123 matches found
CVE-1999-0101
CVE-1999-0101 describes a buffer overflow in the AIX/Solaris gethostbyname() library call that allows root access through corrupt DNS host names. Affected: AIX 3.x/4.x, SunOS/Solaris; impact: potential full host compromise. Root cause: insufficient bounds checking in gethostbyname() implementatio...
SCO Unixware 7.1 pkginstall - Local Buffer Overflow
// source: https://www.securityfocus.com/bid/853/info It is possible to view the entries in /etc/shadow through exploiting a buffer overflow in pkgcat and pkginstall. Though neither of these binaries are setuid, the dacread permissions which are granted in /etc/security/tcb/privs give them the...
unixware7.gethostbyname.txt
Greetings, OVERVIEW A serious bug exists in UnixWare 7.1's libc. A buffer overflow in gethostbyname will allow any user to obtain elevated privileges. BACKGROUND Is this the same gethostbyname overflow which was present in ancient versions of non-unixware libc's way back when? I can't say for sur...