* [**raptor_peek.c**](https://github.com/0xdea/exploits/blob/master/solaris/raptor_peek.c). Solaris 8, 9, 10 (CVE-2007-5225). Kernel memory disclosure with fifofs I_PEEK ioctl(2).
34
34
* [**raptor_solgasm**](https://github.com/0xdea/exploits/blob/master/solaris/raptor_solgasm). Solaris 11 (CVE-2018-14665). Local privilege escalation via Xorg -logfile and inittab.
35
35
* [**raptor_dtprintname_sparc.c**](https://github.com/0xdea/exploits/blob/master/solaris/raptor_dtprintname_sparc.c). Solaris 7-9 (CVE-2019-2832). Buffer overflow in CDE dtprintinfo (SPARC).
36
-
* [**raptor_dtprintname_sparc2.c**](https://github.com/0xdea/exploits/blob/master/solaris/raptor_dtprintname_sparc2.c). Solaris 7-9 (CVE-2019-2832). Buffer overflow in CDE dtprintinfo (SPARC, ROP).
37
-
* [**raptor_dtprintname_sparc3.c**](https://github.com/0xdea/exploits/blob/master/solaris/raptor_dtprintname_sparc3.c). Solaris 10 (CVE-2019-2832). Buffer overflow in CDE dtprintinfo (SPARC, ROP).
38
-
* [**raptor_dtprintname_intel.c**](https://github.com/0xdea/exploits/blob/master/solaris/raptor_dtprintname_intel.c). Solaris 10 (CVE-2019-2832). Buffer overflow in CDE dtprintinfo (Intel, ROP).
36
+
* [**raptor_dtprintname_sparc2.c**](https://github.com/0xdea/exploits/blob/master/solaris/raptor_dtprintname_sparc2.c). Solaris 7-9 (CVE-2019-2832). Buffer overflow in CDE dtprintinfo (SPARC, NX).
37
+
* [**raptor_dtprintname_sparc3.c**](https://github.com/0xdea/exploits/blob/master/solaris/raptor_dtprintname_sparc3.c). Solaris 10 (CVE-2019-2832). Buffer overflow in CDE dtprintinfo (SPARC, NX).
38
+
* [**raptor_dtprintname_intel.c**](https://github.com/0xdea/exploits/blob/master/solaris/raptor_dtprintname_intel.c). Solaris 10 (CVE-2019-2832). Buffer overflow in CDE dtprintinfo (Intel, NX).
39
39
* [**raptor_xscreensaver**](https://github.com/0xdea/exploits/blob/master/solaris/raptor_xscreensaver). Solaris 11.x (CVE-2019-3010). Local privilege escalation via xscreensaver.
40
-
* [**raptor_session_ipa.c**](https://github.com/0xdea/exploits/blob/master/solaris/raptor_dtsession_ipa.c). Solaris 10 (CVE-2020-2696). Local privilege escalation via CDE dtsession (Intel, ROP).
41
-
* [**raptor_sdtcm_conv.c**](https://github.com/0xdea/exploits/blob/master/solaris/raptor_sdtcm_conv.c). Solaris 10 (CVE-2020-2944). Local privilege escalation via CDE sdtcm_convert (Intel, ROP).
42
-
* [**raptor_dtprintcheckdir_intel.c**](https://github.com/0xdea/exploits/blob/master/solaris/raptor_dtprintcheckdir_intel.c). Solaris 10 (0day?). Another buffer overflow in CDE dtprintinfo (Intel, ROP).
43
-
* [**raptor_dtprintcheckdir_intel2.c**](https://github.com/0xdea/exploits/blob/master/solaris/raptor_dtprintcheckdir_intel2.c). Solaris 10 (0day?). Format string bug in CDE dtprintinfo (Intel, ROP).
44
-
* [**raptor_dtprintcheckdir_sparc.c**](https://github.com/0xdea/exploits/blob/master/solaris/raptor_dtprintcheckdir_sparc.c). Solaris 10 (0day?). Format string bug in CDE dtprintinfo (SPARC PoC, ROP).
45
-
* [**raptor_dtprintcheckdir_sparc2.c**](https://github.com/0xdea/exploits/blob/master/solaris/raptor_dtprintcheckdir_sparc2.c). Solaris 10 (0day?). Format string bug in CDE dtprintinfo (SPARC, ROP).
40
+
* [**raptor_session_ipa.c**](https://github.com/0xdea/exploits/blob/master/solaris/raptor_dtsession_ipa.c). Solaris 10 (CVE-2020-2696). Local privilege escalation via CDE dtsession (Intel, NX).
41
+
* [**raptor_sdtcm_conv.c**](https://github.com/0xdea/exploits/blob/master/solaris/raptor_sdtcm_conv.c). Solaris 10 (CVE-2020-2944). Local privilege escalation via CDE sdtcm_convert (Intel, NX).
42
+
* [**raptor_dtprintcheckdir_intel.c**](https://github.com/0xdea/exploits/blob/master/solaris/raptor_dtprintcheckdir_intel.c). Solaris 10 (0day?). Another buffer overflow in CDE dtprintinfo (Intel, NX).
43
+
* [**raptor_dtprintcheckdir_intel2.c**](https://github.com/0xdea/exploits/blob/master/solaris/raptor_dtprintcheckdir_intel2.c). Solaris 10 (0day?). Format string bug in CDE dtprintinfo (Intel, NX).
44
+
* [**raptor_dtprintcheckdir_sparc.c**](https://github.com/0xdea/exploits/blob/master/solaris/raptor_dtprintcheckdir_sparc.c). Solaris 10 (0day?). Format string bug in CDE dtprintinfo (SPARC PoC, NX).
45
+
* [**raptor_dtprintcheckdir_sparc2.c**](https://github.com/0xdea/exploits/blob/master/solaris/raptor_dtprintcheckdir_sparc2.c). Solaris 10 (0day?). Format string bug in CDE dtprintinfo (SPARC, NX).
46
46
47
47
## AIX
48
48
* [**raptor_libC**](https://github.com/0xdea/exploits/blob/master/aix/raptor_libC). AIX 5.3, 6.1 (CVE-2009-2669). Arbitrary file creation or overwrite via libC debugging functions.