CVE-1999-1019

SpectroSERVER in Cabletron Spectrum Enterprise Manager 5.0 installs a directory tree with insecure permissions, which allows local users to replace a privileged executable processd with a Trojan horse, facilitating a root or Administrator compromise...

Omnicron OmniHTTPd 1.1/2.0 Alpha 1 - 'visiadmin.exe' Denial of Service

source: https://www.securityfocus.com/bid/1808/info OmniHTTPD is a web-server offered by Omnicron for the MS Windows platform. One of the CGI utilities it ships with and installs by default contains a bug that could, if exploited, lead to a denial of service condition on host it runs on. When the...

SGI IRIX 6.5.4 - midikeys Root

source: https://www.securityfocus.com/bid/262/info The setuid root "midikeys" executable can be used to edit arbitrary files via its graphical user interface. This grants malicious users root access to the system. Running the midikeys application, clicking in sounds, and then songs will bring up ...

Solaris 2.67.08 - netpr Local Buffer Overflow (2)

Solaris 2.67.08 - netpr Local Buffer Overflow 2 // source: https://www.securityfocus.com/bid/1200/info A buffer overrun exists in the 'netpr' program, part of the SUNWpcu LP package included with Solaris, from Sun Microsystems. Versions of netpr on Solaris 2.6 and 7, on both Sparc and x86 have be...

CVE-1999-0527

The permissions for system-critical data in an anonymous FTP account are inappropriate. For example, the root directory is writeable by world, a real password file is obtainable, or executable commands such as "ls" can be overwritten...

CVE-1999-1440

Win32 ICQ 98a 1.30, and possibly other versions, does not display the entire portion of long filenames, which could allow attackers to send an executable file with a long name that contains so many spaces that the .exe extension is not displayed, which could make the user believe that the file is...

PT-1998-1190 · Unknown · Nukenabber

Name of the Vulnerable Software and Affected Versions: NukeNabber affected versions not specified Description: The issue allows remote attackers to cause a denial of service by connecting to the "NukeNabber port 1080" without sending any data. This action causes the CPU usage to rise to 100% due ...

[SECURITY] Seyon is vulnerable to a root exploit

Description ----------- We have received a report from SGI that a vulnerability has been discovered in the seyon program. This can lead to a root compromise. Any user who can execute the seyon program can exploit this vulnerability. Since SGI does not provide exploit information, we are unable to...

IRIX Multiple Buffer Overflow Exploits (LsD)

Exploit for irix platform in category local exploits ============================================ IRIX Multiple Buffer Overflow Exploits LsD ============================================ / copyright by / / Last Stage of Delirium, Dec 1996, Poland/ include include include define BUFSIZE 2068 define...

SGI IRIX 5.36.2 - ordist Local Privilege Escalation

SGI IRIX 5.36.2 - ordist Local Privilege Escalation // source: https://www.securityfocus.com/bid/415/info A buffer overflow exists in the ordist program, as shipped with Irix 6.x and 5.x from Silicon Graphics. By supplying long arguments to the '-d' option, containing a properly crafted buffer of...

Xt Library - Local Privilege Escalation

include include include define DEFAULTOFFSET 0 define BUFFERSIZE 1491 long getespvoid asm"movl %esp,%eax\n"; mainint argc, char argv char buff = NULL; unsigned long addrptr = NULL; char ptr = NULL; char execshell = "\xeb\x23" "\x5e" "\x8d\x1e" "\x89\x5e\x0b" "\x31\xd2" "\x89\x56\x07" "\x89\x56\x0...

sudo.bin - NLSPATH Privilege Escalation

sudo.bin - NLSPATH Privilege Escalation include include include include include define PATHSUDO "/usr/bin/sudo.bin" define BUFFERSIZE 1024 define DEFAULTOFFSET 50 ulong getesp asm"movl %esp, %eax"; mainint argc, char argv uchar execshell =...