4065 matches found
[SECURITY] New version of xlockmore/xlockmore-gl released
Package: xlockmore, xlockmore-gl Vulnerability type: local exploit Debian-specific: no There is a format string bug in all versions of xlockmore/xlockmore-gl. Debian 2.1 slink installs xlock setgid by default, and this exploit can be used to gain read access to the shadow file. We recommend...
[SECURITY] New version of mailx released
Package : mailx Problem type : local exploit Debian-specific: no mailx is a often used by other programs to send email. Unfortunately mailx as distributed in Debian GNU/Linux 2.1 has some features that made it possible to execute system commands if a user can trick a privileged program to send...
[SECURITY] New version of mailx released
------------------------------------------------------------------------ Debian Security Advisory [email protected] http://www.debian.org/security/ Wichert Akkerman August 8, 2000 - ------------------------------------------------------------------------ Package : mailx Problem type : local...
[SECURITY] New version of userv released
-----BEGIN PGP SIGNED MESSAGE----- - ------------------------------------------------------------------------ Debian Security Advisory [email protected] http://www.debian.org/security/ Wichert Akkerman July 27, 2000 - ------------------------------------------------------------------------...
[SECURITY] New version of userv released
Package : userv Problem type : local exploit Debian-specific: no The version of userv that was distributed with Debian GNU/Linux 2.1 / slink had a problem in the fd swapping algorithm: it could sometimes make an out-of-bounds array reference. It might be possible for local users to abuse this to...
[SECURITY] New version of userv released
------------------------------------------------------------------------ Debian Security Advisory [email protected] http://www.debian.org/security/ Wichert Akkerman July 27, 2000 - ------------------------------------------------------------------------ Package : userv Problem type : local...
[SECURITY] New version of mailx released
---------------------------------------------------------------------------- Debian Security Advisory [email protected] http://www.debian.org/security/ Daniel Jacobowitz June 5, 2000 - ---------------------------------------------------------------------------- Package: mailx Vulnerability:...
[SECURITY] Majordomo will be removed
Package : majordomo Problem type : local exploit Debian-specific: no The majordomo package as shipped in the non-free section accompanying Debian GNU/Linux 2.1/slink allows any local user to trick majordomo into executing arbitrary code or to create or write files as the majordomo user anywhere o...
[SECURITY] Majordomo will be removed
------------------------------------------------------------------------ Debian Security Advisory [email protected] http://www.debian.org/security/ Wichert Akkerman June 3, 2000 - ------------------------------------------------------------------------ Package : majordomo Problem type : local...
Sam Lantinga splitvt 1.6.3 - Local Buffer Overflow
Sam Lantinga splitvt 1.6.3 - Local Buffer Overflow // source: https://www.securityfocus.com/bid/1346/info A buffer overflow condition that could be exploited to obtain root exists in splitvt 1.6.3 and earlier. Splitvt is distributed with several Linux distributions. / Local exploit for Debian...
xsoldier (FreeBSD 3.3/Linux Mandrake 7.0) - Local Buffer Overflow (2)
/ source: https://www.securityfocus.com/bid/871/info Certain versions of FreeBSD 3.3 Confirmed and Linux Mandrake confirmed ship with a vulnerable binary in their X11 games package. The binary/game in question, xsoldier, is a setuid root binary meant to be run via an X windows console. The binary...
Solaris 7 x86 lp exploit.
Setuid proggie /usr/bin/lp has an easily exploitable buffer overflow. This exploit is for Solaris 7 x86 version, no sparc exploit is available to my knowledge. later, DiGiT / solaris 2.7 /usr/bin/lp local exploit, i386. discovered by DiGiT. try offset 150-250 if sploit fails greets: !ADM,...
mtr-0.41 root exploit
/ c 2000 babcia padlina / buffer0verfl0w security www.b0f.com / / freebsd mtr-0.41 local root exploit / include stdio.h include sys/param.h include sys/stat.h include string.h define NOP 0x90 define BUFSIZE 10000 define ADDRS 1200 long getespvoid asm"movl esp, eaxn"; int mainargc, argv int argc;...
Solaris 2.67.0 - lp -d Option Buffer Overflow
Solaris 2.67.0 - lp -d Option Buffer Overflow // source: https://www.securityfocus.com/bid/1143/info A buffer overrun has been discovered in the lp program, as included with Sun's Solaris 7 operating system. By passing well crafted, machine executable code of sufficient length to the -d option of...
Sam Hawker wmcdplay 1.0 beta1-2 - Local Buffer Overflow (1)
Sam Hawker wmcdplay 1.0 beta1-2 - Local Buffer Overflow 1 // source: https://www.securityfocus.com/bid/1047/info wmcdplay is cdplayer generally used with the WindowMaker X11 window-manager on unix systems. While wmcdplay is rarely installed at all by default, when it is installed it is typically...
[SECURITY] New version of mtr released
------------------------------------------------------------------------ Debian Security Advisory [email protected] http://www.debian.org/security/ Wichert Akkerman March 9, 2000 - ------------------------------------------------------------------------ Package: mtr Vulnerability type: possible...
CVE-1999-0730
CVE-1999-0730 concerns the zsoelim program in the Debian man-db package, where a symlink attack allows local users to overwrite files. The vulnerability is described across multiple connected records (Red Hat, CVE listing, NVD) as a local attack with potential complete impact on confidentiality, ...
analogx.www.txt
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Happy New Year! to All!! Local / Remote GET Buffer Overflow Vulnerability in AnalogX SimpleServer:WWW HTTP Server v1.1 USSR Advisory Code: USSR-99029 Release Date: December 31, 1999 5/5 not the original one, original 5/5 will be released 15/01/1900 :...
Netscape Communicator 4.5 - prefs.js Buffer Overflow
// source: https://www.securityfocus.com/bid/893/info Netscape Communicator 4.5 has an unchecked buffer, through which code can be injected for execution via the prefs.js preferences file. This could be exploited locally to run arbitrary code at the privilege level of the current user. The buffer...
SCO Unixware 7.0 - 'xlock(1)' 'Username' Local Buffer Overflow
// source: https://www.securityfocus.com/bid/825/info Certain versions of Unixware ship with a version of xlock which is vulnerable to a buffer overflow attack. The xlock1 program locks the local X display until a username and password are entered. In this instance a user can provide an overly lo...