4067 matches found
MySQL 3.23.x/4.0.x - 'COM_CHANGE_USER' Password Length Account
/ source: https://www.securityfocus.com/bid/6373/info A flaw in the password authentication mechanism for MySQL may make it possible for an authenticated database user to compromise the accounts of other database users. The flaw lies in the fact that the server uses a string returned by the clien...
MS02-071: WM_TIMER Message Handler Privilege Elevation (328310)
The remote version of Windows contains a flaw in the handling of WMTIMER messages for interactive processes that could allow a local user to execute arbitrary code on the remote host with the SYSTEM privileges. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid11191;...
HP-UX 11 - Software Distributor Lang Environment Variable Local Buffer Overrun
// source: https://www.securityfocus.com/bid/8986/info HP has reported that some Software Distributor SD utilities are prone to a locally exploitable buffer-overrun vulnerability. Affected utilities include swinstall1M and swverify1M. / Program : xhpux11isw.c Use : HP-UX 11.11/11.0 exploit swxxx ...
CVE-2002-1127
CVE-2002-1127: Buffer overflow in uucp for Compaq Tru64/OSF1 3.x enables local users to execute arbitrary code via a long source (-s) argument. Root cause: unchecked buffer handling in uucp. Affected: Tru64/OSF1 3.x; component: uucp. Impact: local code execution; data confidentiality/integrity/av...
Cisco VPN 5000 Client - Buffer Overrun (2)
// source: https://www.securityfocus.com/bid/5734/info Buffer overrun vulnerabilities have been reported in the Cisco VPN 5000 UNIX clients available for Linux and Solaris systems. The condition affects the binaries 'closetunnel' and 'opentunnel', both installed setuid root by default. Malicious...
HP Tru64 UNIX ".upd..loader" contains buffer overflow (SSRT2275)
Overview The HP Tru64 UNIX implementation of ".upd..loader" contains a locally exploitable buffer overflow. Description A locally exploitable buffer overflow in ".upd..loader" may permit a local attacker to gain elevated privileges and execute arbitrary code on a vulnerable host. --- Impact A loc...
HP Tru64 UNIX "rdist" contains buffer overflow (SSRT2275)
Overview The HP Tru64 UNIX implementation of "rdist" contains a locally exploitable buffer overflow. Description "rdist" allows a user to maintain identical copies of files on multiple hosts. A locally exploitable buffer overflow in "rdist" may permit a local attacker to gain elevated privileges...
HP Tru64 UNIX "ps" contains buffer overflow (SSRT2256)
Overview The HP Tru64 UNIX implementation of "ps" contains a locally exploitable buffer overflow. Description "ps" is used to display information about running processes. A locally exploitable buffer overflow in "ps" may permit a local attacker to gain elevated privileges and execute arbitrary co...
HP Tru64 UNIX "at" contains buffer overflow (SSRT2189)
Overview The HP Tru64 UNIX implementation of "at" contains a locally exploitable buffer overflow. Description "at" is used to run a job at a later time. A locally exploitable buffer overflow in "at" may permit a local attacker to gain elevated privileges and execute arbitrary code on a vulnerable...
HP Tru64 UNIX "lpq" contains buffer overflow (SSRT2275)
Overview The HP Tru64 UNIX implementation of "lpq" contains a locally exploitable buffer overflow. Description "lpq" is used to examine the printer spool queue. A locally exploitable buffer overflow in "lpq" may permit a local attacker to gain elevated privileges and execute arbitrary code on a...
HP Tru64 UNIX "traceroute" contains buffer overflow (SSRT2261)
Overview The HP Tru64 UNIX implementation of "traceroute" contains a locally exploitable buffer overflow. Description "traceroute" is used to display the route packets follow from one host to another on the Internet. A locally exploitable buffer overflow in "traceroute" may permit a local attacke...
scrollkeeper.txt
------------------------------------------------------------------------- Release date : September 2 2002 Author : Spybreak [email protected] Package : Scrollkeeper Version : 0.3.4, 0.3.11 Severity : Medium to High Vendor homepage : scrollkeeper.sourceforge.net Status : vendor contacted Problem :...
CVE-2002-0991
CVE-2002-0991 : Buffer overflows in the cifslogin command of HP CIFS/9000 Client A.01.06 and earlier (based on the Sharity package) allow local users to gain root privileges by supplying excessively long parameters (-U, -D, -P, -S, -N, or -u). Affected versions are A.01.06 and earlier. The provid...
iDEFENSE Security Advisory: Linuxconf locally exploitable buffer overflow
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 iDEFENSE Security Advisory 08.28.2002 Linuxconf locally exploitable buffer overflow vulnerability DESCRIPTION A vulnerability exists in linuxconf which if the LINUXCONFLANG environment variable processes at least 964 bytes of data, a buffer overflow...
Low BandWidth X proxy vulnerable to buffer overflow via crafted display command line option
Overview A locally exploitable buffer overflow exists in the Low BandWidth X proxy. Description The Low BandWidth X proxy is a component of XFree86 a freely redistributable open-source implementation of the X Window System. The Low BandWidth X proxy allows applications to transparently take...
OpenBSD contains buffer overflow in "select" call
Overview A locally exploitable buffer overflow exists in all versions of OpenBSD. Description The buffer overflow exists in the select2 system call. The overflow occurs if select is supplied with arbitrary negative values. --- Impact Local users can gain system privileges and execute code in the...
FreeBSD Security Advisory FreeBSD-SA-02:32.pppd
-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-02:32.pppd Security Advisory The FreeBSD Project Topic: exploitable race condition in pppd Category: core Module: pppd Announced: 2002-07-31 Credits: Sebastian Krahmer...
CORE-20020620: Inktomi Traffic Server Buffer Overflow
CORE SECURITY TECHNOLOGIES http://www.corest.com Vulnerability Report For Inktomi Traffic Server Date Published: 2002-07-02 Advisory ID: CORE-20020620 Bugtraq ID: 5098 CVE CAN: None currently assigned. Title: Inktomi Traffic Server trafficmanager local overflow. Class: Boundary error condition...
Cobalt Linux 6.0 - RaQ (Authenticated) Privilege Escalation
Cobalt Linux 6.0 - RaQ Authenticated Privilege Escalation source: https://www.securityfocus.com/bid/5695/info Sun has released an advisory warning that it is possible for local users to escalate priveleges on Sun/Cobalt RaQ or Qube systems, by exploiting a vulnerability located in...
Cobalt Linux 6.0 - RaQ (Authenticated) Privilege Escalation
source: https://www.securityfocus.com/bid/5695/info Sun has released an advisory warning that it is possible for local users to escalate priveleges on Sun/Cobalt RaQ or Qube systems, by exploiting a vulnerability located in /usr/lib/authenticate. !/bin/sh Cobalt Linux 6.0 Local Root Exploit...