3257 matches found
X 11.0/3.3.3/3.3.4/3.3.5/3.3.6/4.0 - libX11 '_XAsyncReply()' Stack Corruption
// source: https://www.securityfocus.com/bid/1408/info A vulnerability exists in the XAsyncReply function of libX11. This function utilizes size information retrieved as part of a client supplied packet. This value is a signed integer. By forcing this value to be negative, it becomes possible to...
X 11.03.3.33.3.43.3.53.3.64.0 - libX11 _XAsyncReply() Stack Corruption
X 11.03.3.33.3.43.3.53.3.64.0 - libX11 XAsyncReply Stack Corruption // source: https://www.securityfocus.com/bid/1408/info A vulnerability exists in the XAsyncReply function of libX11. This function utilizes size information retrieved as part of a client supplied packet. This value is a signed...
Серьезная ошибка в ядре Linux
Недокументированный вызов setcap из чернового стандарта POSIX позволяет установить некоторые ограничения на процесс, в т.ч. CAPSETUID, которая позволяет блокировать вызов setuid. При этом эти ограничения могут быть унаследованы дочерними приложениями, что позволяет, установив подобное ограничение...
KDE 1.1.2 KApplication configfile - Local Privilege Escalation (1)
source: https://www.securityfocus.com/bid/1291/info The KDE configuration-file management has a bug which could result in root compromise. Due to insecure creation of configuration rc files via KApplication-class, local users can modify ownership of arbitrary files when running setuid root...
KDE 1.1.2 KApplication configfile - Local Privilege Escalation (1)
KDE 1.1.2 KApplication configfile - Local Privilege Escalation 1 source: https://www.securityfocus.com/bid/1291/info The KDE configuration-file management has a bug which could result in root compromise. Due to insecure creation of configuration rc files via KApplication-class, local users can...
KDE 1.1.2 KApplication configfile - Local Privilege Escalation (2)
KDE 1.1.2 KApplication configfile - Local Privilege Escalation 2 source: https://www.securityfocus.com/bid/1291/info The KDE configuration-file management has a bug which could result in root compromise. Due to insecure creation of configuration rc files via KApplication-class, local users can...
S.u.S.E Linux 4.x/5.x/6.x/7.0 / Slackware 3.x/4.0 / Turbolinux 6 / OpenLinux 7.0 - 'fdmount' Local Buffer Overflow (2)
// source: https://www.securityfocus.com/bid/1239/info A buffer overflow exists in the 0.8 version of the fdmount program, distributed with a number of popular versions of Linux. By supplying a large, well crafted buffer containing machine executable code in place of the mount point, it is possib...
S.u.S.E Linux 4.x/5.x/6.x/7.0 / Slackware 3.x/4.0 / Turbolinux 6 / OpenLinux 7.0 - 'fdmount' Local Buffer Overflow (3)
// source: https://www.securityfocus.com/bid/1239/info A buffer overflow exists in the 0.8 version of the fdmount program, distributed with a number of popular versions of Linux. By supplying a large, well crafted buffer containing machine executable code in place of the mount point, it is possib...
S.u.S.E Linux 4.x5.x6.x7.0 Slackware 3.x4.0 Turbolinux 6 OpenLinux 7.0 - fdmount Local Buffer Overflow (2)
S.u.S.E Linux 4.x5.x6.x7.0 Slackware 3.x4.0 Turbolinux 6 OpenLinux 7.0 - fdmount Local Buffer Overflow 2 // source: https://www.securityfocus.com/bid/1239/info A buffer overflow exists in the 0.8 version of the fdmount program, distributed with a number of popular versions of Linux. By supplying ...
S.u.S.E Linux 4.x5.x6.x7.0 Slackware 3.x4.0 Turbolinux 6 OpenLinux 7.0 - fdmount Local Buffer Overflow (1)
S.u.S.E Linux 4.x5.x6.x7.0 Slackware 3.x4.0 Turbolinux 6 OpenLinux 7.0 - fdmount Local Buffer Overflow 1 // source: https://www.securityfocus.com/bid/1239/info A buffer overflow exists in the 0.8 version of the fdmount program, distributed with a number of popular versions of Linux. By supplying ...
xsoldier (FreeBSD 3.3/Linux Mandrake 7.0) - Local Buffer Overflow (2)
/ source: https://www.securityfocus.com/bid/871/info Certain versions of FreeBSD 3.3 Confirmed and Linux Mandrake confirmed ship with a vulnerable binary in their X11 games package. The binary/game in question, xsoldier, is a setuid root binary meant to be run via an X windows console. The binary...
xsoldier (FreeBSD 3.3/Linux Mandrake 7.0) - Local Buffer Overflow (1)
// source: https://www.securityfocus.com/bid/871/info Certain versions of FreeBSD 3.3 Confirmed and Linux Mandrake confirmed ship with a vulnerable binary in their X11 games package. The binary/game in question, xsoldier, is a setuid root binary meant to be run via an X windows console. The binar...
xsoldier (FreeBSD 3.3Linux Mandrake 7.0) - Local Buffer Overflow (2)
xsoldier FreeBSD 3.3Linux Mandrake 7.0 - Local Buffer Overflow 2 / source: https://www.securityfocus.com/bid/871/info Certain versions of FreeBSD 3.3 Confirmed and Linux Mandrake confirmed ship with a vulnerable binary in their X11 games package. The binary/game in question, xsoldier, is a setuid...
xsoldier (FreeBSD 3.3Linux Mandrake 7.0) - Local Buffer Overflow (1)
xsoldier FreeBSD 3.3Linux Mandrake 7.0 - Local Buffer Overflow 1 // source: https://www.securityfocus.com/bid/871/info Certain versions of FreeBSD 3.3 Confirmed and Linux Mandrake confirmed ship with a vulnerable binary in their X11 games package. The binary/game in question, xsoldier, is a setui...
Security Advisory: FreeBSD-SA-00:17.libmytinfo
============================================================================= FreeBSD-SA-00:17 Security Advisory FreeBSD, Inc. Topic: Buffer overflow in libmytinfo may yield increased privileges with third-party software. Category: core Module: libmytinfo Announced: 2000-05-09 Affects: FreeBSD 3....
Security Advisory: FreeBSD-SA-00:16.golddig
============================================================================= FreeBSD-SA-00:16 Security Advisory FreeBSD, Inc. Topic: golddig port allows users to overwrite local files Category: ports Module: golddig Announced: 2000-05-09 Credits: Discovered during internal ports collection...
FreeBSD-SA-00:16.golddig
-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-00:16 Security Advisory FreeBSD, Inc. Topic: golddig port allows users to overwrite local files Category: ports Module: golddig Announced: 2000-05-09 Credits: Discovered...
freebsd libncurses overflow
b u f f e r 0 v e r f l 0 w s e c u r i t y a d v i s o r y 3 Advisory Name: libncurses buffer overflow Date: 24/4/00 Application: NCURSES 1.8.6 / FreeBSD 3.4-STABLE Vendor: FreeBSD Inc. WWW: www.freebsd.org Severity: setuid programs linked with libncurses can be exploited to obtain root access...
Solaris 7 x86 lp exploit.
Setuid proggie /usr/bin/lp has an easily exploitable buffer overflow. This exploit is for Solaris 7 x86 version, no sparc exploit is available to my knowledge. later, DiGiT / solaris 2.7 /usr/bin/lp local exploit, i386. discovered by DiGiT. try offset 150-250 if sploit fails greets: !ADM,...
Дырка в mtr
mtr использует вызов seteuid вместо setuid чтобы освободиться от привилегий root...