Дырка в VariCAD 7.0

несколько исполняемых файлов открыты на запись...

Дырка в FlagShip

несколько исполняемых файлов открыто на запись...

Possible vulnerability in HPUX

Hello, Few days ago i read the mail Hackerslab bugpaper HP-UX bdf -t option buffer overflow vul. And decided to see any other possible vulnerabilityies on my ststem. HP-UX 10.20. After a few minutes maybe a little more : ,trying each setuid exe with different options, i finally got results as for...

Advisory: mailman local compromise

Author : Stan Bubrouski Date : August 1, 2000 Package : mailman Versions affected : 2.0beta3 released: 2000-Jun-28 23:25 2.0beta4 released: 2000-Jul-06 21:27 Severity : access to group mailman binaries are installed as which usually mailman. Most directories in a mailman install are mode 2755 as...

Group-writable executable in OpenLDAP

OpenLDAP installs the ud binary in $binpath with mode 775 and default group i.e. either you primary gid or the directories gid. Of course the consequences depend on which group this actually is. This was checked with 1.2.11 latest stable, but probably also exists in earlier versions, since the...

Проблемы с OpenLDAP

исполняемые файлы устанавливаются с разрешениями позволяющие запись для группы...

CVE-2000-0663

The registry entry for the Windows Shell executable Explorer.exe in Windows NT and Windows 2000 uses a relative path name, which allows local users to execute arbitrary commands by inserting a Trojan Horse named Explorer.exe into the %Systemdrive% directory, aka the "Relative Shell Path"...

Проблемы в сервере Roxen

Используя нулевой символ 00 можно просматривать листинги директорий, получать содержимое исполняемых файлов и т.д...

CVE-2000-0342

Eudora 4.x allows remote attackers to bypass the user warning for executable attachments such as .exe, .com, and .bat by using a .lnk file that refers to the attachment, aka "Stealth Attachment."...

CVE-2000-0342

CVE-2000-0342 (Eudora 4.x) describes a vulnerability where remote attackers can bypass the user warning for executable attachments (.exe, .com, .bat) by using a .lnk file that references the attachment, a.k.a. “Stealth Attachment.” The linked PT-2000-1308 entry confirms the affected software as E...

Vulnerability in Solaris ufsrestore

Hi, Reading RFP's great initiative on the disclosure policy http://www.wiretrip.net/rfp/policy.html , here is the scoop on a local root exploit I reported to Sun on May 18th. I received confirmation on the reception, stated I would disclose in three weeks and heard nothing since. I've had better...

S.u.S.E Linux 4.x5.x6.x7.0 Slackware 3.x4.0 Turbolinux 6 OpenLinux 7.0 - fdmount Local Buffer Overflow (3)

S.u.S.E Linux 4.x5.x6.x7.0 Slackware 3.x4.0 Turbolinux 6 OpenLinux 7.0 - fdmount Local Buffer Overflow 3 // source: https://www.securityfocus.com/bid/1239/info A buffer overflow exists in the 0.8 version of the fdmount program, distributed with a number of popular versions of Linux. By supplying ...

MICROSOFT SECURITY FLAW?

Saturday, May 13, 2000 MICROSOFT SECURITY FLAW? Silent delivery and installation of an executable on a target computer. No client input other than opening an email or newsgroup post. 1. Using the following this can be accomplished with the default installation of Windows 95 and 98 and Internet...

CVE-2000-0325

The Microsoft Jet database engine allows an attacker to execute commands via a database query, aka the "VBA Shell" vulnerability...

silent.delivery.txt

Saturday, May 13, 2000 MICROSOFT SECURITY FLAW? Silent delivery and installation of an executable on a target computer. No client input other than opening an email or newsgroup post. 1. Using the following this can be accomplished with the default installation of Windows 95 and 98 and Internet...

Проблема с Eudora

Eudora считает исполняемыми только файлы с расширением .exe, .com и .bat, что позволяет прислать пользователю исполняемый файл, который будет запущен без предупреждения...

CVE-2000-0342

Eudora 4.x allows remote attackers to bypass the user warning for executable attachments such as .exe, .com, and .bat by using a .lnk file that refers to the attachment, aka "Stealth Attachment."...

PT-2000-1308 · Qualcomm · Eudora

Name of the Vulnerable Software and Affected Versions: Eudora versions 4.x Description: The issue allows remote attackers to bypass the user warning for executable attachments such as .exe, .com, and .bat by using a .lnk file that refers to the attachment. This is also known as "Stealth...

Qualcomm Eudora 4.2/4.3 - Warning Message Circumvention

source: https://www.securityfocus.com/bid/1157/info A malicious email sender can circumvent warning messages that would normally display when a user attempts to view executable attachments in Eudora 4.2/4.3. Eudora does not prompt a user with the warning message if they are attempting to open a...

Solaris 2.67.0 - lp -d Option Buffer Overflow

Solaris 2.67.0 - lp -d Option Buffer Overflow // source: https://www.securityfocus.com/bid/1143/info A buffer overrun has been discovered in the lp program, as included with Sun's Solaris 7 operating system. By passing well crafted, machine executable code of sufficient length to the -d option of...