4067 matches found
HP-UX 10.x/11.x - RExec Remote 'Username' Flag Local Buffer Overrun
source: https://www.securityfocus.com/bid/7459/info It has been reported that a problem in the rexec program included with some versions of HP-UX may be vulnerable to a boundary condition error. It may be possible for a local user to exploit this vulnerability to gain elevated privileges on the...
Unauthorized reading files on phpSysInfo
/----------------------------------------------------------------------------- | 7 A 6 9 - A d v C: 007 |-----------------------------------------------------------------------------| | | Unauthorized reading files on phpSysInfo |...
[SECURITY] [DSA 267-2] New lpr packages fix local root exploit (potato)
-------------------------------------------------------------------------- Debian Security Advisory DSA 267-2 [email protected] http://www.debian.org/security/ Martin Schulze April 15th, 2003 http://www.debian.org/security/faq -...
Linux Kernel 2.4.20 - Module Loader Privilege Escalation
Linux Kernel 2.4.20 - Module Loader Privilege Escalation / Linux Kernel Module Loader Local R00t Exploit Up to 2.4.20 By anonymous KuRaK include include include include include include include include include include include include include define TMPSIZE 4096 define FMAX 768 define UIDNUM 6 defi...
Linux Kernel < 2.4.20 - Module Loader Privilege Escalation
/ Linux Kernel Module Loader Local R00t Exploit Up to 2.4.20 By anonymous KuRaK include include include include include include include include include include include include include define TMPSIZE 4096 define FMAX 768 define UIDNUM 6 define MMSIZE 40961 define MAXSTACK 0xc0000000 // where to pu...
AutomatedShops WebC.cgi Multiple Overflows
The remote host is running a version of AutomatedShops's webc.cgi that is older than version 5.020. This CGI is vulnerable to a remote buffer overflow up to version 5.005 included and to a local one up to version 5.010 included. An attacker may use this flaw to execute arbitrary code on the remot...
[SECURITY] [DSA 275-1] New lpr-ppd packages fix local root exploit
-------------------------------------------------------------------------- Debian Security Advisory DSA 275-1 [email protected] http://www.debian.org/security/ Martin Schulze April 2nd, 2003 http://www.debian.org/security/faq -...
[SECURITY] [DSA 275-1] New lpr-ppd packages fix local root exploit
-------------------------------------------------------------------------- Debian Security Advisory DSA 275-1 [email protected] http://www.debian.org/security/ Martin Schulze April 2nd, 2003 http://www.debian.org/security/faq -...
XMame 0.6x - Lang Local Buffer Overflow
XMame 0.6x - Lang Local Buffer Overflow // source: https://www.securityfocus.com/bid/7773/info Xmame is prone to a locally exploitable buffer overflow. This is due to insufficient bounds checking of the command line parameter used to specify language settings --lang. Successful exploitation on so...
[SECURITY] [DSA 267-1] New lpr packages fix local root exploit
-------------------------------------------------------------------------- Debian Security Advisory DSA 267-1 [email protected] http://www.debian.org/security/ Martin Schulze March 24th, 2003 http://www.debian.org/security/faq -...
HP-UX 7-11 - X Font Server Local Buffer Overflow
HP-UX 7-11 - X Font Server Local Buffer Overflow source: https://www.securityfocus.com/bid/10551/info HP-UX X Font Server is reportedly affected by a local buffer overflow vulnerability. This issue is due to a failure of the application to properly validate the length of a user-supplied string...
iDEFENSE Security Advisory 03.04.03: Locally Exploitable Buffer Overflow in file(1)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 iDEFENSE Security Advisory 03.04.03: http://www.idefense.com/advisory/03.04.03.txt Locally Exploitable Buffer Overflow in file1 March 4, 2003 I. BACKGROUND file1 is an application that utilizes a magic file typically located in /usr/share/magic to...
Zlib 1.1.4 - Compression Library gzprintf() Buffer Overrun (2)
Zlib 1.1.4 - Compression Library gzprintf Buffer Overrun 2 // source: https://www.securityfocus.com/bid/6913/info A buffer-overrun vulnerability has been reported in the Zlib compression library. Due to the use of 'vsprintf' by an internal Zlib function, an attacker can cause memory to become...
Zlib 1.1.4 - Compression Library 'gzprintf()' Buffer Overrun (2)
// source: https://www.securityfocus.com/bid/6913/info A buffer-overrun vulnerability has been reported in the Zlib compression library. Due to the use of 'vsprintf' by an internal Zlib function, an attacker can cause memory to become corrupted. This buffer overrun occurs becuase the software fai...
[SECURITY] [DSA 252-1] New slocate packages fix local root exploit
-------------------------------------------------------------------------- Debian Security Advisory DSA 252-1 [email protected] http://www.debian.org/security/ Martin Schulze February 21st, 2003 http://www.debian.org/security/faq -...
cPanel 5.0 - 'Openwebmail' Local Privilege Escalation
source: https://www.securityfocus.com/bid/6885/info It has been reported that cPanels' openwebmail package, distributed as part of the cPanel CGI application, is vulnerable to an external file include vulnerability. Exploitation of this issue may result in local user privilage escalation. By...
iDEFENSE Security Advisory 02.12.03: Buffer Overflow in AIX libIM.a
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 iDEFENSE Security Advisory 02.12.03: http://www.idefense.com/advisory/02.12.03.txt Buffer Overflow in AIX libIM.a February 12, 2003 I. BACKGROUND Advanced Interactive eXecutive AIX is IBM Corp.'s Unix operating system implementation, native to pSeries...
WinRAR buffer overflow vulnerability
Hello everybody. We found vulnerability in WinRAR 3.10 or lower version, and reported details to Author of this Software at 2003/01/12. Fixed version 3.11 of WinRAR was released, so we release the Information about this vulnerability. ----------------------------------------------------------...
MTink 0.9.x - Printer Status Monitor Environment Variable Buffer Overflow
MTink 0.9.x - Printer Status Monitor Environment Variable Buffer Overflow source: https://www.securityfocus.com/bid/6656/info mtink is prone to a locally exploitable buffer overflow condition. This is due to insufficient bounds checking of the HOME environment variable. mtink is reportedly...
[SECURITY] [DSA 227-1] New openldap packages fix buffer overflows and remote exploit
-------------------------------------------------------------------------- Debian Security Advisory DSA 227-1 [email protected] http://www.debian.org/security/ Martin Schulze January, 13th, 2003 http://www.debian.org/security/faq -...