53 matches found
CVE-1999-0806
Buffer overflow in Solaris dtprintinfo program...
EUVD-1999-0787
Malware in sbrugna...
EUVD-2002-1598
Malware in sbrugna...
CVE-2023-24040
dtprintinfo in Common Desktop Environment 1.6 has a bug in the parser of lpstat an invoked external command during listing of the names of available printers. This allows low-privileged local users to inject arbitrary printer names via the $HOME/.printers file. This injection allows those users t...
Solaris 10 libXm - Buffer overflow Local privilege escalation
/ Exploit Title: Solaris 10 libXm - Buffer overflow Local privilege escalation raptordtprintlibXmas.c - Solaris 10 CDE ForeverDay LPE Copyright c 2023 Marco Ivaldi "What has been will be again, what has been done will be done again; there is nothing new under the Sun." -- Ecclesiastes 1:9 Solaris...
Solaris 10 dtprintinfo Local Privilege Escalation Exploit
Solaris 10 CDE local privilege escalation exploit that achieves root by injecting a fake printer via lpstat and uses a buffer overflow in libXM ParseColors. / raptordtprintlibXmas.c - Solaris 10 CDE ForeverDay LPE Copyright c 2023 Marco Ivaldi "What has been will be again, what has been done will...
Solaris 10 dtprintinfo / libXm / libXpm Security Issues Vulnerability
Multiple vulnerabilities have been discovered across Common Desktop Environment version 1.6, Motif version 2.1, and X.Org libXpm versions prior to 3.5.15 on Oracle Solaris 10 that can be chained together to achieve root. Title: Multiple vulnerabilities in Solaris dtprintinfo and libXm/libXpm...
CVE-2023-24040
dtprintinfo in Common Desktop Environment 1.6 has a bug in the parser of lpstat an invoked external command during listing of the names of available printers. This allows low-privileged local users to inject arbitrary printer names via the $HOME/.printers file. This injection allows those users t...
Design/Logic Flaw
UNSUPPORTED WHEN ASSIGNED dtprintinfo in Common Desktop Environment 1.6 has a bug in the parser of lpstat an invoked external command during listing of the names of available printers. This allows low-privileged local users to inject arbitrary printer names via the $HOME/.printers file. This...
CVE-2023-24040
The CVE-2023-24040 issue affects Common Desktop Environment (CDE) 1.6, where a bug in dtprintinfo’s handling of the lpstat parser during the listing of available printers allows low-privileged local users to inject arbitrary printer names via the $HOME/.printers file. This input manipulation can ...
CVE-2023-24039
CVE-2023-24039 affects Common Desktop Environment 1.6, specifically the ParseColors function in libXm. A stack-based buffer overflow can be exploited by local, low-privilege users via the dtprintinfo setuid binary to escalate to root on Solaris 10. Several connected sources confirm the issue and ...
CVE-2023-24040
dtprintinfo in Common Desktop Environment 1.6 has a bug in the parser of lpstat an invoked external command during listing of the names of available printers. This allows low-privileged local users to inject arbitrary printer names via the $HOME/.printers file. This injection allows those users t...
PT-2023-19372 · Oracle · Solaris
Name of the Vulnerable Software and Affected Versions: Common Desktop Environment version 1.6 Description: A stack-based buffer overflow in the ParseColors function in libXm can be exploited by local low-privileged users via the dtprintinfo setuid binary to escalate their privileges to root on...
CVE-2023-24040
dtprintinfo in Common Desktop Environment 1.6 has a bug in the parser of lpstat an invoked external command during listing of the names of available printers. This allows low-privileged local users to inject arbitrary printer names via the $HOME/.printers file. This injection allows those users t...
Solaris 10 dtprintinfo / libXm / libXpm Security Issues
-- HNS-2022-01 - HN Security Advisory - https://security.humanativaspa.it/ Title: Multiple vulnerabilities in Solaris dtprintinfo and libXm/libXpm Products: Common Desktop Environment 1.6, Motif 2.1, X.Org libXpm Date: 2023-01-18 Oracle vulnerability tracking numbers: S1597707 - Arbitrary printer...
Solaris 10 1/13 (SPARC) - (dtprintinfo) Local Privilege Escalation Exploit (2)
Exploit Title: Solaris 10 1/13 SPARC - 'dtprintinfo' Local Privilege Escalation 2 Exploit Author: Marco Ivaldi Vendor Homepage: https://www.oracle.com/solaris/solaris10/ Version: Solaris 10 Tested on: Solaris 10 1/13 SPARC / raptordtprintcheckdirsparc2.c - Solaris/SPARC FMT LPE Copyright c 2020...
Solaris 10 (SPARC) - 'dtprintinfo' Local Privilege Escalation (3)
Exploit Title: Solaris 10 1/13 SPARC - 'dtprintinfo' Local Privilege Escalation 3 Date: 2021-02-01 Exploit Author: Marco Ivaldi Vendor Homepage: https://www.oracle.com/solaris/solaris10/ Version: Solaris 10 Tested on: Solaris 10 1/13 SPARC / raptordtprintnamesparc3.c - dtprintinfo on Solaris 10...
Solaris 10 (SPARC) - 'dtprintinfo' Local Privilege Escalation (1)
Exploit Title: Solaris 10 1/13 SPARC - 'dtprintinfo' Local Privilege Escalation Date: 2021-02-01 Exploit Author: Marco Ivaldi Vendor Homepage: https://www.oracle.com/solaris/solaris10/ Version: Solaris 10 Tested on: Solaris 10 1/13 SPARC / raptordtprintcheckdirsparc.c - Solaris/SPARC FMT PoC...
Solaris 10 1/13 (Intel) - (dtprintinfo) Local Privilege Escalation Exploit(3)
Exploit Title: Solaris 10 1/13 Intel - 'dtprintinfo' Local Privilege Escalation 3 Exploit Author: Marco Ivaldi Vendor Homepage: https://www.oracle.com/solaris/solaris10/ Version: Solaris 10 Tested on: Solaris 10 1/13 Intel / raptordtprintcheckdirintel2.c - Solaris/Intel FMT LPE Copyright c 2020...
Solaris 10 1/13 (SPARC) - (dtprintinfo) Local Privilege Escalation Exploit (3)
Exploit Title: Solaris 10 1/13 SPARC - 'dtprintinfo' Local Privilege Escalation 3 Exploit Author: Marco Ivaldi Vendor Homepage: https://www.oracle.com/solaris/solaris10/ Version: Solaris 10 Tested on: Solaris 10 1/13 SPARC / raptordtprintnamesparc3.c - dtprintinfo on Solaris 10 SPARC Copyright c...