7023 matches found
unixware.Xsco.txt
-----Original Message----- Date: Fri, 26 Nov 1999 04:27:16 +0300 MSK From: Matt Conover To: [email protected] Subject: w00giving '99 6: UnixWare 7's Xsco Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII w00w00 Security Development WSD...
[SECURITY] New version of proftpd fixes remote exploits
The proftpd version that was distributed in Debian GNU/Linux 2.1 had several buffer overruns that could be exploited by remote attackers. A short list of problems: user input was used in snprintf without sufficient checks there was an overflow in the logxfer routine you could overflow a buffer by...
SuSE Linux 6.1/6.2 - 'cwdtools' Local Overflow / Local Privilege Escalation
!/bin/sh source: https://www.securityfocus.com/bid/738/info cdwtools is a package of utilities for cd-writing. The linux version of these utilities, which ships with S.u.S.E linux 6.1 and 6.2, is vulnerable to several local root compromises. It is known that there are a number of ways to exploit...
sco_local_exploit.txt
Greetings, More SCO 5.0.x exploits, this time for scosession and scoterm. You'll only get egid=2bin out of scosession, but root for scoterm. Brock Tellier UNIX Systems Administrator Webley Systems www.webley.com --- scosessionx.c --- / SCO 5.0.x scosession local bin exploit sgid bin Will set...
suse6.2pbpg.txt
Brock Tellier [email protected] Sent: Thursday, September 16, 1999 5:06 PM Subject: Two SuSE 6.2 local root exploits Greetings, /usr/bin/pb and /usr/bin/pg, suid root by default on SuSE 6.2, allow any user to read any file on the system as shown: susebox:/root ls -la /usr/bin/pb uname -rwsr-xr-...
windows_exploits.txt
Subject: About IGMP and another exploit for Windows95x/98x To: [email protected] I got two exploit and test it... - The first one is Flushot by DarkShow. This exploit can drop the network connection in windows 95 and 98First Edition - The other one is Pimp by Rob Mosher, this exploit can...
Linux_suse_exploits.txt
Subject: Two SuSE 6.2 local root exploits To: [email protected] Greetings, /usr/bin/pb and /usr/bin/pg, suid root by default on SuSE 6.2, allow any user to read any file on the system as shown: susebox:/root ls -la /usr/bin/pb uname -rwsr-xr-x 1 root root 23544 Jul 22 20:07 /usr/bin/pb...
nt.case.symbolic.txt
Date: Fri, 12 Mar 1999 13:03:57 -0700 From: Mark To: [email protected] Subject: ALERT Case Sensitivity and Symbolic Links Prasad Dabak of Cybermedia Software Private Limited has discovered yet another security risk in Windows NT involving the operating system's case sensitivity...
mirc.5.6.autoload.url.txt
Date: Tue, 8 Jun 1999 22:49:35 -0400 From: Rich Lafferty To: [email protected] Subject: mIRC 5.6 automatic URL loading This one stunned me. I triple-checked and tested more than I'd usually test because I can't believe anyone would implement something so ridiculous. Perhaps I'm just optimistic...
netscape.4.51.javascript.txt
Date: Tue, 16 Mar 1999 11:09:41 PST From: Georgi Guninski To: [email protected] Subject: Re: Netscape upgrade FYI... Netscape has released version 4.51 of Communicator. It seems to fix the window spoofing bug http://www.geek-girl.com/bugtraq/19991/0747.html , along with the javascript bugs tha...
omnihttpd.webserver.txt
Date: Sat, 5 Jun 1999 09:53:51 +0300 From: Valentin Perelogin To: [email protected] Subject: Remote Exploit Bug in OmniHTTPd Web Server Hi all, The exploit bug will make temp files on the server until servers hdd is full. And anyone can do it remotely. By default visadmin.exe Visitor...
defeat.solaris.nonexec.stack.txt
Hi, I've recently been playing around with bypassing the non-executable stack protection that Solaris 2.6 provides. I'm referring to the mechanism that you control with the noexecuserstack option in /etc/system. I've found it's quite possible to bypass this protection, using methods described...
UoW imapd AUTHENTICATE Command Remote Overflow
It was possible to crash the remote IMAP server by sending a too long AUTHENTICATE command. An attacker may be able to exploit this vulnerability to execute code on the remote host. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid10292; scriptversion "1.31";...
CVE-1999-1422
The default configuration of Slackware 3.4, and possibly other versions, includes . dot, the current directory in the PATH environmental variable, which could allow local users to create Trojan horse programs that are inadvertently executed by other users...
Subject: [SECURITY] Debian not vulnerable to recent minicom exploit
Description Recent messages on a computer security forum have again reported that there are buffer overflows in minicom. These can lead into root exploits if the program is installed setuid root. Vulnerability Debian GNU/Linux 2.0 is not vulnerable to this exploit. The program minicom as shipped...
Subject: [SECURITY] Debian not vulnerable to recent minicom exploit
Description ----------- Recent messages on a computer security forum have again reported that there are buffer overflows in minicom. These can lead into root exploits if the program is installed setuid root. Vulnerability ------------- Debian GNU/Linux 2.0 is not vulnerable to this exploit. The...
Sun Java Web Server 1.1 Beta - Viewable .jhtml Source
source: https://www.securityfocus.com/bid/1891/info A vulnerability exists in Sun Microsystems' JavaWebServer for Win32, version 1.1Beta. JavaWebServer is a Java-oriented web application development platform. If a URL is submitted requesting a .jhtml file an HTML document with embedded Java sourc...
Solaris 2.4 passwd, yppasswd, and nispasswd Overflow Exploits
Exploit for solaris platform in category local exploits ============================================================= Solaris 2.4 passwd, yppasswd, and nispasswd Overflow Exploits ============================================================= ---------------------------- file newpass.c...
IRIX Multiple Buffer Overflow Exploits (LsD)
Exploit for irix platform in category local exploits ============================================ IRIX Multiple Buffer Overflow Exploits LsD ============================================ / copyright by / / Last Stage of Delirium, Dec 1996, Poland/ include include include define BUFSIZE 2068 define...
CVE-2010-4017
...