S.u.S.E Linux 4.x/5.x/6.x/7.0 / Slackware 3.x/4.0 / Turbolinux 6 / OpenLinux 7.0 - 'fdmount' Local Buffer Overflow (3)

// source: https://www.securityfocus.com/bid/1239/info A buffer overflow exists in the 0.8 version of the fdmount program, distributed with a number of popular versions of Linux. By supplying a large, well crafted buffer containing machine executable code in place of the mount point, it is possib...

S.u.S.E Linux 4.x5.x6.x7.0 Slackware 3.x4.0 Turbolinux 6 OpenLinux 7.0 - fdmount Local Buffer Overflow (2)

S.u.S.E Linux 4.x5.x6.x7.0 Slackware 3.x4.0 Turbolinux 6 OpenLinux 7.0 - fdmount Local Buffer Overflow 2 // source: https://www.securityfocus.com/bid/1239/info A buffer overflow exists in the 0.8 version of the fdmount program, distributed with a number of popular versions of Linux. By supplying ...

xsoldier (FreeBSD 3.3Linux Mandrake 7.0) - Local Buffer Overflow (2)

xsoldier FreeBSD 3.3Linux Mandrake 7.0 - Local Buffer Overflow 2 / source: https://www.securityfocus.com/bid/871/info Certain versions of FreeBSD 3.3 Confirmed and Linux Mandrake confirmed ship with a vulnerable binary in their X11 games package. The binary/game in question, xsoldier, is a setuid...

xsoldier (FreeBSD 3.3/Linux Mandrake 7.0) - Local Buffer Overflow (2)

/ source: https://www.securityfocus.com/bid/871/info Certain versions of FreeBSD 3.3 Confirmed and Linux Mandrake confirmed ship with a vulnerable binary in their X11 games package. The binary/game in question, xsoldier, is a setuid root binary meant to be run via an X windows console. The binary...

xsoldier (FreeBSD 3.3Linux Mandrake 7.0) - Local Buffer Overflow (1)

xsoldier FreeBSD 3.3Linux Mandrake 7.0 - Local Buffer Overflow 1 // source: https://www.securityfocus.com/bid/871/info Certain versions of FreeBSD 3.3 Confirmed and Linux Mandrake confirmed ship with a vulnerable binary in their X11 games package. The binary/game in question, xsoldier, is a setui...

xsoldier (FreeBSD 3.3/Linux Mandrake 7.0) - Local Buffer Overflow (1)

// source: https://www.securityfocus.com/bid/871/info Certain versions of FreeBSD 3.3 Confirmed and Linux Mandrake confirmed ship with a vulnerable binary in their X11 games package. The binary/game in question, xsoldier, is a setuid root binary meant to be run via an X windows console. The binar...

Security Advisory: FreeBSD-SA-00:17.libmytinfo

============================================================================= FreeBSD-SA-00:17 Security Advisory FreeBSD, Inc. Topic: Buffer overflow in libmytinfo may yield increased privileges with third-party software. Category: core Module: libmytinfo Announced: 2000-05-09 Affects: FreeBSD 3....

Security Advisory: FreeBSD-SA-00:16.golddig

============================================================================= FreeBSD-SA-00:16 Security Advisory FreeBSD, Inc. Topic: golddig port allows users to overwrite local files Category: ports Module: golddig Announced: 2000-05-09 Credits: Discovered during internal ports collection...

FreeBSD-SA-00:16.golddig

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-00:16 Security Advisory FreeBSD, Inc. Topic: golddig port allows users to overwrite local files Category: ports Module: golddig Announced: 2000-05-09 Credits: Discovered...

Potential security problem with mtr

Hi. One of my users asked me to install mtr, most adequately described as a GUI:ed combination of traceroute and ping. I thought it looked cool, and had a closer look. In this mail follows a warning about a potential security problem with this program if installed as suggested. No exploit has bee...

Дырка в mtr

mtr использует вызов seteuid вместо setuid чтобы освободиться от привилегий root...

freebsd libncurses overflow

b u f f e r 0 v e r f l 0 w s e c u r i t y a d v i s o r y 3 Advisory Name: libncurses buffer overflow Date: 24/4/00 Application: NCURSES 1.8.6 / FreeBSD 3.4-STABLE Vendor: FreeBSD Inc. WWW: www.freebsd.org Severity: setuid programs linked with libncurses can be exploited to obtain root access...

Solaris 7 x86 lp exploit.

Setuid proggie /usr/bin/lp has an easily exploitable buffer overflow. This exploit is for Solaris 7 x86 version, no sparc exploit is available to my knowledge. later, DiGiT / solaris 2.7 /usr/bin/lp local exploit, i386. discovered by DiGiT. try offset 150-250 if sploit fails greets: !ADM,...

minor issue with IBM HTTPD and /usr/bin/ikeyman

Summary: /usr/bin/ikeyman is a shell script installed with setuid root permissions by the IBMHSSSB package on Solaris. The script does not seem to work very well in a Solaris 2.6 environment because of dynamic linker issues; if they are resolved, however, an unprivileged user may then be able to...

Дырка в gpm

при запуске пользовательского приложения из gmp-root сначала выполняется setuid и только потом setgid, который не срабатывает. В результате, пользовательское приложение запускается с gid wheel...

gpm-root

Hi! I've sent report about the following security hole to the authors of gpm, but they seemed to ignore the problem. The problem applies to every gpm version known by me, for example 1.18.1 and 1.19.0. To exploit this problem, gpm-root must be running on a machine and the user needs both login to...

Halloween Linux 4.0 SuSE Linux 6.06.16.26.3 - kreatecd Local Privilege Escalation

Halloween Linux 4.0 SuSE Linux 6.06.16.26.3 - kreatecd Local Privilege Escalation source: https://www.securityfocus.com/bid/1061/info A vulnerability exists in the kreatecd program for Linux. This program is a graphical front end to the cdrecord program, and is installed setuid root. This program...

FreeBSD-SA-00:10.orville-write

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-00:10 Security Advisory FreeBSD, Inc. Topic: orville-write port contains local root compromise. Category: ports Module: orville-write Announced: 2000-03-15 Affects: Ports...

Halloween Linux 4.0 / RedHat Linux 6.1/6.2 - 'imwheel' (1)

// source: https://www.securityfocus.com/bid/1060/info A vulnerability exists in the 'imwheel' package for Linux. This package is known to be vulnerable to a buffer overrun in its handling of the HOME environment variable. By supplying a sufficiently long string containing machine executable code...

Halloween Linux 4.0 RedHat Linux 6.16.2 - imwheel (2)

Halloween Linux 4.0 RedHat Linux 6.16.2 - imwheel 2 // source: https://www.securityfocus.com/bid/1060/info A vulnerability exists in the 'imwheel' package for Linux. This package is known to be vulnerable to a buffer overrun in its handling of the HOME environment variable. By supplying a...