Lantronix Secure Console Server (edituser) Local Root Exploit

Exploit for unknown platform in category local exploits ============================================================= Lantronix Secure Console Server edituser Local Root Exploit ============================================================= !/bin/sh Lantronix Secure Console Server edituser root...

MacOS X at scheduling utilities privelege escalation

During execution of user's batch job system groups membership is not dropped...

Low: Red Hat Bug Fix Advisory: Updated lvm package

An updated lvm package that includes a number of bug fixes and enhancements is now available for the latest Red Hat Enterprise Linux Update 3 kernel release. LVM includes all of the support for handling read/write operations on physical volumes, creating volume groups from one or more physical...

Mandrake Linux Security Advisory : rsync (MDKSA-2002:024)

Ethan Benson discovered a bug in rsync where the supplementary groups that the rsync daemon runs as such as root would not be removed from the server process after changing to the specified unprivileged uid and gid. This seems only serious if rsync is called using 'rsync --daemon' from the comman...

DEBIAN-CVE-2003-0689

The getgrouplist function in GNU libc glibc 2.2.4 and earlier allows attackers to cause a denial of service segmentation fault and execute arbitrary code when a user is a member of a large number of groups, which can cause a buffer overflow...

CVE-2001-1406

CVE-2001-1406 affects Bugzilla prior to 2.14. The vulnerability occurs when moving a bug between product groups, where the groupset flag is not updated, causing the bug to retain the old group’s (potentially less stringent) restrictions. This is a local issue with low public impact per the CVSS v...

Microsoft Windows User Groups List

Using the supplied credentials it was possible to retrieve the list of groups each user belongs to. Groups are stored in the KB for further checks. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid10894; scriptversion"1.20"; scriptnameenglish:"Microsoft Windows User...

Foundry Networks ServerIron don't decode URIs

Date : 13/03/2002 . By : Frank DENIS [email protected] Vendor : Foundry Networks http://www.foundrynet.com . Product: ServerIron web switches. Summary: Vulnerability in URI parsing code allows to bypass rules. ------------------- DESCRIPTION ------------------- Foundry Networks' ServerIron Family...

CVE-1999-1359

When the Ntconfig.pol file is used on a server whose name is longer than 13 characters, Windows NT does not properly enforce policies for global groups, which could allow users to bypass restrictions that were intended by those policies...

CVE-2001-1406

processbug.cgi in Bugzilla before 2.14 does not set the "groupset" bit when a bug is moved between product groups, which will cause the bug to have the old group's restrictions, which might not be as stringent...

Ошибки в Oracle 8i Enterprise Edition server

Ошибки в группах тестирования ошибок запросов LDAP - 46 или 77 приводят к ошибкам форматной строки или срыву стека в приложениях использующих эти группы...

LPRng 3.6.x - Failure To Drop Supplementary Groups

LPRng 3.6.x - Failure To Drop Supplementary Groups / source: https://www.securityfocus.com/bid/2865/info The LPRng software is an enhanced, extended, and portable implementation of the Berkeley LPR print spooler functionality. When the LPRng daemon is initialized, it fails to drop its supplementa...

LPRng 3.6.x - Failure To Drop Supplementary Groups

/ source: https://www.securityfocus.com/bid/2865/info The LPRng software is an enhanced, extended, and portable implementation of the Berkeley LPR print spooler functionality. When the LPRng daemon is initialized, it fails to drop its supplementary groups. As a result, the daemon and any child...

CVE-2001-0102

"Multiple Users" Control Panel in Mac OS 9 allows Normal users to gain Owner privileges by removing the Users & Groups Data File, which effectively removes the Owner password and allows the Normal user to log in as the Owner account without a password...

CVE-1999-0603

In Windows NT, an inappropriate user is a member of a group, e.g. Administrator, Backup Operators, Domain Admins, Domain Guests, Power Users, Print Operators, Replicators, System Operators, etc...

CVE-1999-1359

When the Ntconfig.pol file is used on a server whose name is longer than 13 characters, Windows NT does not properly enforce policies for global groups, which could allow users to bypass restrictions that were intended by those policies...

MacOS_encryption.txt

Subject: MacOS system encryption algorithm To: [email protected] The encryption algorithm in MacOS system is simple and the password can be easily decoded. Password is stored in Users & Groups Data File in Preferences folder. Offset is different on each system and depends on Users & Group...

MacOS_encryption_algorithm.txt

Subject: MacOS system encryption algorithm 3 To: [email protected] Sometime ago, Dawid adix Adamski sent to bugtraq the encryption algorithm in MacOS personal AppleShare server he found. I have been researching a little on this subject, and I've found his code fails when decoding the firs...

CVE-1999-1543

MacOS uses weak encryption for passwords that are stored in the Users & Groups Data File...

Apple Mac OS 8 8.6 - Weak Password Encryption

Apple Mac OS 8 8.6 - Weak Password Encryption source: https://www.securityfocus.com/bid/519/info The encryption algorithm in MacOS system is simple and the password can be easily decoded. Password is stored in Users & Groups Data File in Preferences folder. Offset is different on each system and...