SLRNPull 0.9.6 - Spool Directory Command Line Parameter Buffer Overflow

SLRNPull 0.9.6 - Spool Directory Command Line Parameter Buffer Overflow source: https://www.securityfocus.com/bid/4569/info N is a freely available, open source news reading utility. It is developed and maintained by the SLRN project, and designed for use on various operating systems. This proble...

Exploit for Tarantella Enterprise 3 installation (BID 3966)

Tarantella addressed these issues in a security bulletin: http://www.tarantella.com/security/bulletin-04.html !/usr/bin/perl -w Another Exploit for tarantella enterprise 3 installation. Larry Cashdollar [email protected] 2/08/2002 Exploits gunzip$$ binary being created in /tmp with perm 777...

logwatch211.sh

--- INTRO --- LogWatch is a customizable log analysis system. LogWatch parses through your system's logs for a given period of time and creates a report analyzing areas that you specify, in as much detail as you require. The collected results are reported to a chosen e-mail address, root by...

Root compromise through LogWatch 2.1.1

Release : March 27 2002 Author : Spybreak [email protected] Software : LogWatch Version : 2.1.1 Homepage : www.kaybee.org/kirk/html/linux.html Problems : A /tmp race condition leads to root --- INTRO --- LogWatch is a customizable log analysis system. LogWatch parses through your system's logs for...

xtell 1.91.12.6.1 - Multiple Remote Buffer Overflow Vulnerabilities

xtell 1.91.12.6.1 - Multiple Remote Buffer Overflow Vulnerabilities // source: https://www.securityfocus.com/bid/4193/info xtell is a simple network messaging program. It may be used to transmit terminal messages between users and machines. xtell is available for Linux, BSD and most other Unix...

Unixware 7.1.1 rpc.cmsd remote exploit code.

Hi, I'm jGgM. Here is unixware 7.1.1 rpc.cmsd remote exploit code. This is old bug. Currently patched....maybe.. This works only not -patched Unixware 7.1.1. -------------------------------------- Korean security Info.. by jGgM. http://www.forsecure.com/ http://www.netemperor.com/...

nn45-overflow.txt

This is a multi-part message in MIME format. ------=NextPart000001701BF4C70.00D57320 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Netscape Navigator/Communicator 4.5 buffer overflow advisory...

[ASGUARD-LABS] TYPSoft FTP Server v0.95 STOR/RETR Denial of Service Vulnerability

-00 ASGUARD LABS ADVISORY 00- :Summary: Release Date : 2001-10-04 Affected : TYPSoft FTP Server v0.95 Not Affected : - Attack Type : Denial Of Service Credits to : Jan Wagner :Description: The TYPSoft FTP Server v0.95 contains a simple D.O.S. which affects the "RETR" and "STOR" Command. :Detail: ...

Digital Unix 4.0x msgchk multiple vulnerabilities

hi everyone. there were multiple vulnerabilities in "/usr/bin/mh/msgchk" on digital unix 4.0x it's a mail utility - check for messages only available within the message handlin system, mh two vulnerabilities were found. /usr/bin/mh/msgchk is affected to buffer overflow vulnerability -- snip -- $...

Digital Unix 4.0 - MSGCHK Buffer Overflow

// source: https://www.securityfocus.com/bid/3311/info The msgchk utility under certain versions of Digital Unix contains a buffer overflow vulnerability which could yield root privilege. If a local user invokes the msgchk utility at the command line, argumented with a sufficiently long string of...

Microsoft IIS 4.05.0 - SSI Buffer Overrun Privilege Escalation

Microsoft IIS 4.05.0 - SSI Buffer Overrun Privilege Escalation // source: https://www.securityfocus.com/bid/3190/info A vulnerability exists in Microsoft IIS 4.0 and 5.0 that could allow a user with permission to write content to the IIS server to run any code in Local System context. / jim.c - I...

Oracle 8/9i - DBSNMP Oracle Home Environment Variable Buffer Overflow

// source: https://www.securityfocus.com/bid/3138/info Oracle is an Enterprise level SQL database, supporting numerous features and options. It is distributed and maintained by Oracle Corporation. When the ORACLEHOME environment variable is filled with 750 bytes or more, a buffer overflow occurs...

GNU findutils 4.0/4.1 - Locate Arbitrary Command Execution

// source: https://www.securityfocus.com/bid/3127/info GNU locate is an application that searches file databases for file names that match user-supplied patterns. A boundary condition error can occur when the program reads database files composed in an "old" format, produced by GNU locate prior t...

top format string bug exploit code (exploitable)

hi. It still seems to be affected under 3.5beta9 including this version someone said it's not the problem of exploitable vulnerability about 8 month ago , but it's possible to exploit though situation is difficult. following code and some procedure comments demonstrate it. possible to get kmem...

Microsoft Outlook 9820002002 - Unauthorized Email Access

Microsoft Outlook 9820002002 - Unauthorized Email Access source: https://www.securityfocus.com/bid/3025/info Microsoft Outlook introduces a vulnerability that may allow attackers to access and manipulate user email. The vulnerability is due to a new ActiveX control called 'Microsoft Outlook View...

Xvt 2.1 - Local Buffer Overflow

Xvt 2.1 - Local Buffer Overflow // source: https://www.securityfocus.com/bid/2955/info Xvt is a terminal emulator for systems using X11R6. It is often installed setuid/setgid so that it runs with the enhanced privileges required to log user sessions. Xvt contains a buffer overflow in it's handlin...

Linux Kernel 2.22.4 - procfs Stream redirection to Process Memory Privilege Escalation

Linux Kernel 2.22.4 - procfs Stream redirection to Process Memory Privilege Escalation / source: https://www.securityfocus.com/bid/2937/info The Linux /proc filesystem is a virtual filesystem provided by the Linux Kernel as an interface to some process and system information and parameters. Under...

Linux Kernel 2.2/2.4 - procfs Stream redirection to Process Memory Privilege Escalation

/ source: https://www.securityfocus.com/bid/2937/info The Linux /proc filesystem is a virtual filesystem provided by the Linux Kernel as an interface to some process and system information and parameters. Under certain circumstances, an access validation error may exist in the handling of...

udirectory from Microburst Technologies remote command execution

udirectory from Microburst Technologies, Inc. http://www.uburst.com/uDirectory/ allows remote command execution Vulnerable versions: 2.0, possibly earlier versions uDirectory is an online directory and listing management system that allows you to easily create, update, and maintain an on-line...

pmpost - another nice symlink follower

Hi, there is a symlink handling problem in the pcp suite from SGI. The binary pmpost will follow symlinks, if setuid root this leads to instant root compromise, as found on SuSE 7.1 I doubt that this a default SuSE package, though. Attached a simple C source to demonstrate this gcc pm.c -o pm the...