CVE-2005-0464

The CVE concerns SGI IRIX gr_osview (6.5.x, including 6.5.22) which does not drop privileges when opening user-specified description files in debug mode. Local attackers can read a line from arbitrary files by using -d and -D, which prints the line as a formatting error. The core issue is an info...

CVE-2005-0866

cdrecord before 4:2.0, when DEBUG is enabled, allows local users to overwrite arbitrary files via a symlink attack on temporary files...

CVE-2005-0866

CVE-2005-0866 affects cdrecord before 4:2.0. When DEBUG is enabled, it allows local users to overwrite arbitrary files via a symlink attack on temporary files. The issue is documented across NVD, Ubuntu, Mandrake advisories, and related CVE entries, which note that an updated package containing a...

-==PVDasm Long Name Debug Vulnerability==-

/ -------------------------------------------------------- Neo Security Team NST® - Advisory 10 - 19/03/05 -------------------------------------------------------- Program: PVDasm Homepage: http://pvdasm.reverse-engineering.net/ Vulnerable Versions: v1.6b & lowers Risk: Medium!! Impact: Long Name...

CVE-2005-0510

The daemon for fallback-reboot before 0.995 allows attackers to cause a denial of service daemon exit, possibly related to verbose debug messages when the daemon is not on a tty...

Default Password (synnet) for 'debug' Account

The account 'debug' on the remote host uses the password 'synnet'. An attacker may use it to gain further privileges on this system. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. account = "debug"; password = "synnet"; include'deprecatednasllevel.inc'; include'compat.inc'; if description...

HP-UX FTP daemon is vulnerable to a buffer overflow

Overview The HP-UX FTP daemon ftpd contains a buffer overflow that may allow an unauthenticated, remote attacker to execute arbitrary code. Description The HP-UX FTP daemon ftpd is vulnerable to a buffer overflow when the FTP daemon is configured to log debugging information. Debug logging is...

CVE-2005-0460

CVE-2005-0460 affects MercuryBoard (Web PHP bulletin board) versions 1.0.x and 1.1.x. The issue arises in index.php via the debug parameter, allowing remote attackers to obtain sensitive information. Public references indicate multiple feeds about MercuryBoard vulnerabilities, but the provided do...

[SA14284] Mercuryboard "debug" Debug Information Disclosure

TITLE: Mercuryboard "debug" Debug Information Disclosure SECUNIA ADVISORY ID: SA14284 VERIFY ADVISORY: http://secunia.com/advisories/14284/ CRITICAL: Not critical IMPACT: Exposure of system information WHERE: From remote SOFTWARE: MercuryBoard 1.x http://secunia.com/product/4560/ DESCRIPTION:...

CVE-2005-0438

awstats.pl in AWStats 6.3 and 6.4 allows remote attackers to obtain sensitive information by setting the debug parameter...

CVE-2005-0438

awstats.pl in AWStats 6.3 and 6.4 allows remote attackers to obtain sensitive information by setting the debug parameter...

security flaw

The httpProcessReplyHeader function in http.c for Squid 2.5-STABLE7 and earlier does not properly set the debug context when it is handling "oversized" HTTP reply headers, which might allow remote attackers to poison the cache or bypass access controls based on header size...

CVE-2003-1078

The FTP client for Solaris 2.6, 7, and 8 with the debug -d flag enabled displays the user password on the screen during login...

DEBIAN-CVE-2005-0156

Buffer overflow in the PerlIO implementation in Perl 5.8.0, when installed with setuid support sperl, allows local users to execute arbitrary code by setting the PERLIODEBUG variable and executing a Perl script whose full pathname contains a long directory tree...

Setuid perl PerlIO_Debug() overflow

No description provided by source. / Copyright Kevin Finisterre Setuid perl PerlIODebug overflow Tested on Debian 3.1 perl-suid 5.8.4-5 11:07:20 corezion: who is tha man with tha masta plan? 11:07:36 corezion: a nigga with a buffer overrun 11:07:39 corezion: heh of course that is to the tune of...

perl PERLIO_DEBUG privilege escalation

By using PERLIODEBUG variable it's possible to redirect debug output of suid application to any file. Oversized PERLIODEBUG causes buffer overflow...

[SA14120] Perl "PERLIO_DEBUG" Privilege Escalation Vulnerabilities

TITLE: Perl "PERLIODEBUG" Privilege Escalation Vulnerabilities SECUNIA ADVISORY ID: SA14120 VERIFY ADVISORY: http://secunia.com/advisories/14120/ CRITICAL: Less critical IMPACT: Privilege escalation WHERE: Local system SOFTWARE: Perl 5.x http://secunia.com/product/2647/ DESCRIPTION: Kevin...

ngIRCd 0.8.2 - Remote Format String

/ ngircdfsexp.c ngIRCd Use: ./ngircdfsexp -h options options: -h host or IP -p ircd port by default 6667 -t type of target system -g syslog GOT address -o offset RET addr by default 0x0806b000 -b brutefoce the RET address from 0x0806b000 + offset -l targets list root@servidor:/home/coki/audit...

ngIRCd <= 0.8.2 Remote Format String Exploit

No description provided by source. / ngircdfsexp.c ngIRCd = 0.8.2 remote format string exploit Note: To obtain a successful exploitation, we need that ngIRCd has been compiled with IDENT, logging to SYSLOG and DEBUG enabled. Original Reference: http://www.nosystem.com.ar/advisories/advisory-11.tx...

perl -- vulnerabilities in PERLIO_DEBUG handling

Kevin Finisterre discovered bugs in perl's I/O debug support: The environmental variable PERLIODEBUG is honored even by the set-user-ID perl command usually named sperl or suidperl. As a result, a local attacker may be able to gain elevated privileges. CVE-2005-0155 A buffer overflow may occur in...