970 matches found
FreeBSD 3.3 - 'angband' Local Buffer Overflow
// source: https://www.securityfocus.com/bid/840/info The version angband shipped with FreeBSD 3.3-RELEASE is vulnerable to a local buffer overflow attack. Since it is setgid games, a compromise of files and directories owned by group games is possible. / FreeBSD 3.3 angband exploit yields egid o...
FreeBSD 3.3 - 'xmindpath' Local Buffer Overflow
/ source: https://www.securityfocus.com/bid/839/info The version of xmindpath shipped with FreeBSD 3.3 can be locally exploited via overrunning a buffer of predefined length. It is possible to gain the effective userid of uucp through this vulnerability. It may be possible, after attaining uucp...
FreeBSD 3.3 - xmindpath Local Buffer Overflow
FreeBSD 3.3 - xmindpath Local Buffer Overflow / source: https://www.securityfocus.com/bid/839/info The version of xmindpath shipped with FreeBSD 3.3 can be locally exploited via overrunning a buffer of predefined length. It is possible to gain the effective userid of uucp through this...
SCO Unixware 7.0 - xlock(1) Username Local Buffer Overflow
SCO Unixware 7.0 - xlock1 Username Local Buffer Overflow // source: https://www.securityfocus.com/bid/825/info Certain versions of Unixware ship with a version of xlock which is vulnerable to a buffer overflow attack. The xlock1 program locks the local X display until a username and password are...
Hylafax Hylafax 4.0.2 - Local Buffer Overflow
Hylafax Hylafax 4.0.2 - Local Buffer Overflow // source: https://www.securityfocus.com/bid/765/info Hylafax is a popular fax server software package designed to run on multiple UNIX operating systems. Some versions of Hylafax ship with a vulnerable sub program 'faxalter'. This program is installe...
cfingerd_bof.txt
-----BEGIN PGP SIGNED MESSAGE----- Babcia Padlina Ltd. Security Advisory BP-9909:00 Synopsis: Cfingerd is vulnerable to local buffer overflow attack. Vulnerable versions: Cfingerd 1.4.2 and earlier installed on systems which doesn't limit gecos length. Description: By setting carefully designed...
Knox Arkeia 4.0 Backup - Local Overflow
Knox Arkeia 4.0 Backup - Local Overflow / source: https://www.securityfocus.com/bid/661/info Knox Software Arkeia 4.0 Backup rnavc & nlserverd HOME Environment Variable Buffer Overflow A local buffer overflow in the handling of the HOME environment variable by the rlserver and rnavc binaries that...
mailx 8.1.1-10 (BSD/Slackware) - Local Buffer Overflow (2)
/ source: https://www.securityfocus.com/bid/1305/info Some Linux distributions ship with BSD mailx 8.1.1-10 On Slackware 7.x it can be found as /usr/bin/Mail. A vulnerability exists in the 'mail' program, part of the Berkeley mailx package. The 'mail' program contains a buffer overflow condition...
mailx 8.1.1-10 (BSDSlackware) - Local Buffer Overflow (2)
mailx 8.1.1-10 BSDSlackware - Local Buffer Overflow 2 / source: https://www.securityfocus.com/bid/1305/info Some Linux distributions ship with BSD mailx 8.1.1-10 On Slackware 7.x it can be found as /usr/bin/Mail. A vulnerability exists in the 'mail' program, part of the Berkeley mailx package. Th...
Xi Graphics Accelerated X 4.0.x/5.0 - Local Buffer Overflow
// source: https://www.securityfocus.com/bid/488/info Accelerated-X, also known as Accel-X, is a popular commercial X server available from Xi Graphics. The servers are normally installed setuid root, and contain multiple buffer overflow vulnerabilities. These vulnerabilities were found in the...
Xcmail 0.99.6 - Local Buffer Overflow
/ source: https://www.securityfocus.com/bid/311/info XCmail is an X11 mail client for linux. Arthur discovered an exploitable buffer overflow vulnerability in xcmail. The bug appears when replying to a message with a long subject line, and only when autoquote is on. The exploit is trivial, but as...
Debian 2.02.0 r5 FreeBSD 3.2 OpenBSD 2.4 RedHat 5.2 i386 S.u.S.E 6.1 - Lsof Local Buffer Overflow (1)
Debian 2.02.0 r5 FreeBSD 3.2 OpenBSD 2.4 RedHat 5.2 i386 S.u.S.E 6.1 - Lsof Local Buffer Overflow 1 // source: https://www.securityfocus.com/bid/496/info // // Lsof is an open file management utility included with many linux distributions. When run setuid root or setgid kmem, it is subject to a...
Solaris 2.5.1 - 'kcms' Local Buffer Overflow (1)
// source: https://www.securityfocus.com/bid/452/info There is an unchecked sprintf call in the versions of /usr/openwin/bin/kcmsconfigure shipped with solaris 2.5, 2.5.1 and 2.6. Unfortunately, kcmsconfigure is installed setuid root, making it possible for an attacker to overflow the buffer and...
BSD lpr 2000.05.070.480.72 lpr-ppd 0.72 - Local Buffer Overflow (2)
BSD lpr 2000.05.070.480.72 lpr-ppd 0.72 - Local Buffer Overflow 2 // source: https://www.securityfocus.com/bid/7025/info It has been reported that a vulnerability in the handling of some types of requests exists in lprm. When an attacker sends a maliciously crafted string to a configured printer...
BSD 'lpr' 2000.05.07/0.48/0.72 / lpr-ppd 0.72 - Local Buffer Overflow (1)
// source: https://www.securityfocus.com/bid/7025/info It has been reported that a vulnerability in the handling of some types of requests exists in lprm. When an attacker sends a maliciously crafted string to a configured printer through the lprm command, it may be possible to execute code. /...
BSD 'lpr' 2000.05.07/0.48/0.72 / lpr-ppd 0.72 - Local Buffer Overflow (2)
// source: https://www.securityfocus.com/bid/7025/info It has been reported that a vulnerability in the handling of some types of requests exists in lprm. When an attacker sends a maliciously crafted string to a configured printer through the lprm command, it may be possible to execute code. /...
Armidale Software Yapp Conferencing System 2.2 - Local Buffer Overflow
// source: https://www.securityfocus.com/bid/365/info Armidale Software's Yapp Conferencing System is vulnerable to an environment variable related buffer overflow vulnerability in at least the Linux version. The consequence of the vulnerability being exploited is a local root compromise. / Explo...
Armidale Software Yapp Conferencing System 2.2 - Local Buffer Overflow
Armidale Software Yapp Conferencing System 2.2 - Local Buffer Overflow // source: https://www.securityfocus.com/bid/365/info Armidale Software's Yapp Conferencing System is vulnerable to an environment variable related buffer overflow vulnerability in at least the Linux version. The consequence o...
Slackware Linux 3.1/3.2 - 'color_xterm' Local Buffer Overflow (1)
source: https://www.securityfocus.com/bid/369/info In Slackware Linux 3.1 and 3.2, the version of color xterm included is vulnerable to a buffer overflow attack that allows for a local user to gain root access. / exploit for colorxterm, modified by zgv / / original exploit coded by Ming Zhang for...
AIX 4.2 /usr/dt/bin/dtterm Local Buffer Overflow Exploit
Exploit for aix platform in category local exploits ======================================================== AIX 4.2 /usr/dt/bin/dtterm Local Buffer Overflow Exploit ======================================================== include include include char prog100="/usr/dt/bin/dtterm"; char...