227 matches found
CVE-2006-6008
ftpd in Linux Netkit linux-ftpd 0.17, and possibly other versions, does not check the return status of certain seteuid, setgid, and setuid calls, which might allow remote authenticated users to gain privileges if these calls fail in cases such as PAM failures or resource limits, a different...
CVE-2006-6008
ftpd in Linux Netkit linux-ftpd 0.17, and possibly other versions, does not check the return status of certain seteuid, setgid, and setuid calls, which might allow remote authenticated users to gain privileges if these calls fail in cases such as PAM failures or resource limits, a different...
DEBIAN-CVE-2006-6008
ftpd in Linux Netkit linux-ftpd 0.17, and possibly other versions, does not check the return status of certain seteuid, setgid, and setuid calls, which might allow remote authenticated users to gain privileges if these calls fail in cases such as PAM failures or resource limits, a different...
CVE-2006-6008
ftpd in Linux Netkit linux-ftpd 0.17, and possibly other versions, does not check the return status of certain seteuid, setgid, and setuid calls, which might allow remote authenticated users to gain privileges if these calls fail in cases such as PAM failures or resource limits, a different...
CVE-2006-6008
ftpd in Linux Netkit linux-ftpd 0.17, and possibly other versions, does not check the return status of certain seteuid, setgid, and setuid calls, which might allow remote authenticated users to gain privileges if these calls fail in cases such as PAM failures or resource limits, a different...
CVE-2006-6008
CVE-2006-6008 covers ftpd in Linux Netkit (linux-ftpd) 0.17 (and possibly other versions) where return statuses of seteuid, setgid, and setuid are not checked. This can allow remote authenticated users to gain privileges if these calls fail (e.g., PAM failures or resource limits). This is describ...
CVE-2006-6008
ftpd in Linux Netkit linux-ftpd 0.17, and possibly other versions, does not check the return status of certain seteuid, setgid, and setuid calls, which might allow remote authenticated users to gain privileges if these calls fail in cases such as PAM failures or resource limits, a different...
GLSA-200611-05 : Netkit FTP Server: Privilege escalation
The remote host is affected by the vulnerability described in GLSA-200611-05 Netkit FTP Server: Privilege escalation Paul Szabo reported that an incorrect seteuid call after the chdir function can allow an attacker to access a normally forbidden directory, in some very particular circumstances, f...
DSA-1217 linux-ftpd
Bulletin has no description...
NetKit FTP Server chdir错误设置用户UID/GID漏洞
NetKit是运行在Linux平台下的工具包。 Netkit FTP Server在处理用户的UID/GID时存在漏洞,导致在某些情况下用户无法访问目录。 Netkit FTP Server(ftpd)在为登录进服务器的用户设置UID/GID之前以root身份执行了chdir操作,这可能导致某些情况下,比如通过NFS输出HOME目录共享,导致目前设置错误的访问权限。 Netkit Linux Netkit 0.17 Gentoo已经为此发布了一个安全公告(GLSA-200611-05)以及相应补丁: GLSA-200611-05:Netkit FTP Server: Privilege...
Netkit FTP Server: Privilege escalation
Background net-ftp/netkit-ftpd is the Linux Netkit FTP server with optional SSL support. Description Paul Szabo reported that an incorrect seteuid call after the chdir function can allow an attacker to access a normally forbidden directory, in some very particular circumstances, for example when...
Netkit FTP Server protection bypass
Invalid chroot and seteuid usage under some circumstances allow FTP root directory bypass...
[Full-disclosure] [ GLSA 200611-05 ] Netkit FTP Server: Privilege escalation
Gentoo Linux Security Advisory GLSA 200611-05 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity:...
Ubuntu 4.10 : netkit-telnet vulnerabilities (USN-101-1)
A buffer overflow was discovered in the telnet client's handling of the LINEMODE suboptions. By sending a specially constructed reply containing a large number of SLC Set Local Character commands, a remote attacker i. e. a malicious telnet server could execute arbitrary commands with the privileg...
linux-ftpd-ssl: Remote buffer overflow
Background linux-ftpd-ssl is the netkit FTP server with encryption support. Description A buffer overflow vulnerability has been found in the linux-ftpd-ssl package. A command that generates an excessively long response from the server may overrun a stack buffer. Impact An attacker that has...
GLSA-200503-36 : netkit-telnetd: Buffer overflow
The remote host is affected by the vulnerability described in GLSA-200503-36 netkit-telnetd: Buffer overflow A buffer overflow has been identified in the slcaddreply function of netkit-telnetd client, where a large number of SLC commands can overflow a fixed size buffer. Impact : Successful...
[SECURITY] [DSA 697-1] New netkit-telnet packages fix arbitrary code execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 697-1 [email protected] http://www.debian.org/security/ Martin Schulze March 29th, 2005 http://www.debian.org/security/faq -...
Debian DSA-697-1 : netkit-telnet - buffer overflow
Gael Delalleau discovered a buffer overflow in the handling of the LINEMODE suboptions in telnet clients. This can lead to the execution of arbitrary code when connected to a malicious server. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this...
Debian DSA-699-1 : netkit-telnet-ssl - buffer overflow
Gael Delalleau discovered a buffer overflow in the handling of the LINEMODE suboptions in telnet clients. This can lead to the execution of arbitrary code when connected to a malicious server. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this...
[SECURITY] [DSA 678-1] New netkit-rwho packages fix denial of service
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 678-1 [email protected] http://www.debian.org/security/ Martin Schulze February 11th, 2005 http://www.debian.org/security/faq -...