1038 matches found
Linux VServer Project 1.2x - Chroot Breakout
Linux VServer Project 1.2x - Chroot Breakout / source: https://www.securityfocus.com/bid/9596/info VServer is reported prone to a breakout vulnerability that allows a malicious user to escape from the context of the chrooted root directory of the virtual server. This issue is due to the VServer...
vserver_chroot.txt
Hi securityfocus, a small exploit from me which brakes out of a vserver, also if secured with "chmod 000 /vservers". It is a modification of the known "chroot-again" exploit. It belongs to chroots but also to the vserver project. Tested with linux 2.4.24 and vserver 1.24. The bug was posted to th...
Linux VServer Project 1.2x - Chroot Breakout
/ source: https://www.securityfocus.com/bid/9596/info VServer is reported prone to a breakout vulnerability that allows a malicious user to escape from the context of the chrooted root directory of the virtual server. This issue is due to the VServer application failing to secure itself against a...
CVE-2004-1124
Unknown vulnerability in chroot on SCO UnixWare 7.1.1 through 7.1.4 allows local users to escape the chroot jail and conduct unauthorized activities...
CVE-2003-0962
Heap-based buffer overflow in rsync before 2.5.7, when running in server mode, allows remote attackers to execute arbitrary code and possibly escape the chroot jail...
DEBIAN-CVE-2003-0962
Heap-based buffer overflow in rsync before 2.5.7, when running in server mode, allows remote attackers to execute arbitrary code and possibly escape the chroot jail...
CVE-2003-0962
Heap-based buffer overflow in rsync before 2.5.7, when running in server mode, allows remote attackers to execute arbitrary code and possibly escape the chroot jail...
CVE-2003-0962
Heap-based buffer overflow in rsync before 2.5.7, when running in server mode, allows remote attackers to execute arbitrary code and possibly escape the chroot jail...
CVE-2003-0962
Heap-based buffer overflow in rsync before 2.5.7, when running in server mode, allows remote attackers to execute arbitrary code and possibly escape the chroot jail...
security flaw
Heap-based buffer overflow in rsync before 2.5.7, when running in server mode, allows remote attackers to execute arbitrary code and possibly escape the chroot jail...
[UNIX] tHTTPd Virtual Hosting Security Hole (Host: ../..)
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...
ProFTPD 1.2.7 - 1.2.9rc2 Remote Root & brute-force Exploit
Exploit for linux platform in category remote exploits ========================================================== ProFTPD 1.2.7 - 1.2.9rc2 Remote Root & brute-force Exploit ========================================================== / ProFTPd 1.2.7 - 1.2.9rc2 remote r00t exploit...
ProFTPD 1.2.7 - 1.2.9rc2 Remote Root & brute-force Exploit
No description provided by source. / ProFTPd 1.2.7 - 1.2.9rc2 remote r00t exploit -------------------------------------------- By Haggis This exploit builds on the work of bkbll to create a working, brute-force remote exploit for the \n procesing bug in ProFTPd. Tested on SuSE 8.0, 8.1 and RedHat...
ProFTPd 1.2.7 < 1.2.9rc2 - Remote Code Execution / Brute Force
/ ProFTPd 1.2.7 - 1.2.9rc2 remote r00t exploit -------------------------------------------- By Haggis This exploit builds on the work of bkbll to create a working, brute-force remote exploit for the \n procesing bug in ProFTPd. Tested on SuSE 8.0, 8.1 and RedHat 7.2/8.0 it works quite well... the...
SECURITY.NNOV: Courier CPU exhaustion + bonus on imap-uw
Imap-uw allows user to access any file he could access locally. It's not a bug it's insecurity by design. According to vendor's web FAQ it's not pointed in FAQ inside program distribution: -=-=-=-=-=-=- 5.1 I see that the IMAP server allows access to arbitary files on the system, including...
CVE-2002-0244
Directory traversal vulnerability in chroot function in AtheOS 0.3.7 allows attackers to escape the jail via a .. dot dot in the pathname argument to chdir...
CVE-2002-0244
The CVE-2002-0244 entry concerns a directory traversal vulnerability in the chroot function of the AtheOS 0.3.7 environment, where an attacker can escape jail confines via a .. segment in the pathname passed to chdir. Affected software: AtheOS 0.3.7. Root cause: improper handling of relative path...
CVE-2002-0244
Directory traversal vulnerability in chroot function in AtheOS 0.3.7 allows attackers to escape the jail via a .. dot dot in the pathname argument to chdir...
CVE-1999-1194
chroot in Digital Ultrix 4.1 and 4.0 is insecurely installed, which allows local users to gain privileges...
CVE-1999-1194
Technical details (affected products, versions, root cause, impact, fixes) are not publicly available in the provided documents. Monitor for updates.