HP HP-UX 10.20/11.0 / IBM AIX 4.3 / SCO Unixware 7.0 / Sun Solaris 2.6 - Change File Permission

source: https://www.securityfocus.com/bid/131/info Due to improper checking of ownership, the dtappgather utility shipped with the Common Desktop Environment allows arbitrary users to overwrite any file present on the filesystem, regardless of the owner of the file. dtappgather uses a directory o...

HP HP-UX 10.2011.0 IBM AIX 4.3 SCO Unixware 7.0 Sun Solaris 2.6 - Change File Permission

HP HP-UX 10.2011.0 IBM AIX 4.3 SCO Unixware 7.0 Sun Solaris 2.6 - Change File Permission source: https://www.securityfocus.com/bid/131/info Due to improper checking of ownership, the dtappgather utility shipped with the Common Desktop Environment allows arbitrary users to overwrite any file prese...

CVE-1999-0046

The CVE-1999-0046 entry documents a buffer overflow in the rlogin program triggered by the TERM environment variable. Red Hat/NVD entries confirm a buffer overflow affecting rlogin; no specific vulnerable versions or patches are provided in the supplied sources. Exploitation details, affected pro...

CVE-1999-0388

DataLynx suGuard (DataLynx) is affected: it trusts the PATH environment variable to execute the ps command, enabling a local user to run commands with root privileges. Root cause: use of PATH for command execution without proper validation. Impact: local privilege escalation to root as described ...

Knox Arkeia 4.0 Backup - Local Overflow

/ source: https://www.securityfocus.com/bid/661/info Knox Software Arkeia 4.0 Backup rnavc & nlserverd HOME Environment Variable Buffer Overflow A local buffer overflow in the handling of the HOME environment variable by the rlserver and rnavc binaries that are part of the Knox Software Arkiea...

Knox Arkeia 4.0 Backup - Local Overflow

Knox Arkeia 4.0 Backup - Local Overflow / source: https://www.securityfocus.com/bid/661/info Knox Software Arkeia 4.0 Backup rnavc & nlserverd HOME Environment Variable Buffer Overflow A local buffer overflow in the handling of the HOME environment variable by the rlserver and rnavc binaries that...

SuSE Linux 6.2 sscw - HOME Environment Variable Buffer Overflow

SuSE Linux 6.2 sscw - HOME Environment Variable Buffer Overflow source: https://www.securityfocus.com/bid/656/info A buffer overflow vulnerability in sscw's handling of the HOME environment variable allows local users to gain root privileges. !/bin/bash Linux x86 exploit for /usr/bin/sccw on SuSE...

dtsession_vuln.txt

Subject: Vulnerability in dtsession To: [email protected] Hello, I discovered the following security problem in dtsession actually in libtt.so, part of CDE: Description ----------- The session manager dtsession contains an overflow vulnerability when parsing the environment variable...

PT-1999-1338 · Oracle · Solaris

Name of the Vulnerable Software and Affected Versions: Solaris affected versions not specified Description: The issue is related to a buffer overflow in Solaris libc, ufsrestore, and rcp, which can be triggered via the LC MESSAGES environmental variable. Recommendations: At the moment, there is n...

CVE-1999-0872

Buffer overflow in Vixie cron allows local users to gain root access via a long MAILTO environment variable in a crontab file...

Caldera OpenLinux 2.2 Debian 2.12.2 RedHat 6.0 - Vixie Cron MAILTO Sendmail

Caldera OpenLinux 2.2 Debian 2.12.2 RedHat 6.0 - Vixie Cron MAILTO Sendmail Caldera OpenLinux 2.2 ,Debian Linux 2.1/2.2,RedHat Linux = 6.0 Vixie Cron MAILTO Sendmail Vulnerability source: https://www.securityfocus.com/bid/611/info Failure by the vixie cron daemon from validating the contents of a...

dtap2.txt

http://www.rootshell.com/ From [email protected] Mon Nov 2 08:12:39 1998 Date: Mon, 2 Nov 1998 18:05:59 +0100 MET From: Andrea Costantino To: [email protected], [email protected] Subject: another /usr/dt/bin/dtappgather feature! There's attached the message related to this new feature...

solaris-mkcookie.txt

RSI.0012.12-03-98.SOLARIS.MKCOOKIE |:::. |::::: |::::. |::::: |::::: |::::. .. :: .. .. :: .. .. .. :: |:::: |:::: |:::: :::::: |::::: |:::: |: |: :: |: |: |:: |: |: :: |: :: |::::: |: |::::: |::::: |::::: Repent Security Incorporated, RSI http://www.repsec.com RSI ALERT ADVISORY --- CREDIT...

tcsh.6.07.bof.txt

Date: Mon, 17 May 1999 09:53:19 +0200 From: arkth To: [email protected] Subject: tcsh overflow While few days ago there was discussion about bash overflow on bugtraq i found another overflow in tcsh-6.07.09-1 rh 5.2 . The problem is in too long $HOME evironment variable very old thing - zgv...

Oracle 8 8.1.5 - Intelligent Agent (1)

Oracle 8 8.1.5 - Intelligent Agent 1 source: https://www.securityfocus.com/bid/585/info A vulnerability in the Oracle Intelligent Agent allows local malicious users to execute arbitrary commands and to create world writable files as the root user. The problem lies in the dbsnmp program located in...

Oracle 8 8.1.5 - Intelligent Agent (1)

source: https://www.securityfocus.com/bid/585/info A vulnerability in the Oracle Intelligent Agent allows local malicious users to execute arbitrary commands and to create world writable files as the root user. The problem lies in the dbsnmp program located in $ORACLEHOME/bin . This setuid root a...

Oracle 8 8.1.5 - Intelligent Agent (2)

Oracle 8 8.1.5 - Intelligent Agent 2 // source: https://www.securityfocus.com/bid/585/info A vulnerability in the Oracle Intelligent Agent allows local malicious users to execute arbitrary commands and to create world writable files as the root user. The problem lies in the dbsnmp program located...

Xi Graphics Accelerated X 4.0.x/5.0 - Local Buffer Overflow

// source: https://www.securityfocus.com/bid/488/info Accelerated-X, also known as Accel-X, is a popular commercial X server available from Xi Graphics. The servers are normally installed setuid root, and contain multiple buffer overflow vulnerabilities. These vulnerabilities were found in the...

IBM AIX 4.2.1 / Sun Solaris 7.0 - LC_MESSAGES libc Buffer Overflow (4)

// source: https://www.securityfocus.com/bid/268/info A buffer overflow in libc's handling of the LCMESSAGES environment variable allows a malicious user to exploit any suid root program linked agains libc to obtain root privileges. This problem is found in both IBM's AIX and Sun Microsystem's...

Oracle 8 - File Access

source: https://www.securityfocus.com/bid/170/info A number of security file access security vulnerabilities in suid programs that are part of Oracle may be exploited to obtain the privileges of the 'oracle' user and full access to the database system. Only the Unix version of Oracle is vulnerabl...