CVE-2003-0192

Apache 2 before 2.0.47, and certain versions of modssl for Apache 1.3, do not properly handle "certain sequences of per-directory renegotiations and the SSLCipherSuite directive being used to upgrade from a weak ciphersuite to a strong one," which could cause Apache to use the weak ciphersuite...

CVE-2003-0194

tcpdump does not properly drop privileges to the pcap user when starting up...

SSA-2002-1121054101

...

CVE-2002-0399

...

Multiple bugs in HP Tru64 UNIX

Buffer overflows in multiple utilities, unsafe signal handling in ping...

Ayman Akt IRCIT 0.3.1 - Invite Message Remote Buffer Overflow

// source: https://www.securityfocus.com/bid/4998/info IRCIT is a terminal based IRC client for Linux and Unix systems. IRCIT contains a remote buffer overflow vulnerability. When a INVITE message is received, the supplied from user data is copied into a fixed buffer of length MAXHOSTLEN. A...

CVE-2001-1092

msgchk in Digital UNIX 4.0G and earlier allows a local user to read the first line of arbitrary files via a symlink attack on the .mhprofile file...

Menasoft SPHEREserver 0.99 - Denial of Service

// source: https://www.securityfocus.com/bid/4258/info Menasoft SPHEREserver .99 is an online role playing game server. It is vulnerable to a denial of service; multiple connections to the server can be made from a single machine, exhausting available connections and denying connections to...

CDRDAO 1.1.x - Home Directory Configuration File Symbolic Link (1)

CDRDAO 1.1.x - Home Directory Configuration File Symbolic Link 1 source: https://www.securityfocus.com/bid/3865/info CDRDAO is a freely available, open source CD recording software package available for the Unix and Linux Operating Systems. It is maintained by Andreas Mueller. When CDRDAO saves...

WU-FTPD does not properly handle file name globbing

Overview SecurityFocus and CORE Security Technologies have reported a vulnerability in WU-FTPD. WU-FTPD does not handle file name globbing properly and may allow an attacker to execute arbitrary code. WU-FTPD is a widely-used FTP daemon that is included in many UNIX and Linux distributions. This...

CVE-1999-1210

xterm in Digital UNIX 4.0B with patch kit 5 allows local users to overwrite arbitrary files via a symlink attack on a core dump file, which is created when xterm is called with a DISPLAY environmental variable set to a display that xterm cannot access...

CVE-1999-1450

Vulnerability in 1 rlogin daemon rshd and 2 scheme on SCO UNIX OpenServer 5.0.5 and earlier, and SCO UnixWare 7.0.1 and earlier, allows remote attackers to gain privileges...

Security Update: [CSSA-2001-SCO.14] Open Unix, UnixWare: uidadmin buffer overflow

To: [email protected] [email protected] [email protected] Caldera International, Inc. Security Advisory Subject: Open Unix, UnixWare: uidadmin buffer overflow Advisory number: CSSA-2001-SCO.14 Issue date: 2001 August 23 Cross reference: 1. Problem...

Important: Red Hat Security Advisory: : LPRng fails to drop supplemental group membership

When LPRng drops uid and gid, it fails to drop membership in its supplemental groups. LPRng fails to drop supplemental group membership at init time, though it does properly setuid and setgid. The result is that LPRng, and its children, maintain any supplemental groups that the process starting...

HP Openview NNM6.1 ovactiond bin exploit

Hello, Summery: HP Openview NNM6.1 and earlier running on unix have a problem with the suid bin executable ovactiond. It allows for starting of any program by just sending a trap or event to the station running the daemon. Details: in the trapd.conf the following is defined by default NNM6.1: EVE...

DGUX lpsched buffer overflow

Hi there! There's a vulnerability in DG's UNIX implementation DGUX, version R4.20MU06 and MU02 ia32 arch. The problem is when a very long, non-existant, printer name is passed to the program lpsched. It tries to format an error message and then the buffer overflow occurs... Data General was told...

WU-FTPD 2.6.0 - Remote Format Strings

WU-FTPD 2.6.0 - Remote Format Strings / 12:40 11/10/00: Tool for either attack or defense within an information warfare setting. Rather, it is a small program demonstrating proof of concept. Default values for solaris 2.8 and inetd. If you are not the intended recipient, or a person responsible f...

SLA-17.Anaconda.txt

Synnergy Laboratories Advisory SLA-2000-17 NAME Anaconda Foundation Directory NULL byte vulnerability AFFECTED Linux/UNIX with Anaconda Foundation Directory SYNOPSIS Synnergy Labs has found a flaw within Anaconda Foundation Directory that allow s a user to successfully traverse the filesystem on ...

crontab_exploit.txt

Subject: Vixie Crontab exploit code To: [email protected] Vixie Crontab exploit code begin vixie-ex ---------------------------------------------------------------------- !/bin/sh Vixie crontab exploit Local user can gain root access. Tested redhat linux : 4.2, 5.0, 5.1, 6.0 Tested vixie...

nt.rsh.rcp.txt

Date: Thu, 8 Apr 1999 19:11:54 -0700 From: Eric Gisin To: [email protected] Subject: rsh/rcp is not secure This is really a UNIX rshd bug, but it affects users of the NT clients. It's old news that the BSD rsh/rcp services are not secure, however rshd is still is enabled in many UN...