CVE-2002-0896

The CVE-2002-0896 entry concerns Swatch: the throttle capability may fail to report certain events if the same event type recurs after the throttle period or when multiple events matching the same watchfor expression don’t occur post-throttle. This could allow attackers to avoid detection. No spe...

CVE-2002-0896

The throttle capability in Swatch may fail to report certain events if 1 the same type of event occurs after the throttle period, or 2 when multiple events matching the same "watchfor" expression do not occur after the throttle period, which could allow attackers to avoid detection...

Local vulnerability in libutil derived with FreeBSD 4.4-RC (and earlier)

Hello, OpenSSH derived with FreeBSD 4.4 and earlier doesn't drop privileges before messing with login class capability database. The most problematic is: if newcommand == NULL && !quietlogin && !options.uselogin fname = logingetcapstrlc, "copyright", NULL, NULL; if fname != NULL && f = fopenfname...

Arbitrary Code Execution

Overview Affected versions of this package are vulnerable to Arbitrary Code Execution libutil in OpenSSH on FreeBSD 4.4 and earlier does not drop privileges before verifying the capabilities for reading the copyright and welcome files, which allows local users to bypass the capabilities checks an...

CVE-2000-0857

The logging capability in muh 2.05d IRC server does not properly cleanse user-injected format strings, which allows remote attackers to cause a denial of service or execute arbitrary commands via a malformed nickname...

CVE-2000-0249

The FRCA vulnerability in AIX allows local users to modify arbitrary files via the frcactrl configuration capability when the FRCA kernel module is loaded. A root-privilege escalation is possible because the setuid frcactrl enables non-root users to manipulate FRCA configuration and log files. Af...

CVE-2000-0249

The AIX Fast Response Cache Accelerator FRCA allows local users to modify arbitrary files via the configuration capability in the frcactrl program...

Linux Kernel 2.2.x 2.4.0-test1 (SGI ProPack 1.21.3) - Sendmail Capabilities Privilege Escalation(1)

Linux Kernel 2.2.x 2.4.0-test1 SGI ProPack 1.21.3 - Sendmail Capabilities Privilege Escalation1 / source: https://www.securityfocus.com/bid/1322/info POSIX "Capabilities" have recently been implemented in the Linux kernel. These "Capabilities" are an additional form of privilege control to enable...

beos.dos.txt

Problem: It is possible to crash the BeOS networking process. Discussion: The BeOS networking stack crashes when certain malformed packets are sent to it. This document explains two such packets. The first is an IP packet with the protocol field set to TCP. If the IP length field is set to be...

smurf.BIP-hunting-nmap.txt

Date: Thu, 31 Dec 1998 15:22:14 -0500 From: Fyodor To: [email protected] Subject: Re: netscan.org - broadcast ICMP list http://netscan.org has the first relatively complete database of ICMP directed broadcast networks "smurf amplifiers". All allocated IP addresses ending in .0 or .255 have bee...

Security update 1970-01-01

...