB-10334
  • EDB-10617
  • EDB-10634
  • EDB-11644
  • EDB-14083
  • EDB-14452
  • EDB-14904
  • EDB-15054
  • EDB-15062
  • EDB-15705
  • EDB-17611
  • EDB-17806
  • EDB-19987
  • EDB-20479
  • EDB-23523
  • EDB-25411
  • EDB-26915
  • EDB-28679
  • EDB-30142
  • EDB-30648
  • EDB-31761
  • EDB-31915
  • EDB-33251
  • EDB-33949
  • EDB-34164
  • EDB-35450
  • EDB-36024
  • EDB-36229
  • EDB-36388
  • EDB-36881
  • EDB-37546
  • EDB-37743
  • EDB-37777
  • EDB-37975
  • EDB-37987
  • EDB-37988
  • EDB-38597
  • EDB-38616
  • EDB-38617
  • EDB-38681
  • EDB-38685
  • EDB-38857
  • EDB-39285
  • EDB-39406
  • EDB-39502
  • EDB-39673
  • EDB-39692
  • EDB-39733
  • EDB-39734
  • EDB-39747
  • EDB-39764
  • EDB-39800
  • EDB-39810
  • EDB-39842
  • EDB-39875
  • EDB-40023
  • EDB-40025
  • EDB-8205
  • EDB-890
  • EDB-9264

Other-ID list

  • Gentoo-Bug-70090

  • Sourceware-Bug-21877

  • Sourceware-Bug-21878

  • Sourceware-Bug-21880

  • Some vulnerabilities without CVE ID listed in Gentoo Security Blog

Classification

Stack Overflow

Heap Overflow

BSS/Data Overflow

Use-After-Free

Double Free

Invalid Free

Null Pointer

Uninitialized Memory

Stack exhaustion

Heap exhaustion

Memory Leak

Note

Enable/Disable Security mitigations

Please refer to Traditional Mitigation Repository to check security mitigations and how to enable/disable them.

linuxflaw's People

Contributors

mudongliang avatar chenyueqi avatar aledcuevas avatar whyisyoung avatar jaguo avatar linus-young avatar

Watchers

James Cloos avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.