CVE-2014-3074

The runtime linker in IBM AIX 6.1 and 7.1 and VIOS 2.2.x allows local users to create a mode-666 root-owned file, and consequently gain privileges, by setting crafted MALLOCOPTIONS and MALLOCBUCKETS environment-variable values and then executing a setuid program. Recent assessments: timb-machine ...

Solaris 2.5/2.6/7.0/8 tip Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2475/info tip is a utility included with Sun Microsystems Solaris Operating Environment. tip allows a user to establish a full duplex terminal connection with a remote host. A problem with tip could lead to a buffer...

AIX 7.1 TL 2 : malloc (IV61314)

It has been identified that the runtime linker allows privilege escalation via arbitrary file writes with elevated privileges programs. When MALLOCOPTIONS and MALLOCBUCKETS environment variables are set with bucket statistics options and by executing certain setuid programs, a non-privileged user...

AIX 6.1 TL 9 : malloc (IV60935)

It has been identified that the runtime linker allows privilege escalation via arbitrary file writes with elevated privileges programs. When MALLOCOPTIONS and MALLOCBUCKETS environment variables are set with bucket statistics options and by executing certain setuid programs, a non-privileged user...

Sun Solaris Netscape Portable Runtime API 4.6.1 - Local Privilege Escalation Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/20471/info The Netscape Portable Runtime API running on Sun Solaris 10 operating system is prone to a local privilege-escalation vulnerability. A successful exploit of this issue allows an attacker to gain superuser...

IBM AIX 4.3.x piobe Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2037/info AIX is a variant of the UNIX Operating System, distributed by IBM. A problem exists which can allow a local user elevated priviledges. The problem exists in the piobe program. Due to the insuffient handling of t...

Platform Load Sharing Facility 4/5 LSF_ENVDIR Local Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7655/info It has been reported that Load Sharing Facility LSF does not properly handle input in environment variables. Because of this, an attacker may be able to gain escalated privileges on a vulnerable system. LSF 5.1...

Youbin 2.5/3.0/3.4 HOME Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7503/info It has been reported that youbin is vulnerable to a locally exploitable buffer overflow. The problem is said to occur while processing environment variables. Specifically, an internal memory buffer may be overru...

Solaris 7.0/8 IPCS Timezone Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2581/info Solaris is the variant of the UNIX Operating System distributed by Sun Microsystems. Solaris is designed as a scalable operating system for the Intel x86 and Sun Sparc platforms, and operates on machines varying...

AIX 7.1 TL 3 : malloc (IV60940)

It has been identified that the runtime linker allows privilege escalation via arbitrary file writes with elevated privileges programs. When MALLOCOPTIONS and MALLOCBUCKETS environment variables are set with bucket statistics options and by executing certain setuid programs, a non-privileged user...

GNU GNATS 3.113 Environment Variable Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8005/info It has been reported that GNATS is prone to a buffer overflow condition when parsing certain environment variables. An attacker can exploit this vulnerability by setting an overly long environment variable and...

Mac OS X <= 10.4.6 (launchd) Local Format String Exploit (ppc)

No description provided by source. !/usr/bin/perl http://www.digitalmunition.com/FailureToLaunch-ppc.pl Code by Kevin Finisterre kflistsatdigitalmunitiondotcom Much appreciation goes to John H for all kindsa random shit like exploiting Veritas and other random things in the past core... where the...

SunOS <= 4.1.3 LD_LIBRARY_PATH and LD_OPTIONS Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/43/info There exists a vulnerability involving environment variables and setuid/setgid programs under SunOS 4.0 and higher. A dynamically-linked program that is invoked by a setuid/setgid program has access to the caller'...

HP Tru64 Alpha OSF1 5.1 - (ps) Information Leak Exploit

No description provided by source. !/bin/ksh osf1tru64ps.ksh exploit Tested on OSF1 V5.1 1885 alpha ps executable - information leak Author: Andrea bunker Purificato http://rawlab.mindcreations.com the ps command also /usr/ucb/ps on HP OSF1 v5.1 Alpha, developed without an eye to security, allows...

SCO OpenServer 5.0.x 'mana' PATH_INFO Privilege Escalation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8618/info It has been reported that SCO OpenServer Inertnet Manager 'mana' process is prone to a privilege escalation issue allow local users to execute arbitrary code with elevated privileges. mana normally requires...

IBM AIX 4.3.x/5.1 ERRPT Local Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5885/info The IBM AIX errpt command is prone to a locally exploitable buffer overflow condition. It is possible to exploit this condition to execute arbitrary attacker-supplied instructions with root privileges...

Solaris 10 (libnspr) - Arbitrary File Creation Local Root Exploit

No description provided by source. !/bin/sh $Id: raptorlibnspr,v 1.1 2006/10/13 19:12:12 raptor Exp $ raptorlibnspr - Solaris 10 libnspr oldschool local root Copyright c 2006 Marco Ivaldi [email protected] Local exploitation of a design error vulnerability in version 4.6.1 of NSPR, as includ...

AN HTTPD CMDIS.DLL Remote Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13066/info AN HTTPD is reported prone to a remote buffer overflow vulnerability. Specifically, the issue presents itself in 'cmdIS.DLL' which calls the 'GetEnvironmentStrings' function to copy environment variables into a...

Stanley T. Shebs Xconq 7.2.2 - Buffer Overflow Vulnerabilities in xconq

No description provided by source. source: http://www.securityfocus.com/bid/1495/info Xconq is a multiple player strategy game available for many unix platforms. It contains a number of buffer overflow vulnerabilities including the ability to overflow stack buffers with either the DISPLAY or the...

CGIScript.net 1.0 Information Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/4764/info CGIScript.net provides various webmaster related tools and is maintained by Mike Barone and Andy Angrick. It is possible to cause numerous scripts provided by CGIScript.net to disclose sensitive system...