1652 matches found
FreeBSD-SA-04:03.jail
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-04:03.jail Security Advisory The FreeBSD Project Topic: Jailed processes can attach to other jails Category: core Module: kernel Announced: 2004-02-25 Credits: JA...
jailed processes can attach to other jails
A programming error has been found in the jailattach2 system call which affects the way that system call verifies the privilege level of the calling process. Instead of failing immediately if the calling process was already jailed, the jailattach system call would fail only after changing the...
jailed processes can manipulate host routing tables
A programming error resulting in a failure to verify that an attempt to manipulate routing tables originated from a non-jailed process. Jailed processes running with superuser privileges could modify host routing tables. This could result in a variety of consequences including packets being sent...
mksnap_ffs clears file system options
The kernel interface for creating a snapshot of a filesystem is the same as that for changing the flags on that filesystem. Due to an oversight, the mksnapffs8 command called that interface with only the snapshot flag set, causing all other flags to be reset to the default value. A regularly...
Planet switches unauthorized access
There is a backdoor account 'superuser' with 'planet' password via any VLAN...
Sun Solstice AdminSuite ships with insecure default configuration
Overview The sadmind service provided on many Solaris and SunOS systems ships with an insecure default configuration that allows remote users to execute arbitrary commands with superuser root privileges. Description The Sun Microsystems Solstice AdminSuite is a graphical tool that allows Solaris...
Sun Solaris "/usr/lib/utmp_update" contains buffer overflow
Overview A vulnerability in Sun Solaris "/usr/lib/utmpupdate" may allow a local attacker to gain superuser privileges. Description A buffer overflow vulnerability exists in Sun Solaris "/usr/lib/utmpupdate". For more information, please see Sun Alert 55260. --- Impact A local attacker may be able...
CVE-2002-0755
Kerberos 5 su k5su in FreeBSD 4.5 and earlier does not verify that a user is a member of the wheel group before granting superuser privileges, which could allow unauthorized users to execute commands as root...
CERT Advisory CA-2002-35 Vulnerability in RaQ 4 Servers
-----BEGIN PGP SIGNED MESSAGE----- CERT Advisory CA-2002-35 Vulnerability in RaQ 4 Servers Original release date: December 11, 2002 Last revised: -- Source: CERT/CC A complete revision history can be found at the end of this file. Systems Affected Sun Cobalt RaQ 4 Server Appliances with the...
Samba contains a remotely exploitable stack buffer overflow
Overview A remotely exploitable stack buffer overflow exists in the Samba server daemon smbd. Description Versions 2.2.2 through 2.2.6 of Samba contain a remotely exploitable stack buffer overflow. The Samba Team describes Samba as follows:The Samba software suite is a collection of programs that...
Cisco VPN 5000 Client - Buffer Overrun (1)
Cisco VPN 5000 Client - Buffer Overrun 1 // source: https://www.securityfocus.com/bid/5734/info Buffer overrun vulnerabilities have been reported in the Cisco VPN 5000 UNIX clients available for Linux and Solaris systems. The condition affects the binaries 'closetunnel' and 'opentunnel', both...
Cisco VPN 5000 Client - Buffer Overrun (2)
Cisco VPN 5000 Client - Buffer Overrun 2 // source: https://www.securityfocus.com/bid/5734/info Buffer overrun vulnerabilities have been reported in the Cisco VPN 5000 UNIX clients available for Linux and Solaris systems. The condition affects the binaries 'closetunnel' and 'opentunnel', both...
Cisco VPN 5000 Client - Buffer Overrun (2)
// source: https://www.securityfocus.com/bid/5734/info Buffer overrun vulnerabilities have been reported in the Cisco VPN 5000 UNIX clients available for Linux and Solaris systems. The condition affects the binaries 'closetunnel' and 'opentunnel', both installed setuid root by default. Malicious...
Cisco VPN 5000 Client - Buffer Overrun (1)
// source: https://www.securityfocus.com/bid/5734/info Buffer overrun vulnerabilities have been reported in the Cisco VPN 5000 UNIX clients available for Linux and Solaris systems. The condition affects the binaries 'closetunnel' and 'opentunnel', both installed setuid root by default. Malicious...
CVE-2002-0755
Kerberos 5 su k5su in FreeBSD 4.5 and earlier does not verify that a user is a member of the wheel group before granting superuser privileges, which could allow unauthorized users to execute commands as root...
FreeBSD-SA-02:31.openssh
-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-02:31 Security Advisory The FreeBSD Project Topic: openssh contains remote vulnerability Category: core Module: OpenSSH Announced: 2002-07-15 Credits: ISS X-Force Theo...
ISS Advisory: OpenSSH Remote Challenge Vulnerability
Internet Security Systems Security Advisory June 26, 2002 OpenSSH Remote Challenge Vulnerability Synopsis: ISS X-Force has discovered a serious vulnerability in the default installation of OpenSSH on the OpenBSD operating system. OpenSSH is a free version of the SSH Secure Shell communications...
CVE-2001-1172
OmniSecure HTTProtect 1.1.1 is affected by a local privilege escalation: a superuser without omnish privileges can modify a protected file by creating a symbolic link to that file. Root cause is improper protection against symbolic link exploitation in HTTProtect, allowing bypass of protection me...
Richard Gooch SimpleInit 2.0.2 - Open File Descriptor
Richard Gooch SimpleInit 2.0.2 - Open File Descriptor // source: https://www.securityfocus.com/bid/5001/info A vulnerability has been reported for simpleinit that may allow users to execute arbitrary commands as the superuser. The vulnerability occurs because simpleinit may allow some child...
Richard Gooch SimpleInit 2.0.2 - Open File Descriptor
// source: https://www.securityfocus.com/bid/5001/info A vulnerability has been reported for simpleinit that may allow users to execute arbitrary commands as the superuser. The vulnerability occurs because simpleinit may allow some child processes to inherit a file descriptor with read-write...