2119 matches found
CVE-2004-0563
The tspc.conf configuration file in freenet6 before 0.9.6 and before 1.0 on Debian Linux has world readable permissions, which could allow local users to gain sensitive information, such as a username and password...
[SECURITY] [DSA 441-1] New Linux 2.4.17 packages fix local root exploit (mips+mipsel)
-------------------------------------------------------------------------- Debian Security Advisory DSA 441-1 [email protected] http://www.debian.org/security/ Martin Schulze February 18th, 2004 http://www.debian.org/security/faq -...
Leksbot 1.2 - Multiple Vulnerabilities
Leksbot 1.2 - Multiple Vulnerabilities / source: https://www.securityfocus.com/bid/7505/info Multiple vulnerabilities have been reported for Leksbot. The precise nature of these vulnerabilities are currently unknown however, exploitation of this issue may result in an attacker obtaining elevated...
Leksbot 1.2 - Multiple Vulnerabilities
/ source: https://www.securityfocus.com/bid/7505/info Multiple vulnerabilities have been reported for Leksbot. The precise nature of these vulnerabilities are currently unknown however, exploitation of this issue may result in an attacker obtaining elevated privileges. This is because in some...
ProFTPD on Debian Linux postinst Installation Privilege Escalation
The following problems have been reported for the version of proftpd in Debian 2.2 potato: 1. There is a configuration error in the postinst script, when the user enters 'yes', when asked if anonymous access should be enabled. The postinst script wrongly leaves the 'run as uid/gid root'...
grpck-expl.pl
Hi packetstorm dudez! --- start here --- !/usr/bin/perl www.uhagr.org - [email protected] This is only a Proof of concept. /usr/sbin/grpck is not suid root by default. castle: /usr/sbin/grpck perl -e 'print "X"x2900' Segmentation fault castle: my $usage = Example: ./grpck-expl.pl 1 TARGETS: 1...
iDEFENSE Security Advisory 11.08.02a: File Disclosure Vulnerability in Simple Web Server
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 iDEFENSE Security Advisory 11.08.02a: http://www.idefense.com/advisory/11.08.02a.txt File Disclosure Vulnerability in Simple Web Server November 8, 2002 I. BACKGROUND As its name suggests, Peter Sandvik's Simple Web Server is a Linux-based web server...
Abuse 2.0 - Local Buffer Overflow
Abuse 2.0 - Local Buffer Overflow / source: https://www.securityfocus.com/bid/6094/info Vulnerabilities have been discovered in two files used by Abuse. By passing an execessively long commandline argument to Abuse, it is possible to overrun a buffer. Exploiting this issue could allow a local...
Abuse 2.0 - Local Buffer Overflow
/ source: https://www.securityfocus.com/bid/6094/info Vulnerabilities have been discovered in two files used by Abuse. By passing an execessively long commandline argument to Abuse, it is possible to overrun a buffer. Exploiting this issue could allow a local attacker to overwrite sensitive memor...
efingerd remote buffer overflow and a dangerous feature
Release : 6/3/2002 Author : Spybreak [email protected] Software: efingerd Versions: 1.3, 1.6.1 Problems: Remote buffer overflow and a dangerous feature Efingerd is a "finger daemon, giving you complete control over what are you going to display about your computer" as is written in the man page...
Remote exploit against xtelld and other fun
Release : 27/2/2002 Author : Spybreak [email protected] Software: xtell package Versions: 2.6.1, most of the vulnerabilities are present in all previous versions Problems: Remote execution of arbitrary code through several buffer overflows, information leakage, writing into arbitrary files with th...
CUPS ippRead() attribute name buffer overflow
cups-ippread-bo 8192 High Risk CUPS ippRead attribute name buffer overflow Description: Common Unix Printing System CUPS versions 1.1.13 and earlier are vulnerable to a denial of service attack caused by a buffer overflow in the handling of attribute names in the ippRead function. By setting a ve...
CVE-2001-1561
Buffer overflow in Xvt 2.1 in Debian Linux 2.2 allows local users to execute arbitrary code via long 1 -name and 2 -T arguments...
CVE-2001-0755
Buffer overflow in ftp daemon ftpd 6.2 in Debian GNU/Linux allows attackers to cause a denial of service and possibly execute arbitrary code via a long SITE command...
CVE-1999-1496
Sudo 1.5 in Debian Linux 2.1 and Red Hat 6.0 allows local users to determine the existence of arbitrary files by attempting to execute the target filename as a program, which generates a different error message when the file does not exist...
CVE-1999-1496
CVE-1999-1496 affects Sudo 1.5 in Debian Linux 2.1 and Red Hat 6.0 . Local users can infer the existence of arbitrary files by attempting to execute the target filename as a program, which yields different error messages depending on whether the file exists. This indicates a minor information-dis...
Vixie Cron crontab 3.0 - Privilege Lowering Failure (2)
source: https://www.securityfocus.com/bid/2687/info Vixie cron is an implementation of the popular UNIX program that runs user-specified programs at periodic scheduled times. When a parsing error occurs after a modification operation, crontab will fail to drop privileges correctly for subsequent...
Rxvt vulnerability
RXVT Vulnerability ---------------------------------------------------------------- Samuel "Zorgon" Dralet [email protected] ---------------------------------------------------------------- Date : 2001/06/05 Vulnerable system : rxvt 2.6.2 on Debian Linux 2.2 Table of contents 1...
Vixie cron vulnerability
Thank you for using SecurityFocus.com's Security Intelligence Alert SIA Service. To manage account please visit https://alerts.securityfocus.com/ For questions or comments email us at [email protected]. --------------------------------------------------------------------------- Security...
mount exploit for glibc locale bug
Exploit for linux platform in category local exploits ================================== mount exploit for glibc locale bug ================================== / mount exploit for glibc locale bug tested on redhat 6.2 and slackware 7.0 and debian 2.2 Debian 2.2 mount-2.10f : ./mnt -n 136 -a...