HP-UX Security Patch : PHCO_29029

libc cumulative patch %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if !definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid26270; scriptversion"1.8"; scriptsetattributeattribute:"pluginmodificationdate", value:"2021/01/11";...

HP-UX Security Patch : PHCO_22076

libc cumulative patch %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if !definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid26228; scriptversion"1.8"; scriptsetattributeattribute:"pluginmodificationdate", value:"2021/01/11";...

HP-UX Security Patch : PHCO_31921

cumulative 10.20 libc compatibility support %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if !definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid26293; scriptversion"1.8"; scriptsetattributeattribute:"pluginmodificationdate",...

HP-UX Security Patch : PHCO_29633

libc cumulative patch %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if !definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid26273; scriptversion"1.8"; scriptsetattributeattribute:"pluginmodificationdate", value:"2021/01/11";...

HP-UX Security Patch : PHCO_31903

libc cumulative patch %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if !definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid26292; scriptversion"1.8"; scriptsetattributeattribute:"pluginmodificationdate", value:"2021/01/11";...

Yoggie Pico and Pico Pro Backticks - Remote Code Execution

source: https://www.securityfocus.com/bid/24743/info Yoggie Pico and Pico Pro are prone to a remote code-execution vulnerability because the device fails to sufficiently sanitize user-supplied input. An attacker can exploit this issue to execute arbitrary code with superuser privileges. A...

CVE-2007-2844

PHP 4.x and 5.x before 5.2.1, when running on multi-threaded systems, does not ensure thread safety for libc crypt function calls using protection schemes such as a mutex, which creates race conditions that allow remote attackers to overwrite internal program memory and gain system access...

Race condition

PHP 4.x and 5.x before 5.2.1, when running on multi-threaded systems, does not ensure thread safety for libc crypt function calls using protection schemes such as a mutex, which creates race conditions that allow remote attackers to overwrite internal program memory and gain system access...

CVE-2007-2844

PHP 4.x and 5.x before 5.2.1, when running on multi-threaded systems, does not ensure thread safety for libc crypt function calls using protection schemes such as a mutex, which creates race conditions that allow remote attackers to overwrite internal program memory and gain system access...

Solaris 10 (sparc) : 120473-12

SunOS 5.10: libc nss ldap PAM zfs patch. Date this patch was last updated by Sun : Jul/11/07 %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/10/24. C Tenable Network Security, Inc. if !...

PHP <= 5.2.1 substr_compare() Information Leak Exploit

Exploit for multiple platform in category local exploits ====================================================== PHP = 5.2.1 substrcompare Information Leak Exploit ====================================================== ?php //////////////////////////////////////////////////////////////////////// /...

PHP &lt;= 5.2.1 substr_compare() Information Leak Exploit

No description provided by source. ?php //////////////////////////////////////////////////////////////////////// // // // | || | | | | | | | || || \ // // | |/ || '|/ |/ -| ' \ / -/ |||| /| || / // // ||||,||| ,|||||||,| || |||||| // // // // Proof of concept code from the Hardened-PHP...

Solaris 10 (x86) : 120037-22

SunOS 5.10x86: libc nss ldap PAM zfs patc. Date this patch was last updated by Sun : Jul/17/07 %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/10/24. C Tenable Network Security, Inc. if !...

ptrace suids local root.txt

bash-2.05a$ uname -a QNX muh 6.3.2 2006/03/16-14:19:50EST x86pc x86 bash-2.05a$ gdb -q /usr/bin/ping we use some ret-to-libc-type-shellcode gdb p system $1 = text variable, no debug info 0xb031897c system gdb p exit $2 = text variable, no debug info 0xb0321ff8 exit gdb q bash-2.05a$ export...

CVE-2006-6652

Buffer overflow in the glob implementation glob.c in libc in NetBSD-current before 20050914, NetBSD 2. and 3. before 20061203, and Apple Mac OS X before 2007-004, as used by the FTP daemon and tnftpd, allows remote authenticated users to execute arbitrary code via a long pathname that results fro...

CVE-2006-6652

Buffer overflow in the glob implementation glob.c in libc in NetBSD-current before 20050914, NetBSD 2. and 3. before 20061203, and Apple Mac OS X before 2007-004, as used by the FTP daemon and tnftpd, allows remote authenticated users to execute arbitrary code via a long pathname that results fro...

Solaris Runtime Linker (ld.so.1) Buffer Overflow Exploit (SPARC version

No description provided by source. / ld.so.1 exploit SPARC coded by: osker178 bjr213 psu.edu Alright, so this exploits a fairly standard buffer overflow in the default Solaris runtime linker ld.so.1 discovery by Jouko Pynnonen Only real deviation here from the standard overflow and return into li...

CVE-2006-5556

CVE-2006-5556 describes a buffer overflow in the libc localtime_r function (and certain other functions) affecting HP-UX B.11.11 and possibly other versions. The vulnerability allows local users to execute arbitrary code by supplying a long TZ environment variable. The available documents confirm...

HP-UX LIBC TZ环境变量本地溢出漏洞

HP-UX是一款HP公司开发的UNIX操作系统。 HP-UX的LIBC实现在处理TZ环境变量时存在缓冲区溢出漏洞，本地攻击者可能利用此漏洞提升权限。 由于没有在localtimer及相关函数中执行充分的边界检查，HP-UX的libc库在处理TZ环境变量时存在栈溢出漏洞。任何使用timezone函数的suid或sgid程序都受这个漏洞影响。成功攻击可能导致权限提升。 HP HP-UX B.11.11 HP HP-UX B.11.04 HP HP-UX B.11.00 HP已经为此发布了一个安全公告（HPSBUX02091）以及相应补丁: HPSBUX02091：SSRT061099 rev...

HP-UX 11i (LIBC TZ enviroment variable) Local Root Exploit

No description provided by source. / HP-UX libc timezone environment overflow exploit ================================================ HP-UX libc contains an exploitable stack overflow in the handling of "TZ" environment variable. The problem occurs due to insufficient bounds checking in the...