CVE-2005-3345

CVE-2005-3345 affects rssh versions 2.0.0 through 2.2.3, enabling local users to bypass access restrictions and gain root privileges via the rssh_chroot_helper chroot to an external directory. The connected sources confirm the vulnerability and its local-privilege-escalation impact, but do not pr...

CVE-2005-3345

Removed by vendor...

CVE-2005-3345

rssh 2.0.0 through 2.2.3 allows local users to bypass access restrictions and gain root privileges by using the rsshchroothelper command to chroot to an external directory...

CVE-2005-4532

scponlyc in scponly 4.1 and earlier, when the operating system supports LDPRELOAD mechanisms, allows local users to execute arbitrary code with root privileges by creating a chroot directory in their home directory, hard linking to a system setuid application, and using a modified LDPRELOAD to...

CVE-2005-4532

scponlyc in scponly 4.1 and earlier, when the operating system supports LDPRELOAD mechanisms, allows local users to execute arbitrary code with root privileges by creating a chroot directory in their home directory, hard linking to a system setuid application, and using a modified LDPRELOAD to...

CVE-2005-4532

CVE-2005-4532 affects scponly versions 4.1 and earlier. The root cause is a design/implementation flaw in scponlyc that can be exploited when LD_PRELOAD is available: an unprivileged user can create a chroot directory in their home, hard-link to a system setuid application, and override expected ...

rssh -- privilege escalation vulnerability

Pizzashack reports: Max Vozeler has reported a problem whereby rssh can allow users who have shell access to systems where rssh is installed and rsshchroothelper is installed SUID to gain root access to the system, due to the ability to chroot to arbitrary locations. There are a lot of potentiall...

CVSTrac chdir() chroot jail escape

The remote host seems to be running cvstrac, a web-based bug and patch-set tracking system for CVS. This version contains a flaw related to the chdir function that may allow an attacker to escape the chroot jail. An attacker, exploiting this flaw, would be able to access files outside of the web...

CVSTrac chdir() chroot jail escape

The remote host seems to be running cvstrac, a web-based bug and patch-set tracking system for CVS. This version contains a flaw related to the chdir function that may allow an attacker to escape the chroot jail. An attacker, exploiting this flaw, would be able to access files outside of the web...

vixie security update

CentOS Errata and Security Advisory CESA-2005:361 An updated vixie-cron package that fixes various bugs and a security issue is now available. This update has been rated as having low security impact by the Red Hat Security Response Team. The vixie-cron package contains the Vixie version of cron...

Low: Red Hat Security Advisory: vixie-cron security update

An updated vixie-cron package that fixes various bugs and a security issue is now available. This update has been rated as having low security impact by the Red Hat Security Response Team. The vixie-cron package contains the Vixie version of cron. Cron is a standard UNIX daemon that runs specifie...

Security fix for the ALT Linux 9 package openvpn version 2.0.2-alt1

Aug. 25, 2005 Nikolay A. Fetisov 2.0.2-alt1 - New version 2.0.2: -- Security fix for several DoS attacks: CAN-2005-2531; CAN-2005-2532; CAN-2005-2533; CAN-2005-2534. -- Several minor bug fixes and improvements, see ChangeLog for details - Run in chroot by default...

dnrd -- remote buffer and stack overflow vulnerabilities

Natanael Copa reports that dnrd is vulnerable to a remote buffer overflow and a remote stack overflow. These vulnerabilities can be triggered by sending invalid DNS packets to dnrd. The buffer overflow could potentially be used to execute arbitrary code with the permissions of the dnrd daemon. No...

Slackware 8.1 / 9.0 / 9.1 / current : rsync update (SSA:2004-124-01)

New rsync packages are available for Slackware 8.1, 9.0, 9.1, and -current to fix a security issue. When running an rsync server without the chroot option it is possible for an attacker to write outside of the allowed directory. Any sites running rsync in that mode should upgrade right away and...

FreeBSD : rsync -- path sanitizing vulnerability (2689f4cb-ec4c-11d8-9440-000347a4fa7d)

An rsync security advisory reports : There is a path-sanitizing bug that affects daemon mode in all recent rsync versions including 2.6.2 but only if chroot is disabled. The bug may allow a remote user to access files outside of an rsync module's configured path with the privileges configured for...

linux/x86 chroot & standart 66 bytes

No description provided by source. Linux/x86 chroot and standart shellcode. By Okti http://okti.nm.ru ---------------------------------------------------------------------------------------------- / Mkdir and Chroot are written in C: / includestdio.h includeunistd.h includesys/types.h...

linux/x86 chroot & standart 66 bytes

linux/x86 chroot & standart 66 bytes. Shellcode exploit for linx86 platform / Linux/x86 chroot and standart shellcode. By Okti http://okti.nm.ru ---------------------------------------------------------------------------------------------- / / Mkdir and Chroot are written in C: / include include...

linux/x86 chroot & standart 66 bytes

Exploit for linux/x86 platform in category shellcode ==================================== linux/x86 chroot & standart 66 bytes ==================================== Linux/x86 chroot and standart shellcode. By Okti http://okti.nm.ru...

cdrdao (Mandrake 10.2) - Local Privilege Escalation

cdrdao Mandrake 10.2 - Local Privilege Escalation !/bin/sh cdrdao local root exploit newbug at chroot.org IRC: irc.chroot.org chroot May 2005 echo "cdrdao private exploit" echo "This exploit only for Mandrake series" echo "newbug at chroot.org" echo "May 2005" echo "checking if cdrdao is setuid...

Darryl Burgdorf Webhints Remote Command Execution Vulnerability

Description Darryl Burgdorf Webhints is prone to a remote command execution vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. Technologies Affected Colored Scripts Easy Message Board Darryl Burgdorf Webhints 1.3.0 Recommendations Block...