Security fix for the ALT Linux 9 package openvpn version 2.0.2-alt1

Aug. 25, 2005 Nikolay A. Fetisov 2.0.2-alt1 - New version 2.0.2: -- Security fix for several DoS attacks: CAN-2005-2531; CAN-2005-2532; CAN-2005-2533; CAN-2005-2534. -- Several minor bug fixes and improvements, see ChangeLog for details - Run in chroot by default...

dnrd -- remote buffer and stack overflow vulnerabilities

Natanael Copa reports that dnrd is vulnerable to a remote buffer overflow and a remote stack overflow. These vulnerabilities can be triggered by sending invalid DNS packets to dnrd. The buffer overflow could potentially be used to execute arbitrary code with the permissions of the dnrd daemon. No...

Slackware 8.1 / 9.0 / 9.1 / current : rsync update (SSA:2004-124-01)

New rsync packages are available for Slackware 8.1, 9.0, 9.1, and -current to fix a security issue. When running an rsync server without the chroot option it is possible for an attacker to write outside of the allowed directory. Any sites running rsync in that mode should upgrade right away and...

FreeBSD : rsync -- path sanitizing vulnerability (2689f4cb-ec4c-11d8-9440-000347a4fa7d)

An rsync security advisory reports : There is a path-sanitizing bug that affects daemon mode in all recent rsync versions including 2.6.2 but only if chroot is disabled. The bug may allow a remote user to access files outside of an rsync module's configured path with the privileges configured for...

linux/x86 chroot & standart 66 bytes

linux/x86 chroot & standart 66 bytes. Shellcode exploit for linx86 platform / Linux/x86 chroot and standart shellcode. By Okti http://okti.nm.ru ---------------------------------------------------------------------------------------------- / / Mkdir and Chroot are written in C: / include include...

linux/x86 chroot & standart 66 bytes

Exploit for linux/x86 platform in category shellcode ==================================== linux/x86 chroot & standart 66 bytes ==================================== Linux/x86 chroot and standart shellcode. By Okti http://okti.nm.ru...

linux/x86 chroot & standart 66 bytes

No description provided by source. Linux/x86 chroot and standart shellcode. By Okti http://okti.nm.ru ---------------------------------------------------------------------------------------------- / Mkdir and Chroot are written in C: / includestdio.h includeunistd.h includesys/types.h...

cdrdao (Mandrake 10.2) - Local Privilege Escalation

cdrdao Mandrake 10.2 - Local Privilege Escalation !/bin/sh cdrdao local root exploit newbug at chroot.org IRC: irc.chroot.org chroot May 2005 echo "cdrdao private exploit" echo "This exploit only for Mandrake series" echo "newbug at chroot.org" echo "May 2005" echo "checking if cdrdao is setuid...

Darryl Burgdorf Webhints Remote Command Execution Vulnerability

Description Darryl Burgdorf Webhints is prone to a remote command execution vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. Technologies Affected Colored Scripts Easy Message Board Darryl Burgdorf Webhints 1.3.0 Recommendations Block...

CVE-2005-1339

lukemftpd in Mac OS X 10.3.9 allows remote authenticated users to escape the chroot environment by logging in with their full name...

CVE-2005-1339

CVE-2005-1339 affects Mac OS X 10.3.9 where lukemftpd allows remote authenticated users to escape the chroot by logging in with their full name. The issue is rooted in lukemftpd’s chroot handling. Impact: enables escape from a restricted root environment (as described in the CVE entry and corrobo...

Postfix mail server IPv6 configuration unauthorized mail relaying

In specific configurations, for example if ran in chroot environment on IPv6 network, message relaying is not limited allowing relay to be used for SPAM sending...

CVE-2004-1124

Unknown vulnerability in chroot on SCO UnixWare 7.1.1 through 7.1.4 allows local users to escape the chroot jail and conduct unauthorized activities...

CVE-2004-1124

CVE-2004-1124 describes a local privilege/escape issue in SCO UnixWare 7.1.1–7.1.4 where the chroot jail can be broken, enabling local users to escape and perform unauthorized actions. The vulnerability affects specific binaries listed by SCO (e.g., /etc/conf/pack.d/namefs/Driver_atup.o, Driver_m...

SCO UnixWare chroot protection bypass

No description provided...

UnixWare 7.1.4 UnixWare 7.1.3 UnixWare 7.1.1 : chroot A known exploit can break a chroot prison.

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SCO Security Advisory Subject: UnixWare 7.1.4 UnixWare 7.1.3 UnixWare 7.1.1 : chroot A known exploit can break a chroot prison. Advisory number: SCOSA-2005.2 Issue date: 2005 January 14 Cross reference: sr887824 fz528555 erg712509 CAN-2004-1124 1...

CVE-2004-0609

rssh 2.0 through 2.1.x expands command line arguments before entering a chroot jail, which allows remote authenticated users to determine the existence of files in a directory outside the jail...

CVE-2004-0792

Directory traversal vulnerability in the sanitizepath function in util.c for rsync 2.6.2 and earlier, when chroot is disabled, allows attackers to read or write certain files...

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal. Directory traversal vulnerability in the sanitizepath function in util.c for rsync 2.6.2 and earlier, when chroot is disabled, allows attackers to read or write certain files. Remediation There is no fixed version f...

CVE-2004-0792

Directory traversal vulnerability in the sanitizepath function in util.c for rsync 2.6.2 and earlier, when chroot is disabled, allows attackers to read or write certain files...