4098 matches found
[SECURITY] [DSA 267-1] New lpr packages fix local root exploit
-------------------------------------------------------------------------- Debian Security Advisory DSA 267-1 [email protected] http://www.debian.org/security/ Martin Schulze March 24th, 2003 http://www.debian.org/security/faq -...
HP-UX 7-11 - X Font Server Local Buffer Overflow
HP-UX 7-11 - X Font Server Local Buffer Overflow source: https://www.securityfocus.com/bid/10551/info HP-UX X Font Server is reportedly affected by a local buffer overflow vulnerability. This issue is due to a failure of the application to properly validate the length of a user-supplied string...
iDEFENSE Security Advisory 03.04.03: Locally Exploitable Buffer Overflow in file(1)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 iDEFENSE Security Advisory 03.04.03: http://www.idefense.com/advisory/03.04.03.txt Locally Exploitable Buffer Overflow in file1 March 4, 2003 I. BACKGROUND file1 is an application that utilizes a magic file typically located in /usr/share/magic to...
Zlib 1.1.4 - Compression Library 'gzprintf()' Buffer Overrun (2)
// source: https://www.securityfocus.com/bid/6913/info A buffer-overrun vulnerability has been reported in the Zlib compression library. Due to the use of 'vsprintf' by an internal Zlib function, an attacker can cause memory to become corrupted. This buffer overrun occurs becuase the software fai...
Zlib 1.1.4 - Compression Library gzprintf() Buffer Overrun (2)
Zlib 1.1.4 - Compression Library gzprintf Buffer Overrun 2 // source: https://www.securityfocus.com/bid/6913/info A buffer-overrun vulnerability has been reported in the Zlib compression library. Due to the use of 'vsprintf' by an internal Zlib function, an attacker can cause memory to become...
[SECURITY] [DSA 252-1] New slocate packages fix local root exploit
-------------------------------------------------------------------------- Debian Security Advisory DSA 252-1 [email protected] http://www.debian.org/security/ Martin Schulze February 21st, 2003 http://www.debian.org/security/faq -...
cPanel 5.0 - 'Openwebmail' Local Privilege Escalation
source: https://www.securityfocus.com/bid/6885/info It has been reported that cPanels' openwebmail package, distributed as part of the cPanel CGI application, is vulnerable to an external file include vulnerability. Exploitation of this issue may result in local user privilage escalation. By...
iDEFENSE Security Advisory 02.12.03: Buffer Overflow in AIX libIM.a
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 iDEFENSE Security Advisory 02.12.03: http://www.idefense.com/advisory/02.12.03.txt Buffer Overflow in AIX libIM.a February 12, 2003 I. BACKGROUND Advanced Interactive eXecutive AIX is IBM Corp.'s Unix operating system implementation, native to pSeries...
WinRAR buffer overflow vulnerability
Hello everybody. We found vulnerability in WinRAR 3.10 or lower version, and reported details to Author of this Software at 2003/01/12. Fixed version 3.11 of WinRAR was released, so we release the Information about this vulnerability. ----------------------------------------------------------...
MTink 0.9.x - Printer Status Monitor Environment Variable Buffer Overflow
MTink 0.9.x - Printer Status Monitor Environment Variable Buffer Overflow source: https://www.securityfocus.com/bid/6656/info mtink is prone to a locally exploitable buffer overflow condition. This is due to insufficient bounds checking of the HOME environment variable. mtink is reportedly...
[SECURITY] [DSA 227-1] New openldap packages fix buffer overflows and remote exploit
-------------------------------------------------------------------------- Debian Security Advisory DSA 227-1 [email protected] http://www.debian.org/security/ Martin Schulze January, 13th, 2003 http://www.debian.org/security/faq -...
MySQL 3.23.x/4.0.x - 'COM_CHANGE_USER' Password Length Account
/ source: https://www.securityfocus.com/bid/6373/info A flaw in the password authentication mechanism for MySQL may make it possible for an authenticated database user to compromise the accounts of other database users. The flaw lies in the fact that the server uses a string returned by the clien...
MS02-071: WM_TIMER Message Handler Privilege Elevation (328310)
The remote version of Windows contains a flaw in the handling of WMTIMER messages for interactive processes that could allow a local user to execute arbitrary code on the remote host with the SYSTEM privileges. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid11191;...
HP-UX 11 - Software Distributor Lang Environment Variable Local Buffer Overrun
// source: https://www.securityfocus.com/bid/8986/info HP has reported that some Software Distributor SD utilities are prone to a locally exploitable buffer-overrun vulnerability. Affected utilities include swinstall1M and swverify1M. / Program : xhpux11isw.c Use : HP-UX 11.11/11.0 exploit swxxx ...
CVE-2002-1127
CVE-2002-1127: Buffer overflow in uucp for Compaq Tru64/OSF1 3.x enables local users to execute arbitrary code via a long source (-s) argument. Root cause: unchecked buffer handling in uucp. Affected: Tru64/OSF1 3.x; component: uucp. Impact: local code execution; data confidentiality/integrity/av...
Cisco VPN 5000 Client - Buffer Overrun (2)
// source: https://www.securityfocus.com/bid/5734/info Buffer overrun vulnerabilities have been reported in the Cisco VPN 5000 UNIX clients available for Linux and Solaris systems. The condition affects the binaries 'closetunnel' and 'opentunnel', both installed setuid root by default. Malicious...
HP Tru64 UNIX ".upd..loader" contains buffer overflow (SSRT2275)
Overview The HP Tru64 UNIX implementation of ".upd..loader" contains a locally exploitable buffer overflow. Description A locally exploitable buffer overflow in ".upd..loader" may permit a local attacker to gain elevated privileges and execute arbitrary code on a vulnerable host. --- Impact A loc...
HP Tru64 UNIX "rdist" contains buffer overflow (SSRT2275)
Overview The HP Tru64 UNIX implementation of "rdist" contains a locally exploitable buffer overflow. Description "rdist" allows a user to maintain identical copies of files on multiple hosts. A locally exploitable buffer overflow in "rdist" may permit a local attacker to gain elevated privileges...
HP Tru64 UNIX "ps" contains buffer overflow (SSRT2256)
Overview The HP Tru64 UNIX implementation of "ps" contains a locally exploitable buffer overflow. Description "ps" is used to display information about running processes. A locally exploitable buffer overflow in "ps" may permit a local attacker to gain elevated privileges and execute arbitrary co...
HP Tru64 UNIX "at" contains buffer overflow (SSRT2189)
Overview The HP Tru64 UNIX implementation of "at" contains a locally exploitable buffer overflow. Description "at" is used to run a job at a later time. A locally exploitable buffer overflow in "at" may permit a local attacker to gain elevated privileges and execute arbitrary code on a vulnerable...