1231 matches found
CVE-2001-0315
The locking feature in mIRC 5.7 allows local users to bypass the password mechanism by modifying the LockOptions registry key...
Security Hole In Shareplex
Security Hole in Shareplex 2.x ------------------------------ Summary ------- Shareplex Quest Software's product for Oracle database replication contains a security hole which can allow local users to read any file on the system, effectively bypassing the permissions set at the OS level. Details...
Linux Kernel 2.2.18 (RedHat 6.2/7.0 / 2.2.14/2.2.18/2.2.18ow4) - ptrace/execve Race Condition Privilege Escalation (2)
/ source: https://www.securityfocus.com/bid/2529/info The Linux kernel is the core of all distributions of the Linux Operating System. It was originally written by Linus Torvalds, and is maintained by a community of developers. A problem in the Linux Kernel could make it possible for a local user...
DG/UX 4.20 lpsched - 'Error Message' Local Buffer Overflow
// source: https://www.securityfocus.com/bid/2509/info DGUX is the Data General revision of UNIX. It is designed as a solution for Intel systems produced by Data General. A problem in the handling of error messages by the printer scheduler could allow arbitrary execution of code. By placing a...
FTPFS 0.1.1/0.2.1/0.2.2 - mount Buffer Overflow
source: https://www.securityfocus.com/bid/2498/info FTPFS is a Linux kernel module allowing users to mount remote files from any standard FTP server as a local filesystem. A version of FTPFS is vulnerable to a buffer overflow leading to a denial of service, and potentially execution of arbitrary...
CVE-2000-0314
traceroute in NetBSD 1.3.3 and Linux systems allows local users to flood other systems by providing traceroute with a large waittime -w option, which is not parsed properly and sets the time delay for sending packets to zero...
CVE-2001-0116
gpm 1.19.3 allows local users to overwrite arbitrary files via a symlink attack...
[SECURITY] [DSA 036-1] New version of Midnight Commander available
---------------------------------------------------------------------------- Debian Security Advisory DSA-036-1 [email protected] http://www.debian.org/security/ Martin Schulze March 7, 2001 - ---------------------------------------------------------------------------- Package : mc...
CVE-2000-0312
cron in OpenBSD 2.5 allows local users to gain root privileges via an argv that is not NULL terminated, which is passed to cron's fake popen function...
CVE-2001-0059
patchadd in Solaris allows local users to overwrite arbitrary files via a symlink attack...
CVE-2001-0087
itetris/xitetris 1.6.2 and earlier trusts the PATH environmental variable to find and execute the gunzip program, which allows local users to gain root privileges by changing their PATH so that it points to a malicious gunzip program...
CVE-2001-0019
Arrowpoint aka Cisco Content Services, or CSS allows local users to cause a denial of service via a long argument to the "show script," "clear script," "show archive," "clear archive," "show log," or "clear log" commands...
CVE-2000-1072
iCal 2.1 Patch 2 installs many files with world-writeable permissions, which allows local users to modify the iCal configuration and execute arbitrary commands by replacing the iplncal.sh program with a Trojan horse...
CVE-2000-0901
Format string vulnerability in screen 3.9.5 and earlier allows local users to gain root privileges via format characters in the vbellmsg initialization variable...
CVE-2000-0949
Heap overflow in savestr function in LBNL traceroute 1.4a5 and earlier allows a local user to execute arbitrary commands via the -g option...
CVE-2000-0296
fcheck allows local users to gain privileges by embedding shell metacharacters into file names that are processed by fcheck...
CVE-2000-1096
crontab by Paul Vixie uses predictable file names for a temporary file and does not properly ensure that the file is owned by the user executing the crontab -e command, which allows local users with write access to the crontab spool directory to execute arbitrary commands by creating...
Serious security flaw in SuSE rctab
Hi @ll, it seems that the problem described below has not been discussed on Bugtraq. Problem description ------------------- Due to a various race conditions in the init level editing script /sbin/rctab it is possible for any local user to overwrite any system's file with arbitrary data. This may...
CVE-2000-1162
ghostscript before 5.10-16 allows local users to overwrite files of other users via a symlink attack...
CVE-2000-1136
elvis-tiny before 1.4-10 in Debian GNU/Linux, and possibly other Linux operating systems, allows local users to overwrite files of other users via a symlink attack...