CVE-2001-0187

CVE-2001-0187 concerns WU-FTPD up to version 2.6.1, where a format-string vulnerability in debug mode can allow remote code execution. The issue affects WU-FTPD when using RFC 931 authentication with debugging enabled, potentially letting an attacker craft ident responses that are logged by the s...

Локальная дырка в Cisco Content Services (Arrowpoint) (debug mode)

Пользователь может переключится в режим отладки, из которого получить административные привелегии...

WU-FTPD 2.4.22.52.6 - Debug Mode Client Hostname Format String

WU-FTPD 2.4.22.52.6 - Debug Mode Client Hostname Format String source: https://www.securityfocus.com/bid/2296/info Wu-ftpd is a widely used unix ftp server. It contains a format string vulnerability that may be exploitable under certain perhaps 'extreme' circumstances. When running in debug mode,...

WU-FTPD 2.4.2/2.5/2.6 - Debug Mode Client Hostname Format String

source: https://www.securityfocus.com/bid/2296/info Wu-ftpd is a widely used unix ftp server. It contains a format string vulnerability that may be exploitable under certain perhaps 'extreme' circumstances. When running in debug mode, Wu-ftpd logs user activity to syslog in an insecure manner. An...

CVE-2000-1040

CVE-2000-1040 concerns a format string vulnerability in the logging function of ypbind 3.3 when run in debug mode. The flaw can leak file descriptors and allow a denial of service. Some sources (Mandrake MDKSA-2000:064) also mention a related buffer overflow in ypserv if the build system lacks vs...

CVE-2000-1040

Format string vulnerability in logging function of ypbind 3.3, while running in debug mode, leaks file descriptors and allows an attacker to cause a denial of service...

Дырка в agetty

Ошибка форматной строки в режиме отладки при разборе аргументов...

CVE-2000-0370

CVE-2000-0370 affects Caldera Linux smail. The debug option allows remote command execution via shell metacharacters in the -D option for rmail, enabling full compromise of confidentiality, integrity, and availability (CVSSv2 base score 10.0). Exploitation details are not provided in the availabl...

FreeBSD 3.3 - gdc Symlink

FreeBSD 3.3 - gdc Symlink source: https://www.securityfocus.com/bid/835/info It is possible to write debug ouput from gdc to a file /var/tmp/gdbdump. Unfortunately, gdc follows symbolic links which can be created in tmp and will overwrite any file on the system thanks to it being setiud root. Thi...

SCOUNIX_shadow_exploit.txt

Greetings, Any user may overwrite any file with group auth i.e. /etc/shadow, /etc/passwd using /etc/sysadm.d/bin/userOsa. Note that this will not change the permissions of the file or allow for the user to input a passwd entry string into these files, it will simply clobber the contents of the fi...

SCO Open Server 5.0.5 - userOsa Symlink

SCO Open Server 5.0.5 - userOsa Symlink source: https://www.securityfocus.com/bid/701/info Under certain versions of SCO OpenServer there exists a symlink vulnerability which can be exploited to overwrite any file which is group writable by the 'auth' group. The problem in particular is in the th...

SCO Open Server 5.0.5 - 'userOsa' Symlink

source: https://www.securityfocus.com/bid/701/info Under certain versions of SCO OpenServer there exists a symlink vulnerability which can be exploited to overwrite any file which is group writable by the 'auth' group. The problem in particular is in the the /etc/sysadm.d/bin/userOsa executable...

CVE-1999-0447

Technical details are not publicly available in the provided connected documents. Monitor for updates.

CVE-1999-0344

CVE-1999-0344 concerns an NT local privilege escalation via the Sechole exploit, allowing debug-level access to a system process (local, no authentication; high impact on confidentiality, integrity, and availability per NVD). Connected citations reiterate NT users gaining debug-level access, with...

CVE-1999-0344

NT users can gain debug-level access on a system process using the Sechole exploit...

CVE-1999-0447

Local users can gain privileges using the debug utility in the MPE/iX operating system...

CVE-1999-0095

CVE-1999-0095 involves the Sendmail MTA where the DEBUG command is enabled, enabling remote users to execute arbitrary commands as root. Public sources (NVD/Nessus/OpenVAS/Red Hat/CIRCL) confirm that the issue allows full root access via the DEBUG/WIZ mechanism, with assessments placing the impac...

Sendmail DEBUG/WIZ Remote Command Execution

Your MTA accepts the DEBUG or WIZ command. It may be an old version of Sendmail. This command is dangerous as it allows remote users to execute arbitrary commands as root without the need to log in. C Tenable Network Security, Inc. MA 2004-12-29: I merge sendmailwiz.nasl into this one...

cybercash.cc.txt

Date: Sun, 25 Apr 1999 13:38:43 +0200 From: Bo Elkjaer To: [email protected] Subject: Re: Shopping Carts exposing CC data Hi Joe Your CC-exposures are gaining momentum. Right now I'm only waiting for the mainstream papers to catch up. I'm a journalist myself, working for one of Denmarks larges...

CVE-1999-0447

Local users can gain privileges using the debug utility in the MPE/iX operating system...