SCO_root_exploit.txt

Greetings, A vulnerability exists in the /usr/lib/merge/dos7utils program suid root by default which allows any user to execute any command as root. The dos7utils program gets its localeset.sh exec path from the environment variable STATICMERGE. By setting this to a directory writable by us and...

CVE-1999-0377

Process table attack in Unix systems allows a remote attacker to perform a denial of service by filling a machine's process tables through multiple connections to network services...

solaris_bof.txt

Subject: Solaris 2.7 /usr/bin/mail To: [email protected] Greetings, There is a possible buffer overflow vulnerability in Solaris 2.7's sgid mail /usr/bin/mail. The reason it's only a possibility and not a full blow exploit is that mail drops sgid privs before the overflow occurs. However ...

INN buffer overflow

...

libtermcap buffer overflow

...

process.table.attacks.txt

Date: Fri, 19 Feb 1999 16:08:06 -0500 From: "Simson L. Garfinkel" Subject: Process-table attack Wide-ranging attack works against almost any UNIX systems on the Internet ABSTRACT: The Process Table Attack is a relatively new kind of denial-of-service attack that can be waged against numerous...

tcpwrapper-backdoor.txt

Date: Thu, 21 Jan 1999 11:38:17 -0500 From: Wietse Venema To: [email protected] Subject: backdoored tcp wrapper source code TCP Wrappers is a widely-used security tool to protect UNIX systems against intrusion. In has an estimated installed base of millions. Today someone replaced the tcp...

mSQL.remote.txt

Date: Mon, 15 Feb 1999 04:56:24 -0500 From: Dave G. To: [email protected] Subject: KSRT Advisory 10: mSQL ServerStats KSRT Security Advisories http://www.ksrt.org [email protected] --- KSRT Advisory 010 Date: Feb. 15, 1999 ID : msql-info-010 Affected Program: mSQL Mini SQL 2.0.6 and below Operatin...

sshd.install.risks.txt

Date: Mon, 10 May 1999 22:26:19 +0200 From: "GWDVMS::MOELLER" Subject: Risks of upgrading a UNIX system When was the last time you rebuilt all privileged suid root' applications when upgrading a unix system, just in case? I'm pretty sure one can find small print' that demands this, however I'm...

oracle.8.0.5.intelligent.agent.txt

Date: Fri, 30 Apr 1999 14:11:39 +0100 From: Anthony Clarke To: [email protected] Subject: Huge security hole in Oracle 8.0.5 with Intellegent agent installed oracle-digested ------------- Begin Forwarded Message ------------- Subject: Huge security hole in Oracle 8.0.5 with Intellegent agent...

CVE-1999-0377

Process table attack in Unix systems allows a remote attacker to perform a denial of service by filling a machine's process tables through multiple connections to network services...

CVE-1999-0515

An unrestricted remote trust relationship for Unix systems has been set up, e.g. by using a + sign in /etc/hosts.equiv...

CVE-2004-0912

...

PT-1999-1176 · Undefined · Undefined

Name of the Vulnerable Software and Affected Versions: No specific software or versions mentioned. Description: An issue has been identified where an unrestricted remote trust relationship for Unix systems has been set up. This setup can be done, for example, by using a + sign in /etc/hosts.equiv...

RedHat Linux 4.2 SGI IRIX 6.3 Solaris 2.6 - mailx (2)

RedHat Linux 4.2 SGI IRIX 6.3 Solaris 2.6 - mailx 2 // source: https://www.securityfocus.com/bid/393/info A buffer overrun exists in the /bin/mailx program. This program was originally developed as part of BSD, and is available on many Unix systems. By supplying a long, well crafted buffer as the...

RedHat Linux 4.2 / SGI IRIX 6.3 / Solaris 2.6 - 'mailx' (2)

// source: https://www.securityfocus.com/bid/393/info A buffer overrun exists in the /bin/mailx program. This program was originally developed as part of BSD, and is available on many Unix systems. By supplying a long, well crafted buffer as the username argument, an attacker can use it to execua...

RedHat Linux 4.2 SGI IRIX 6.3 Solaris 2.6 - mailx (1)

RedHat Linux 4.2 SGI IRIX 6.3 Solaris 2.6 - mailx 1 // source: https://www.securityfocus.com/bid/393/info A buffer overrun exists in the /bin/mailx program. This program was originally developed as part of BSD, and is available on many Unix systems. By supplying a long, well crafted buffer as the...

RedHat Linux 4.2 / SGI IRIX 6.3 / Solaris 2.6 - 'mailx' (1)

// source: https://www.securityfocus.com/bid/393/info A buffer overrun exists in the /bin/mailx program. This program was originally developed as part of BSD, and is available on many Unix systems. By supplying a long, well crafted buffer as the username argument, an attacker can use it to execua...

IBM AIX 3.2/4.1 / SCO Unixware 7.1.1 / SGI IRIX 5.3 / Sun Solaris 2.5.1 - Privilege Escalation

/ source: https://www.securityfocus.com/bid/127/info Statd is the RPC NFS status daemon. It is used to communicate status information to other services or host. The version of statd shipped with many unix implementations contains a buffer overflow condition. This overflow condition exists in the...

BSDOS 2.1 Caldera UnixWare 77.1.0 FreeBSD 1.1.5.12.0 HP HP-UX 10.34 IBM AIX 4.2 SGI IRIX 6.3 SunOS 4.1.4 - libXt Library Local Overflow Local Privilege Escalation (3)

BSDOS 2.1 Caldera UnixWare 77.1.0 FreeBSD 1.1.5.12.0 HP HP-UX 10.34 IBM AIX 4.2 SGI IRIX 6.3 SunOS 4.1.4 - libXt Library Local Overflow Local Privilege Escalation 3 / source: https://www.securityfocus.com/bid/237/info The libXt library is part of the X Windows system. There are several buffer...