Удаленная дыра в BSD ftpd

Однобайтное переполнение стека позволяет получить привелегии root...

BSD ftpd 0.3.2 - Single Byte Buffer Overflow

source: https://www.securityfocus.com/bid/2124/info The ftp daemon derived from 4.x BSD source contains a serious vulnerability that may compromise root access. There exists a one byte overflow in the replydirname function. The overflow condition is due to an off-by-one bug that allows an attacke...

CVE-2000-0999

Format string vulnerabilities in OpenBSD ssh program and possibly other BSD-based operating systems allow attackers to gain root privileges...

CVE-2000-1010

Format string vulnerability in talkd in OpenBSD and possibly other BSD-based OSes allows remote attackers to execute arbitrary commands via a user name that contains format characters...

PT-2000-1909 · Openbsd +1 · Openbsd Ssh +1

Name of the Vulnerable Software and Affected Versions: OpenBSD ssh affected versions not specified Description: The issue allows attackers to gain root privileges due to format string vulnerabilities in the OpenBSD ssh program, potentially affecting other BSD-based operating systems as well...

CVE-2000-0999

Technical details about CVE-2000-0999 are not provided in the connected documents. The initial description mentions format-string vulnerabilities in OpenBSD ssh but no affected versions, impact specifics, or remediation are given here. Monitor for updates.

CVE-2000-0999

Format string vulnerabilities in OpenBSD ssh program and possibly other BSD-based operating systems allow attackers to gain root privileges...

FreeBSD 3.54.x - usrbintop Format String

FreeBSD 3.54.x - usrbintop Format String / source: https://www.securityfocus.com/bid/1895/info top is a program used to display system usage statistics in real time written by GoupSys Consulting but shipped by default as a core component with many operating systems. On BSD systems, top is install...

CVE-2000-0094

The CVE-2000-0094 entry concerns BSD procfs allowing local privilege escalation to root by manipulating the /proc/pid/mem interface through a modified file descriptor for stderr. The vulnerability is rooted in the procfs interface and enables a local attacker to gain full privileges, as described...

CVE-2000-0094

procfs in BSD systems allows local users to gain root privileges by modifying the /proc/pid/mem interface via a modified file descriptor for stderr...

ncurses buffer overflows

OVERVIEW The CRT screen handling library ncurses contains buffer overflows, making programs using it vulnerable. If the programs are setuid or setgid, a local user may elevate their privilege. The problem exists in ncurses versions 4.2 and 5.0, probably earlier, and libocurses. The overflows can ...

Format strings: bug #1: BSD-lpr

Hi, INTRO ----- Welcome to a short series of security bugs, all involving mistakes with "user supplied format strings". This class of bug is very popular on Bugtraq at the moment, so what an ideal time for a few examples. BSD-lpr ------- If we look into lpr/lpd/printjob.c, we can find the followi...

Дырки в LPR-утилитах BSD

Ошибка форматной строки...

tco.txt

Synnergy Laboratories Advisory SLA-2000-14 NAME BSD/Linux telnet client overflow AFFECTED Linux Debian Redhat Mandrake Slackware possibly others BSD FreeBSD possible others SYNOPSIS Synnergy Labs has found a bug in the telnet client that causes a stack overflow by filling the DISPLAY environment...

Ошибка между imapd И mail.local

Hello, Надеюсь, что хотя бы из чувства патриотизма может быть еще кто-нибудь в дальнейшем решится писать в этот список рассылки до или хотя бы одновременно публикации в Bugtraq : Ошибка несерьезная, но достаточно интересная. Дело в том, что в данном случае ни одна из программ не содержит явной...

CVE-2000-0092

The CVE-2000-0092 entry concerns the BSD make program, where local users can modify files via a symlink attack when the -j option is used. Affected component: make in BSD systems. Root cause: symlink race during parallel builds allows write access to targeted files. Impact: local unauthorized mod...

CVE-2000-0461

Technical details for CVE-2000-0461 are not publicly available in the provided documents. Please monitor for updates from official advisories and databases.

CVE-2000-0092

The BSD make program allows local users to modify files via a symlink attack when the -j option is being used...

CVE-2000-0461

The undocumented semconfig system call in BSD freezes the state of semaphores, which allows local users to cause a denial of service of the semaphore system by using the semconfig call...

Серьезная DoS-атака пртив *BSD

IP-пакет с некорректным смещением параметров IP например timestamp вызывает аварийную остановку системы...