IBM AIX 4.2.1 / Sun Solaris 7.0 - LC_MESSAGES libc Buffer Overflow (4)

// source: https://www.securityfocus.com/bid/268/info A buffer overflow in libc's handling of the LCMESSAGES environment variable allows a malicious user to exploit any suid root program linked agains libc to obtain root privileges. This problem is found in both IBM's AIX and Sun Microsystem's...

Oracle 8 - File Access

source: https://www.securityfocus.com/bid/170/info A number of security file access security vulnerabilities in suid programs that are part of Oracle may be exploited to obtain the privileges of the 'oracle' user and full access to the database system. Only the Unix version of Oracle is vulnerabl...

CVE-1999-0388

DataLynx suGuard trusts the PATH environment variable to execute the ps command, allowing local users to execute commands as root...

textcounter.pl 1.2 - Arbitrary Command Execution

source: https://www.securityfocus.com/bid/2265/info textcounter.pl is distributed through Matt's Scripts archive, and provides added features to httpd servers such as counters, guestbooks, and http cookie management. Due to insufficient checking of entered characters, it is possible for a remote...

Armidale Software Yapp Conferencing System 2.2 - Local Buffer Overflow

Armidale Software Yapp Conferencing System 2.2 - Local Buffer Overflow // source: https://www.securityfocus.com/bid/365/info Armidale Software's Yapp Conferencing System is vulnerable to an environment variable related buffer overflow vulnerability in at least the Linux version. The consequence o...

Linux libc 5.3.12 (RedHat Linux 4.0 Slackware Linux 3.1) - libc NLSPATH

Linux libc 5.3.12 RedHat Linux 4.0 Slackware Linux 3.1 - libc NLSPATH // source: https://www.securityfocus.com/bid/379/info There is a serious vulnerability in linux libc affecting all Linux distributions using libc 5.2.18 and below. The vulnerability is centered around the NLSPATH environment...

IRIX 5.36.x - usrbinmail Local Buffer Overflow

IRIX 5.36.x - usrbinmail Local Buffer Overflow / source: https://www.securityfocus.com/bid/1542/info The mail1 program, also know as mailatt, is used to read or send email. A buffer overflow condition exists in code that handles the LOGNAME environment variable. This could be exploited to elevate...

IRIX 5.3/6.x - '/usr/bin/mail' Local Buffer Overflow

/ source: https://www.securityfocus.com/bid/1542/info The mail1 program, also know as mailatt, is used to read or send email. A buffer overflow condition exists in code that handles the LOGNAME environment variable. This could be exploited to elevate privileges. / / copyright LAST STAGE OF DELIRI...

zgv - $HOME Local Buffer Overflow

zgv - $HOME Local Buffer Overflow / zgv exploit coded by BeastMaster V on June 20, 1997 USAGE: For some strage reason, the filename length of this particular exploit must me one character long, otherwise you will be drop into a normal unpriviledged shell. Go Figure.... $ cp zgvexploit.c n.c $ cc ...

zgv - '$HOME' Local Buffer Overflow

/ zgv exploit coded by BeastMaster V on June 20, 1997 USAGE: For some strage reason, the filename length of this particular exploit must me one character long, otherwise you will be drop into a normal unpriviledged shell. Go Figure.... $ cp zgvexploit.c n.c $ cc -o n n.c $ ./n Oak driver: Unknown...

zgv $HOME overflow

Exploit for linux platform in category local exploits ================== zgv $HOME overflow ================== / zgv exploit coded by BeastMaster V on June 20, 1997 USAGE: For some strage reason, the filename length of this particular exploit must me one character long, otherwise you will be drop...

CVE-1999-1483

Buffer overflow in zgv in svgalib 1.2.10 and earlier allows local users to execute arbitrary code via a long HOME environment variable...

Elm 2.3/2.4 - TERM Environment Variable Local Buffer Overrun

source: https://www.securityfocus.com/bid/8030/info A buffer overrun has been discovered in Elm. The problem occurs due to insufficient bounds checking performed before copying user-supplied data into an internal memory buffer. Specifically, a TERM environment variable containing excessive data...

SGI IRIX 6.4 - 'rmail' Local Privilege Escalation

source: https://www.securityfocus.com/bid/460/info A vulnerability exists in the rmail utility, included by SGI with it's Irix operating system. By failing to sanity check the contents of an environment variable, arbitrary commands may be executed with gid mail. rmail is used with uucp. The...

SGI IRIX 6.4 - rmail Local Privilege Escalation

SGI IRIX 6.4 - rmail Local Privilege Escalation source: https://www.securityfocus.com/bid/460/info A vulnerability exists in the rmail utility, included by SGI with it's Irix operating system. By failing to sanity check the contents of an environment variable, arbitrary commands may be executed...

Buffer Overflow

Overview Affected versions of this package are vulnerable to Buffer Overflow. Buffer overflow in Kerberos IV compatibility libraries as used in Kerberos V allows local users to gain root privileges via a long line in a kerberos configuration file, which can be specified via the KRBCONF...

UNICOS 9MAX 1.3mk 1.5 AIX 4.2 libc 5.2.18 RedHat 4 IRIX 6 Slackware 3 - NLS (2)

UNICOS 9MAX 1.3mk 1.5 AIX 4.2 libc 5.2.18 RedHat 4 IRIX 6 Slackware 3 - NLS 2 / source: https://www.securityfocus.com/bid/711/info Cray UNICOS 9.0/9.2/MAX 1.3/mk 1.5,AIX include include char shellcode = "\x31\xc0\xb0\x31\xcd\x80\x93\x31\xc0\xb0\x17\xcd\x80\x68\x59\x58\xff\xe1"...

UNICOS 9/MAX 1.3/mk 1.5 / AIX 4.2 / libc 5.2.18 / RedHat 4 / IRIX 6 / Slackware 3 - NLS (2)

/ source: https://www.securityfocus.com/bid/711/info Cray UNICOS 9.0/9.2/MAX 1.3/mk 1.5,AIX include include char shellcode = "\x31\xc0\xb0\x31\xcd\x80\x93\x31\xc0\xb0\x17\xcd\x80\x68\x59\x58\xff\xe1" "\xff\xd4\x31\xc0\x99\x89\xcf\xb0\x2e\x40\xae\x75\xfd\x89\x39\x89\x51\x04"...

UNICOS 9MAX 1.3mk 1.5 AIX 4.2 libc 5.2.18 RedHat 4 IRIX 6 Slackware 3 - NLS (1)

UNICOS 9MAX 1.3mk 1.5 AIX 4.2 libc 5.2.18 RedHat 4 IRIX 6 Slackware 3 - NLS 1 / source: https://www.securityfocus.com/bid/711/info Cray UNICOS 9.0/9.2/MAX 1.3/mk 1.5,AIX = 4.2,Linux libc = 5.2.18,RedHat 4.0,IRIX 6.2,Slackware 3.1 Natural Language Service NLS Vulnerability 1 A buffer overflow...

PT-1997-1026 · Rlogin · Rlogin

Name of the Vulnerable Software and Affected Versions: rlogin affected versions not specified Description: The issue concerns a buffer overflow in the rlogin program, which can be triggered using the TERM environmental variable. Recommendations: At the moment, there is no information about a newe...