1289 matches found
Cobalt RaQ 2.03.04.0 XTR - MultiFileUpload.php Authentication Bypass (2)
Cobalt RaQ 2.03.04.0 XTR - MultiFileUpload.php Authentication Bypass 2 source: https://www.securityfocus.com/bid/4252/info Cobalt RaQ is a server appliance for Internet-based services. It is distributed and maintained by Sun Microsystems. The 'MultiFileUpload.php' script is not sufficiently...
sastcpd Buffer Overflow and Format String Vulnerabilities
---------------------------------------------------------- sastcpd Buffer Overflow and Format String Vulnerabilities Ministry-of-Peace - www.ministryofpeace.co.uk ---------------------------------------------------------- SYNOPSIS "SAS software provides the foundation, tools, and solutions for da...
CVE-2001-0671
Buffer overflows in 1 sendstatus, 2 killprint, and 3 chkfhost in lpd in AIX 4.3 and 5.1 allow remote attackers to gain root privileges...
Flaws in recent Linux kernels
Hello, There are two bugs present in Linux kernels 2.2.x, x=19 and 2.4.y, y=9. The first vulnerability results in local DoS. The second one, involving ptrace, can be used to gain root privileges locally in case of default install of most popular distributions. Linux 2.0.x is not vulnerable to the...
Ошибка форматной строки в ToolTalk rpc.ttdbserverd (format string)
Позволяет получить привилегии root...
CVE-1999-1247
CVE-1999-1247 affects HP DCE/9000 on HP-UX 9.x via a vulnerability in the HP Camera component, enabling a local attacker to obtain root privileges. The connected documents provide the vulnerability description and affected platform but do not specify the exact root cause, vulnerable versions beyo...
CVE-1999-1319
Technical details about CVE-1999-1319 are not publicly available in the provided connected documents. Monitor for updates from official sources.
CVE-1999-1166
CVE-1999-1166 affects Linux 2.0.37 and is caused by not properly encoding the Custom segment limit, which allows local users to gain root privileges by accessing or modifying kernel memory. The connected documents reiterate the same description and do not provide a concrete remediation, workaroun...
CVE-1999-1471
CVE-1999-1471 affects BSD-based operating systems’ passwd component (versions 4.3 and earlier). The root cause is a buffer overflow when a long shell or GECOS field is supplied, enabling local users to gain root privileges. Connected documents confirm the vulnerability is local and provide no pub...
Digital Unix 4.0 - MSGCHK MH_PROFILE Symbolic Link
Digital Unix 4.0 - MSGCHK MHPROFILE Symbolic Link source: https://www.securityfocus.com/bid/3320/info The msgchk utility under certain versions of Digital Unix contains an information disclosure vulnerability which could yield root privilege. Because msgchk fails to check file permissions before...
Digital Unix 4.0 - MSGCHK MH_PROFILE Symbolic Link
source: https://www.securityfocus.com/bid/3320/info The msgchk utility under certain versions of Digital Unix contains an information disclosure vulnerability which could yield root privilege. Because msgchk fails to check file permissions before opening user configuration files in the user's hom...
Digital Unix 4.0 - MSGCHK Buffer Overflow
// source: https://www.securityfocus.com/bid/3311/info The msgchk utility under certain versions of Digital Unix contains a buffer overflow vulnerability which could yield root privilege. If a local user invokes the msgchk utility at the command line, argumented with a sufficiently long string of...
NSFOCUS SA2001-05 : Solaris Xlock Heap Overflow Vulnerability
NSFOCUS Security AdvisorySA2001-05 Topic: Solaris Xlock Heap Overflow Vulnerability Release DateЈє 2001-08-10 CVE CAN ID : CAN-2001-0652 BUGTRAQ ID : 3160 Affected system: ================ Sun Solaris 2.6 SPARC/x86 Sun Solaris 7 SPARC/x86 Sun Solaris 8 SPARC/x86 Impact: ========= NSFOCUS Security...
top format string bug exploit code (exploitable)
hi. It still seems to be affected under 3.5beta9 including this version someone said it's not the problem of exploitable vulnerability about 8 month ago , but it's possible to exploit though situation is difficult. following code and some procedure comments demonstrate it. possible to get kmem...
[SNS Advisory No.37] HTTProtect allows attackers to change the protected file using a symlink
----------------------------------------------------------------------- SNS Advisory No.37 HTTProtect allows attackers to change the protected file using a symlink Problem first discovered: Mon, 4 Jun 2001 Published: Wed, 18 Jul 2001...
Buffer overflow in BestCrypt for Linux
Product: BestCrypt for Linux Vendor: Jetico http://www.jetico.com Problem: Stack overflow Affected versions: 0.6-x - 0.8-1 and possibly older versions Fixed version: 0.8-2 is available from the Jetico website. Advisory author: Carl Livitt [email protected] -- Brief description of the problem --...
"at" is vulnerable on Solaris 7 and 8
We found that "at" in Solaris is vulnerable on Solaris 7 and 8 The kind of bug is discussed on Bugtraqid:1634 -- Generally a program that needs to display a message to the user will obtain the proper language specific string from the database using the original message as the search key and...
Solaris 2.62.67.08 whodo - Local Buffer Overflow
Solaris 2.62.67.08 whodo - Local Buffer Overflow // source: https://www.securityfocus.com/bid/2935/info The 'whodo' utility shipped with Sun Microsystems' Solaris provides a listing of users online and their activities. It is installed setuid root because it reads from the 'utmp' log as well as...
Solaris 2.6/2.6/7.0/8 whodo - Local Buffer Overflow
// source: https://www.securityfocus.com/bid/2935/info The 'whodo' utility shipped with Sun Microsystems' Solaris provides a listing of users online and their activities. It is installed setuid root because it reads from the 'utmp' log as well as from the process table. 'whodo' contains a buffer...
CVE-2000-0308
Insecure file permissions for Netscape FastTrack Server 2.x, Enterprise Server 2.0, and Proxy Server 2.5 in SCO UnixWare 7.0.x and 2.1.3 allow an attacker to gain root privileges...