4974 matches found
SRT2003-04-22-1336 - SAP DB Development Tools install flaw
Secure Network Operations, Inc. http://www.secnetops.com Strategic Reconnaissance Team [email protected] Team Lead Contact [email protected] Our Mission: Secure Network Operations offers expertise in Networking, Intrusion Detection Systems IDS, Software Security Validation, and...
SAP DB development tools privelege escalation
instdbmsrv and instlserver allow chmod/chown for any files...
SAP DB weak permissions
777 permissions are used for executables...
Security holes : PHP Image View, NewsPro, Photo DB, As_web, GuestBook
Hi all : 1 PHP Image View 1.0 http://www.onlinetools.org Problems : - XSS - phpinfo; Exploits : - /phpimageview.php?pw=show - /phpimageview.php?pic=javascript:alertdocument.domain 2 NewsPro 1.01 http://www.aspbin.co.uk Problem : - Admin access Exploit : - Set cookie "logged,true" on the...
CVE-2001-1331
mandb in the man-db package before 2.3.16-3 allows local users to overwrite arbitrary files via the command line options 1 -u or 2 -c, which do not drop privileges and follow symlinks...
CVE-2001-1331
CVE-2001-1331 affects the man-db package’s mandb tool. The vulnerability exists in mandb before version 2.3.16-3, where invoking mandb with -u or -c does not drop privileges and does not drop file-system symlinks, enabling local users to overwrite arbitrary files. Impact is local, potentially ena...
Format string bug in AOLServer DB API
Format string bug in NsPdLog API call...
CVE-1999-1330
The snprintf function in the db library 1.85.4 ignores the size parameter, which could allow attackers to exploit buffer overflows that would be prevented by a properly implemented snprintf...
CVE-1999-1330
The CVE-1999-1330 issue affects the db library’s snprintf usage in version 1.85.4, where the size parameter is ignored and could permit buffer overflows that proper snprintf implementation would prevent. This describes a potential local memory corruption risk. Exploitation details or concrete rem...
CVE-2002-0056
Buffer overflow in SQL Server 7.0 and 2000 allows remote attackers to execute arbitrary code via a long OLE DB provider name to 1 OpenDataSource or 2 OpenRowset in an ad hoc connection...
CVE-2002-0056
Buffer overflow in SQL Server 7.0 and 2000 allows remote attackers to execute arbitrary code via a long OLE DB provider name to 1 OpenDataSource or 2 OpenRowset in an ad hoc connection...
CVE-2002-0056
CVE-2002-0056 concerns Microsoft SQL Server 7.0 and 2000, where a buffer overflow is triggered by a long OLE DB provider name used with OpenDataSource or OpenRowset in an ad hoc connection. The resulting issue can allow an attacker to execute arbitrary code with the SQL Server service account’s p...
Символьные линки в man-db (symbolic link)
Проблема символьных линков в sgid man программе...
[SECURITY] [DSA-059-1] man-db symlink attack
-----BEGIN PGP SIGNED MESSAGE----- - ------------------------------------------------------------------------ Debian Security Advisory DSA-059-1 [email protected] http://www.debian.org/security/ Wichert Akkerman June 12, 2001 -...
[SECURITY] [DSA-059-1] man-db symlink attack
Package : man-db Problem type : symlink attack Debian-specific: no Luki R. reported a bug in man-db: it did handle nested calls of dropeffectiveprivs and regaineffectiveprivs correctly which would cause it to regain privileges to early. This could be abused to make man create files as user man...
[SECURITY] [DSA-056-1] man-db local exploit
Package : man-db Problem type : local file overwrite Debian-specific: no Ethan Benson found a bug in man-db packages as distributed in Debian/GNU/Linux 2.2. man-db includes a mandb tool which is used to build an index of the manual pages installed on a system. When the -u or - -c option were give...
CVE-2001-1331
mandb in the man-db package before 2.3.16-3 allows local users to overwrite arbitrary files via the command line options 1 -u or 2 -c, which do not drop privileges and follow symlinks...
[SECURITY] [DSA 028-1] New man-db packages released
---------------------------------------------------------------------------- Debian Security Advisory DSA-028-1 [email protected] http://www.debian.org/security/ Martin Schulze February 9, 2001 - ---------------------------------------------------------------------------- Package : man-db...
CVE-2000-0032
Solaris dmi_cmd vulnerability CVE-2000-0032 allows local users to crash the dmispd daemon by placing a malformed file in /var/dmi/db. The description does not provide exploit details, affected versions, or remediation. No additional technical details are given in the connected documents. Actionab...
PT-2000-1324 · Gossamer Threads · Gossamer Threads Dbman
Name of the Vulnerable Software and Affected Versions: Gossamer Threads DBMan version db.cgi Description: The issue allows remote attackers to view environmental variables and setup information. This is achieved by referencing a non-existing database in the db parameter. Recommendations: For...