CVE-2019-19521

libc in OpenBSD 6.6 allows authentication bypass via the -schallenge username, as demonstrated by smtpd, ldapd, or radiusd. This is related to gen/authsubr.c and gen/authenticate.c in libc and login/login.c and xenocara/app/xenodm/greeter/verify.c...

man[v1.5l]: (catalog) format strings exploit / POC.

was looking at the source code to man, and came upon this. newer g libc's will stop this from happening. but, still worth noting/effective bypass with older glibc's explained in exploit header Vade79 - fakehalo.deadpig.org - fakehalo. -- xmanfmt.c: start -- / linuxmanv1.5l: format string exploit...

CVE-2002-0391

Integer overflow in xdrarray function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including dietlibc, allows remote attackers to execute arbitrary code by passing a large number of arguments to xdrarray through RPC services such as rpc.cmsd and dmispd...

kki.rpc.libc.DoS.txt

Date: Wed, 14 Apr 1999 15:26:14 +0200 From: Lukasz Luzar To: [email protected] Subject: KKIS.08041999.001.b - security raport - flaws in rpc part of libc S E C U R I T Y Contacts KKI Security Team Cracow Commercial Internet, Poland http://www.security.kki.pl http://www.kki.pl...