Lucene search
+L

1289 matches found

securityvulns
securityvulns
added 2004/09/15 12:0 a.m.65 views

SUS 2.0.2 local root vulnerability

LSS Security Advisories http://security.lss.hr --- Title : SUS 2.0.2 local root vulnerability Advisory ID : LSS2004-09-01 Date : September 14th, 2004 Advisory URL: : http://security.lss.hr/index.php?page=details&ID=LSS-2004-09-01 Impact : Any user can obtain root privileges Risk level : High...

0.7AI score
Exploits0
Gentoo Linux
Gentoo Linux
added 2004/09/14 12:0 a.m.47 views

cdrtools: Local root vulnerability in cdrecord if set SUID root

Background The cdrtools package is a set of tools for CD recording, including the popular cdrecord command-line utility. Description Max Vozeler discovered that the cdrecord utility, when set to SUID root, fails to drop root privileges before executing a user-supplied RSH program. By default,...

7.2CVSS6.1AI score0.01725EPSS
Exploits1
securityvulns
securityvulns
added 2004/09/08 12:0 a.m.47 views

[Full-Disclosure] MDKSA-2004:091 - Updated cdrecord packages fix local root vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandrakelinux Security Update Advisory Package name: cdrecord Advisory ID: MDKSA-2004:091 Date: September 7th, 2004 Affected versions: 10.0, 9.2 Problem Description: Max Vozeler found that the cdrecord program, which is suid root, fails to drop euid=0...

7.2CVSS0.4AI score0.01725EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2004/08/20 12:0 a.m.17 views

Debian proftpd root Privilege Escalation

Binary data 1817.prm...

7.5CVSS7.3AI score0.05882EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2004/07/31 12:0 a.m.35 views

Mandrake Linux Security Advisory : openssh (MDKSA-2002:019)

Joost Pol found a bug in the channel code of all versions of OpenSSH from 2.0 to 3.0.2. This bug can allow authenticated users with an existing account on the vulnerable system to obtain root privilege or by a malicious server attacking a vulnerable client. OpenSSH 3.1 is not vulnerable to this...

10CVSS7.7AI score0.14804EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2004/07/31 12:0 a.m.34 views

Mandrake Linux Security Advisory : mm (MDKSA-2002:045)

Marcus Meissner and Sebastian Krahmer discovered a temporary file vulnerability in the mm library which is used by the Apache webserver. This vulnerability can be exploited to obtain root privilege if shell access to the apache user typically apache or nobody is already obtained. %NASLMINLEVEL...

6.2CVSS5.4AI score0.0096EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2004/07/31 12:0 a.m.27 views

Mandrake Linux Security Advisory : sudo (MDKSA-2002:003)

The SuSE Security Team discovered a vulnerability in sudo that can be exploited to obtain root privilege because sudo is installed setuid root. An attacker could trick sudo to log failed sudo calls executing the sendmail or equivalent mailer program with root privileges and an environment that is...

7.2CVSS5.5AI score0.00938EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2004/07/31 12:0 a.m.40 views

Mandrake Linux Security Advisory : samba (MDKSA-2003:032)

The SuSE security team, during an audit of the Samba source code, found a flaw in the main smbd code which could allow an external attacker to remotely and anonymously gain root privilege on a system running the Samba server. This flaw exists in all version of Samba 2.x up to and including 2.2.7a...

10CVSS5.6AI score0.87923EPSS
Exploits6References3
Tenable Nessus
Tenable Nessus
added 2004/07/31 12:0 a.m.37 views

Mandrake Linux Security Advisory : kernel (MDKSA-2004:001)

A flaw in bounds checking in mremap in the Linux kernel versions 2.4.23 and previous was discovered by Paul Starzetz. This flaw may be used to allow a local attacker to obtain root privilege. Another minor information leak in the RTC real time clock routines was fixed as well. All Mandrake Linux...

7.2CVSS5.3AI score0.01233EPSS
Exploits3References2
Tenable Nessus
Tenable Nessus
added 2004/07/31 12:0 a.m.28 views

Mandrake Linux Security Advisory : tcltk (MDKSA-2002:060)

Some problems were discovered with the Tcl/Tk development environment. The expect application would search for its libraries in /var/tmp prior to searching in other directories, which could allow a local user to gain root privilege by writing a trojan library and waiting for the root user to run...

7.2CVSS6AI score0.00411EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2004/07/31 12:0 a.m.27 views

Mandrake Linux Security Advisory : cups (MDKSA-2003:001)

iDefense reported several security problems in CUPS that can lead to local and remote root compromise. An integer overflow in the HTTP interface can be used to gain remote access with CUPS privilege. A local file race condition can be used to gain root privilege, although the previous bug must be...

10CVSS6.1AI score0.15472EPSS
Exploits7References9
Tenable Nessus
Tenable Nessus
added 2004/07/23 12:0 a.m.25 views

Fedora Core 1 : kernel-2.4.22-1.2138.nptl (2003-046)

Paul Starzetz discovered a flaw in bounds checking in mremap in the Linux kernel versions 2.4.23 and previous which may allow a local attacker to gain root privileges. No exploit is currently available; however, it is believed that this issue is exploitable although not trivially. The Common...

7.2CVSS5.4AI score0.01233EPSS
Exploits3References3
Tenable Nessus
Tenable Nessus
added 2004/07/06 12:0 a.m.33 views

RHEL 2.1 : sendmail (RHSA-2003:074)

Updated Sendmail packages are available to fix a vulnerability that may allow remote attackers to gain root privileges by sending a carefully crafted message. Updated March 18 2003 Added packages for Red Hat Enterprise Linux ES and Red Hat Enterprise Linux WS. Sendmail is a widely used Mail...

10CVSS6AI score0.72202EPSS
Exploits1References3
NVD
NVD
added 2004/03/03 5:0 a.m.26 views

CVE-2004-0077

The domremap function for the mremap system call in Linux 2.2 to 2.2.25, 2.4 to 2.4.24, and 2.6 to 2.6.2, does not properly check the return value from the domunmap function when the maximum number of VMA descriptors is exceeded, which allows local users to gain root privileges, a different...

7.2CVSS6.3AI score0.02434EPSS
Exploits2References36
OSV
OSV
added 2004/02/18 12:0 a.m.30 views

DSA-441 linux-kernel-2.4.17-mips+mipsel - missing function return value check

Bulletin has no description...

7.2CVSS6.2AI score0.02434EPSS
Exploits2
RedHat Linux
RedHat Linux
added 2003/11/17 8:25 p.m.7 views

Important: Red Hat Security Advisory: : Updated XFree86 packages provide security and bug fixes

Updated XFree86 packages for Red Hat Linux 9 provide security fixes to font libraries and XDM. XFree86 is an implementation of the X Window System providing the core graphical user interface and video drivers in Red Hat Linux. XDM is the X display manager. Multiple integer overflows in the transf...

10CVSS6.3AI score0.05848EPSS
Exploits0
securityvulns
securityvulns
added 2003/11/13 12:0 a.m.38 views

NSFOCUS SA2003-07: HP-UX Software Distributor Buffer Overflow Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 NSFOCUS Security AdvisorySA2003-07 Topic: HP-UX Software Distributor Buffer Overflow Vulnerability Release Date: 2003-11-13 CVE CAN ID: CAN-2003-0089 http://www.nsfocus.com/english/homepage/research/0307.htm Affected system: =================== - -...

7.2CVSS0.2AI score0.01396EPSS
Exploits0
securityvulns
securityvulns
added 2003/10/17 12:0 a.m.59 views

OpenServer 5.0.7 OpenServer 5.0.6 OpenServer 5.0.5 : Multiple security vulnerabilities in Xsco

To: [email protected] [email protected] [email protected] -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SCO Security Advisory Subject: OpenServer 5.0.7 OpenServer 5.0.6 OpenServer 5.0.5 : Multiple security vulnerabilities in Xsco Advisory number: CSSA-2003-SCO.26...

7.2CVSS0.6AI score0.01058EPSS
Exploits1
Debian
Debian
added 2003/09/18 11:50 p.m.24 views

[SECURITY] [DSA-385-1] New hztty packages fix buffer overflows

-------------------------------------------------------------------------- Debian Security Advisory DSA 385-1 [email protected] http://www.debian.org/security/ Matt Zimmerman September 18th, 2003 http://www.debian.org/security/faq -...

7.2CVSS7AI score0.01058EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2003/07/08 8:37 p.m.4 views

Critical: Red Hat Security Advisory: : : : Updated sendmail packages fix vulnerabilities

Updated Sendmail packages are available for Red Hat Linux on IBM iSeries and pSeries systems to fix a vulnerability that allows local and possibly remote attackers to gain root privileges as well as a vulnerability that may allow remote attackers to gain root privileges by sending a carefully...

10CVSS6.2AI score0.72202EPSS
Exploits3References2
Rows per page
Query Builder