110 matches found
GNU Sharutils <= 4.2.1 Local Format String PoC Exploit
Exploit for linux platform in category local exploits ====================================================== GNU Sharutils includ...
GNU Sharutils <= 4.2.1 Local Format String PoC Exploit
No description provided by source. / GNU sharutils = 4.2.1 Local Format String POC Code C0ded by n4rk0tix a.k.a nrktx [email protected] Below is a l4m3 proof of concept code for da recently reported lame bug; These binaryz have not only format bugz, but also buffer overflowz,etc.We also...
GNU Sharutils 4.2.1 - Local Format String
GNU Sharutils 4.2.1 - Local Format String / GNU sharutils include include include include include include include include include define GNUSOURCE define DEFAULTDTORS...
GNU Sharutils 4.2.1 - Local Format String
/ GNU sharutils include include include include include include include include include define GNUSOURCE define DEFAULTDTORSSHAR...
Mandrake Linux Security Advisory : sharutils (MDKSA-2002:052)
The uudecode utility creates output files without checking to see if it is about to write to a symlink or pipe. This could be exploited by a local attacker to overwrite files or lead to privilege escalation if users decode data into share directories, such as /tmp. This update fixes this...
RHEL 2.1 : sharutils (RHSA-2003:180)
Updated packages for sharutils which fix potential privilege escalation using the uudecode utility are available. The sharutils package contains a set of tools for encoding and decoding packages of files in binary or text format. The uudecode utility creates an output file without checking to see...
Low: Red Hat Security Advisory: sharutils security update
Updated packages for sharutils which fix potential privilege escalation using the uudecode utility are available. The sharutils package contains a set of tools for encoding and decoding packages of files in binary or text format. The uudecode utility creates an output file without checking to see...
CVE-2002-0178
The CVE-2002-0178 issue affects the uudecode utility in the GNU Sharutils package prior to version 4.2.1, which does not validate the destination filename against pipes or symbolic links. This can allow a local attacker to overwrite files or escalate privileges by decoding into sensitive or open ...
Uudecode performs inadequate checks on user-specified output files
Overview The uudecode utility contains a vulnerability that allows an attacker to overwrite arbitrary files, symbolic links, and named pipes. Description The uudecode utility is used to decode files that have been encoded in the 7-bit printable format generated by uuencode. This format allows for...
CVE-2002-0178
uudecode, as available in the sharutils package before 4.2.1, does not check whether the filename of the uudecoded file is a pipe or symbolic link, which could allow attackers to overwrite files or execute commands...