phf CGI Script fails to guard against newline characters

Overview This document describes a vulnerability in a CGI script known as phf which was widely exploited in 1996 and 1997. Description The phf CGI script constructs a partial command line consisting of the ph command and appropriate arguments, and completes the command line based on the input fro...

Дырка в write в Solaris

Переполнение буфера в аргументе командной строки дает возможность получить egid tty...

CVE-2000-1175

Buffer overflow in Koules 1.4 allows local users to execute arbitrary commands via a long command line argument...

CVE-2000-0987

Buffer overflow in oidldapd in Oracle 8.1.6 allow local users to gain privileges via a long "connect" command line parameter...

Дырки в почтовых программах под Windows

Дырки во многих программаз работающих через коммандную строку используемых на Web-Серверах...

XATO Advisory: Win32 Command-Line Mailers

---------------------------------------------------------------------------- Xato Network Security, Inc. www.xato.net Security Advisory XATO-122000-01 December 12, 2000 - MULTIPLE VENDOR COMMAND-LINE MAILER HOLES - SMTP Command-Line Mailers on Win32 Web Servers...

SRADV00007.txt

================================================= Secure Reality Pty Ltd. Security Advisory 7 SRADV00007 http://www.securereality.com.au ================================================= Title Local root compromise through Lexmark MarkVision printer drivers Released 6/11/2000 Vulnerable Versions...

Oracle 8.x - cmctl Buffer Overflow

/ source: https://www.securityfocus.com/bid/1968/info cmctl is the Connection Control Manager, part of the Oracle 8i installation. A vulnerability exists that can allow elevation of privileges. The problem occurs in the way cmctl handles the user-supplied command line arguments. The string...

xsplumber - strcpy() buffer overflow

Exploit for linux platform in category local exploits ==================================== xsplumber - strcpy buffer overflow ==================================== / linuxsplumberversion2 buffer overflow, by v9email protected. this is a misc. exploit for the linux-SVGAlib space plumber game. which...

xsplumber - strcpy() Local Buffer Overflow

xsplumber - strcpy Local Buffer Overflow / linuxsplumberversion2 buffer overflow, by [email protected]. this is a misc. exploit for the linux-SVGAlib space plumber game. which, as you know needs to be installed setuid root. this overflow is due to a simple oversight in the command line parser. us...

Oracle (oidldapd connect) - Local Command Line Overflow

Oracle oidldapd connect - Local Command Line Overflow / Exploit Code for oidldapd in Oracle 8.1.6 8ir2 for Linux. I tested in RH 6.2 and 6.1. This code is a bullshit i know please no comments about ;-. If someone exports this to Sparc please tell me. synopsis: buffer overflow in oidldapd impact:...

CVE-2000-0695

Buffer overflows in pgxconfig in the Raptor GFX configuration tool allow local users to gain privileges via command line options...

Security bugs in nokia voyager, BO dev.

Voyager works with a multipurposes cgi called htmlpage that make a call to htmlgen with a filename as a template script. Htmlgen produce the final html page returned by apache. if u test this kind of url:...

CVE-2000-0752

The CVE-2000-0752 entry concerns a buffer overflow in brouted (FreeBSD and possibly other OSes) that enables local users to gain root privileges via long command line arguments. Affected component: brouted, a routing daemon/util in the OS. Root cause: unchecked/buffer overflow when handling exten...

CVE-2000-0695

Buffer overflows in pgxconfig in the Raptor GFX configuration tool allow local users to gain privileges via command line options...

CVE-2000-0752

Buffer overflows in brouted in FreeBSD and possibly other OSes allows local users to gain root privileges via long command line arguments...

New Tool: initd_.sh;

/ Attachment did not send... resending sorry for the bulk / Heyas ; I wrote this tool in the last couple of days to see if I could actually implement a program that would automatically attack local binaries and attempt to find exploits in respect to buffer overflows via command line switches...

[COVERT-2000-06] Initialized Data Overflow in Xlock

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Network Associates, Inc. COVERT Labs Security Advisory May 29, 2000 Initialized Data Overflow in Xlock COVERT-2000-06 o Synopsis An implementation vulnerability in xlock allows global variables in the initialized data section of memory to be...

Netopia R-series Routers 4.6.2 - Modifying SNMP Tables

Netopia R-series Routers 4.6.2 - Modifying SNMP Tables source: https://www.securityfocus.com/bid/1177/info All R-series platforms with firmware between 4.3.8 and 4.6.2 inclusive allow users who already have access to the router to modify SNMP tables which they should not be able to access. The...

Netopia R-series Routers 4.6.2 - Modifying SNMP Tables

source: https://www.securityfocus.com/bid/1177/info All R-series platforms with firmware between 4.3.8 and 4.6.2 inclusive allow users who already have access to the router to modify SNMP tables which they should not be able to access. The router has a command-line mode that is reached by typing...