766 matches found
CVE-2000-0314
traceroute in NetBSD 1.3.3 and Linux systems allows local users to flood other systems by providing traceroute with a large waittime -w option, which is not parsed properly and sets the time delay for sending packets to zero...
glibc-resolve-tr.sh
Charles Stevenson glibc-2.2 and openssh-2.3.0p1 Debian 2.3 , Redhat 7.0 This exploits is for glibc = 2.1.9x. [email protected] Edit this if you have a problem with path ssh=/usr/bin/ssh traceroute=/usr/sbin/traceroute FILE=/etc/shadow File to read echo "$ssh" echo " Checking permisions..." if...
CVE-2000-0949
Heap overflow in savestr function in LBNL traceroute 1.4a5 and earlier allows a local user to execute arbitrary commands via the -g option...
CVE-2000-0949
CVE-2000-0949 describes a heap overflow in the savestr function of LBNL traceroute 1.4a5 and earlier. A local user can execute arbitrary commands via the -g option. The connected Mandrake advisory notes the traceroute program is setuid root and that a segfault/overflow could potentially lead to r...
Возможная проблема в BSD traceroute
Переполнение кучи при очень большой длине адреса вызываемого хоста...
traceroute-4.4BSD (slack) heap overflow
Hi, A while ago I was studying the source code for this traceroute... I found this in the inetname function: ... static char line50; ... if cp void strcpyline, cp; else ... The cp variable holds at that point the hostname for the current host it's tracing. If the hostname is something like a litt...
CVE-2000-0949
Heap overflow in savestr function in LBNL traceroute 1.4a5 and earlier allows a local user to execute arbitrary commands via the -g option...
LBL Traceroute - Local Privilege Escalation
/ MasterSecuritY openwall.c - Local root exploit in LBNL traceroute Copyright C 2000 Michel "MaXX" Kaempf Updated versions of this exploit and the corresponding advisory will be made available at: ftp://maxx.via.ecp.fr/traceroot/ This program is free software; you can redistribute it and/or modif...
traceroute Local Root Exploit
Exploit for linux platform in category local exploits ============================= traceroute Local Root Exploit ============================= / MasterSecuritY openwall.c - Local root exploit in LBNL traceroute Copyright C 2000 Michel "MaXX" Kaempf Updated versions of this exploit and the...
LBL Traceroute - Local Privilege Escalation
LBL Traceroute - Local Privilege Escalation / MasterSecuritY openwall.c - Local root exploit in LBNL traceroute Copyright C 2000 Michel "MaXX" Kaempf Updated versions of this exploit and the corresponding advisory will be made available at: ftp://maxx.via.ecp.fr/traceroot/ This program is free...
[SECURITY] New versions of Debian traceroute packages
Package: traceroute Vulnerability: local root exploit Debian-specific: no Vulnerable: yes In versions of the traceroute package before 1.4a5-3, it is possible for a local user to gain root access by exploiting an argument parsing error. This problem is fixed in version 1.4a5-3, uploaded to Debian...
[SECURITY] New versions of Debian traceroute packages
---------------------------------------------------------------------------- Debian Security Advisory [email protected] http://www.debian.org/security/ Daniel Jacobowitz October 13, 2000 - ---------------------------------------------------------------------------- Package: traceroute...
Дырка в traceroute
Используется функция free с невыделенным фрагментом памяти. Потенциально это позволяет переписать часть данных в стеке процесса...
lbl-traceroute.txt
LBL traceroute exploit. By Dvorak, Synnergy Networks www.synnergy.net Vulnerable: All versions of LBL traceroute using savestr. See Chris Evans post in bugtraq http://www.securityfocus.com/archive/1/136215 Discovery: Pekka Savola [email protected] Published to bugtraq by: Chris Evans...
Traceroute exploit + story
LBL traceroute exploit. By Dvorak, Synnergy Networks www.synnergy.net Vulnerable: All versions of LBL traceroute using savestr. See Chris Evans post in bugtraq http://www.securityfocus.com/archive/1/136215 Discovery: Pekka Savola [email protected] Published to bugtraq by: Chris Evans...
Very interesting traceroute flaw
Hi, CREDIT ====== I'm starting with a credit section because I did not discover this flaw. The flaw was discovered by Pekka Savola [email protected], who noted that traceroute could be caused to crash, which is pretty suboptimal behaviour for a suid-root program :- I took this forward and specula...
LBL Traceroute 1.4 a5 - Heap Corruption (2)
LBL Traceroute 1.4 a5 - Heap Corruption 2 // source: https://www.securityfocus.com/bid/1739/info Traceroute is a well-known network diagnostic tool used for analyzing the path on a network between two hosts. On unix systems, traceroute is typically installed setuid root because of its use of raw...
LBL Traceroute 1.4 a5 - Heap Corruption (1)
// source: https://www.securityfocus.com/bid/1739/info Traceroute is a well-known network diagnostic tool used for analyzing the path on a network between two hosts. On unix systems, traceroute is typically installed setuid root because of its use of raw sockets. Certain versions of LBNL tracerou...
LBL Traceroute 1.4 a5 - Heap Corruption (2)
// source: https://www.securityfocus.com/bid/1739/info Traceroute is a well-known network diagnostic tool used for analyzing the path on a network between two hosts. On unix systems, traceroute is typically installed setuid root because of its use of raw sockets. Certain versions of LBNL tracerou...
LBL Traceroute 1.4 a5 - Heap Corruption (3)
LBL Traceroute 1.4 a5 - Heap Corruption 3 // source: https://www.securityfocus.com/bid/1739/info Traceroute is a well-known network diagnostic tool used for analyzing the path on a network between two hosts. On unix systems, traceroute is typically installed setuid root because of its use of raw...