AIX 7.1 TL 2 : malloc (IV61314)

It has been identified that the runtime linker allows privilege escalation via arbitrary file writes with elevated privileges programs. When MALLOCOPTIONS and MALLOCBUCKETS environment variables are set with bucket statistics options and by executing certain setuid programs, a non-privileged user...

Alsaplayer 0.99.71 Local Buffer Overflow Vulnerablity

No description provided by source. source: http://www.securityfocus.com/bid/5767/info Alsaplayer is a PCM player that utilizes the ALSA libraries and drivers. It is availabe for Linux and Unix platforms. A vulnerability has been discovered in Alsaplayer. By specifying an overly long add-on path, ...

Linux kernel 2.2/2.4 procfs Stream Redirection to Process Memory Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2937/info The Linux /proc filesystem is a virtual filesystem provided by the Linux Kernel as an interface to some process and system information and parameters. Under certain circumstances, an access validation error may...

HP-UX 9.x/10.x/11.x cu Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1886/info cu is a unix utility that is used for communication between two hosts usually over phone lines. It is typically isntalled setuid root so that it can access communications hardware when executed by a regular user...

KDE 1.1.2 KApplication configfile vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/1291/info The KDE configuration-file management has a bug which could result in root compromise. Due to insecure creation of configuration rc files via KApplication-class, local users can modify ownership of arbitrary fil...

openmovieeditor <= 0.0.20060901 (name) Local Buffer Overflow Exploit

No description provided by source. / openmovieeditor buffer overflow exploit by qnix qnixatbsdmaildotorg Dont forget to change the return address RETADDR -------------------------- devil: \ envt/envt -s 2 Shellcode: linux/x86 setuid0,setgid0 execve/bin/sh, /bin/sh, NULL 37 bytes + Setting memory...

kosch suid wrapper 1.1.1 - Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2837/info A boundary condition error exists in suid wrapper or 'su-wrapper.' The overflow occurs when a string exceeding approximately 1032 characters is given as the first argument when the program is run. Because the...

Oracle Database Server 9.0.x Oracle Binary Local Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8844/info Oracle Database Server 'oracle' binary has been reported prone to a local buffer overflow vulnerability. The issue likely presents itself due to a lack of sufficient boundary checks performed on command line...

AIX 6.1 TL 9 : malloc (IV60935)

It has been identified that the runtime linker allows privilege escalation via arbitrary file writes with elevated privileges programs. When MALLOCOPTIONS and MALLOCBUCKETS environment variables are set with bucket statistics options and by executing certain setuid programs, a non-privileged user...

Oracle <= 8 8.1.5 Intelligent Agent Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/585/info A vulnerability in the Oracle Intelligent Agent allows local malicious users to execute arbitrary commands and to create world writable files as the root user. The problem lies in the dbsnmp program located in...

AT Computing atsar_linux 1.4 File Manipulation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1048/info atsar is a linux load monitoring software package released under the GPL by AT Computing. atsadc is a setuid root binary that is included in the atsar package. atsadc is setuid because it obtains informatin via...

Digital Unix 4.0 MSGCHK MH_PROFILE Symbolic Link Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3320/info The msgchk utility under certain versions of Digital Unix contains an information disclosure vulnerability which could yield root privilege. Because msgchk fails to check file permissions before opening user...

VMWare Setuid vmware-mount Unsafe popen(3)

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' require 'rex' require...

BSD/OS <= 2.1,Caldera UnixWare 7/7.1 .0,FreeBSD FreeBSD 1.1.5 .1/2.0 ,HP HP-UX <= 10.34,IBM AIX <= 4.2,SGI IRIX <= 6.3,SunOS <= 4.1.4 libXt library Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/237/info The libXt library is part of the X Windows system. There are several buffer overflow conditions that may allow an unauthorized user to gain root privileges through setuid and setgid programs that are linked to...

GNU GNATS 4.0/4.1 Gen-Index Arbitrary Local File Disclosure/Overwrite Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/14169/info GNU GNATS gen-index allows local attackers to disclose and overwrite arbitrary files. A successful attack can result in privilege escalation and a complete compromise of the affected computer as gen-index is...

Tech-Source Raptor GFX PGX32 2.3.1 Config Tool Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1563/info Raptor GFX cards are designed to handle 24-bit true color applications such as Netscape, seismic, geographical information systems GIS, satellite imaging, pre-press imaging and general desktop use. They can also...

Adobe Version Cue 1.0/1.0.1 - Local Root Exploit (OSX)

No description provided by source. !/usr/bin/perl Adobe Version Cue VCNativeOSX: local root exploit. by: vade79/v9 [email protected] fakehalo/realhalo Adobe Version Cue's VCNative program writes data to a log file in the current working directory while running as setuid root. the logfile is formated...

Solaris 8 libsldap Buffer Overflow Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/2931/info Solaris 8 ships with a shared library that implements LDAP functionality called 'libsldap'. This library is linked to by a number of system utilities, many of them installed setuid or setgid. Libsldap contains a...

Adobe Version Cue 1.0/1.0.1 - (-lib) Local Root Exploit (OSX)

No description provided by source. / Adobe Version Cue VCNativeOSX: local root exploit. dyld by: vade79/v9 [email protected] fakehalo/realhalo Adobe Version Cue's VCNative program allows un-privileged local users to load arbitrary librariesbundles while running setuid root. this is done via the -lib...

Solaris 2.6/7.0/8 netpr Buffer Overflow Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/1200/info A buffer overrun exists in the 'netpr' program, part of the SUNWpcu LP package included with Solaris, from Sun Microsystems. Versions of netpr on Solaris 2.6 and 7, on both Sparc and x86 have been confirmed as...