83 matches found
NSD vulnerable to one-byte overflow
Overview A vulnerability exists in the way NSD processes certain types of packets that may lead to a one-byte buffer overflow. Description Name server daemon NSD is an open source name server developed by NLnet Labs. NSD contains an off-by-one error that can cause a one-byte buffer overflow when...
ntpd autokey stack buffer overflow
Overview ntpd contains a stack buffer overflow, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system or create a denial of service. Description NTP Network Time Protocol is a method by which client machines can synchronize the local date and time wit...
Unfixed XSS vulnerability at www.cray-cyber.org
Security researcher PaPPy, has submitted on 24/04/2008 a cross-site-scripting XSS vulnerability affecting www.cray-cyber.org, which at the time of submission ranked 2329680 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 25/04/2008. It is...
Shadow Utils useradd utility sets incorrect file permissions
Overview The Shadow Utilities contain a vulnerability that may result in new user mailboxes having arbitrary permissions. Description The Shadow Utilities provide tools to manage user accounts.When a new mailbox is created using the useradd utility, the open function does not receive the expected...
Samba NDR MS-RPC heap buffer overflow
Overview Samba fails to properly handle malformed MS-RPC packets. Exploitation of this vulnerability could allow a remote attacker to execute arbitrary code. Description Samba is a widely used open-source implementation of Server Message Block SMB/Common Internet File System CIFS. Network Data...
CVE-2006-0177
Multiple buffer overflows in Cray UNICOS 9.0.2.2 might allow local users to gain privileges by 1 invoking /usr/bin/script with a long command line argument or 2 setting the -c option of /etc/nu to the name of a file containing a long line...
Buffer overflow
Multiple buffer overflows in Cray UNICOS 9.0.2.2 might allow local users to gain privileges by 1 invoking /usr/bin/script with a long command line argument or 2 setting the -c option of /etc/nu to the name of a file containing a long line...
CVE-2006-0177
Multiple buffer overflows in Cray UNICOS 9.0.2.2 might allow local users to gain privileges by 1 invoking /usr/bin/script with a long command line argument or 2 setting the -c option of /etc/nu to the name of a file containing a long line...
CVE-2006-0177
CVE-2006-0177 involves multiple buffer overflows in Cray UNICOS 9.0.2.2 that could allow local users to gain privileges. The two triggers described are: (1) invoking /usr/bin/script with a long command line argument, and (2) setting the -c option of /etc/nu to a filename containing a long line. T...
Cray UNICOS usrbinscript - Command Line Argument Local Overflow
Cray UNICOS usrbinscript - Command Line Argument Local Overflow source: https://www.securityfocus.com/bid/16205/info Cray UNICOS is prone to locally exploitable buffer overflow vulnerabilities. These issues are due to insufficient bounds checking of command line parameters in various utilities wi...
Cray UNICOS etcnu - -c Option Filename Processing Local Overflow
Cray UNICOS etcnu - -c Option Filename Processing Local Overflow source: https://www.securityfocus.com/bid/16205/info Cray UNICOS is prone to locally exploitable buffer overflow vulnerabilities. These issues are due to insufficient bounds checking of command line parameters in various utilities...
Cray UNICOS /usr/bin/script - Command Line Argument Local Overflow
source: https://www.securityfocus.com/bid/16205/info Cray UNICOS is prone to locally exploitable buffer overflow vulnerabilities. These issues are due to insufficient bounds checking of command line parameters in various utilities with setuid-superuser privileges. Successful exploitation could...
Cray UNICOS /etc/nu - '-c' Option Filename Processing Local Overflow
source: https://www.securityfocus.com/bid/16205/info Cray UNICOS is prone to locally exploitable buffer overflow vulnerabilities. These issues are due to insufficient bounds checking of command line parameters in various utilities with setuid-superuser privileges. Successful exploitation could...
CVE-2001-0891
CVE-2001-0891 describes a format string vulnerability in the NQS daemon (nqsdaemon) of NQE 3.3.0.16 on CRAY UNICOS and SGI IRIX. A local user could gain root privileges by submitting a batch job with a name containing formatting characters (via qsub). The connected documents confirm the vulnerabi...
CVE-2001-0891
Format string vulnerability in NQS daemon nqsdaemon in NQE 3.3.0.16 for CRAY UNICOS and SGI IRIX allows a local user to gain root privileges by using qsub to submit a batch job whose name contains formatting characters...
Sun XDR Library xdrmem_getbytes() Integer Overflow Vulnerability
Description A vulnerability has been discovered in the Sun XDR library. Specifically, an integer overflow as been found in the xdrmemgetbytes function. As a result, applications implementing the vulnerable library call may be prone to denial of service attacks. It should be noted that the...
UNICOS LOCAL HOLE ALL VERSIONS
CRAY UNICOS NQSD FORMAT BUG LOCAL ROOT COMPROMISE ALL VERSIONS MICKEY MOUSE HACKING SQUADRON ADVISORY : 1 DISCLAIMER ---------- We are a collective group of security professionals who want to remain nameless due to the various legal and corporate red tape which now surrounds the issue of disclosu...
Ошибка форматной строки в nqsd под Cray UniCOS
Ошибка форматной строки в имени пакетного файла...
CVE-1999-1300
Technical details for CVE-1999-1300 are not publicly provided in the supplied documents. No affected product/version or remediation are stated here. Monitor for updates.
CVE-1999-1300
Vulnerability in accton in Cray UNICOS 6.1 and 6.0 allows local users to read arbitrary files and modify system accounting configuration...