4103 matches found
Oracle (oidldapd connect) Local Command Line Overflow Exploit
Exploit for linux platform in category local exploits ============================================================= Oracle oidldapd connect Local Command Line Overflow Exploit ============================================================= / Exploit Code for oidldapd in Oracle 8.1.6 8ir2 for Linux....
Joe's Own Editor File Link Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 TITLE: Joe's Own Editor File Link Vulnerability ADVISORY ID: WSIR-00/11-01 CONTACT: Patrik Birgersson, Wkit Security AB CLASS: File Handling Error OBJECT: joe1 exec VENDOR: Josef H. Allen STATUS: Vendor not reachable REMOTE: No LOCAL: Yes DATE:...
[SECURITY] New version of tcsh released
Package: tcsh Vulnerability: local exploit Debian-specific: no Proton reported on bugtraq that tcsh did not handle in-here documents correctly. The version of tcsh that is distributed with Debian GNU/Linux 2.2r0 also suffered from this problem. When using in-here documents using the syntax tcsh...
[SECURITY] New version of tcsh released
------------------------------------------------------------------------ Debian Security Advisory [email protected] http://www.debian.org/security/ Wichert Akkerman November 11, 2000 - ------------------------------------------------------------------------ Package: tcsh Vulnerability: local...
mandrake.urpmi.txt
Local Exploit Issue with: /usr/bin/urpmi The urpmi executable perl script root@localhost /root ls -al /usr/bin/urpmi -rwsr-x--- 1 root urpmi 9352 Apr 4 2000 /usr/bin/urpmi This requires an account in the urpmi group. Possibly physical access to the box as well. On Mandrake 7.1 the package urpmi w...
IIS ASP $19.95 hack - IISHack 1.5
IIS ASP $19.95 hack - IISHack 1.5 Release Date: November 3rd, 2000 Systems Affected: Windows NT 4.0 IIS 4.0 sp6 vulnerable Windows NT 5.0 IIS 5.0 not vulnerable Description: There exists a buffer overflow, that can be exploited to gain SYSTEM level access, within the IIS Internet Information Serv...
ntop 1.x - i Local Format String
source: https://www.securityfocus.com/bid/1840/info ntop network top is a unix program used for displaying network usage statistics. It is often installed setuid root because it uses privileged ports. ntop is vulnerable to a format string vulnerability that can compromise root access locally. If...
ntop 1.x - i Local Format String
ntop 1.x - i Local Format String source: https://www.securityfocus.com/bid/1840/info ntop network top is a unix program used for displaying network usage statistics. It is often installed setuid root because it uses privileged ports. ntop is vulnerable to a format string vulnerability that can...
[SECURITY] New version of nis released
-----BEGIN PGP SIGNED MESSAGE----- - ------------------------------------------------------------------------ Debian Security Advisory [email protected] http://www.debian.org/security/ Wichert Akkerman October 14, 2000 - ------------------------------------------------------------------------...
[SECURITY] New version of nis released
------------------------------------------------------------------------ Debian Security Advisory [email protected] http://www.debian.org/security/ Wichert Akkerman October 14, 2000 - ------------------------------------------------------------------------ Package : nis Problem type : local...
Netscape iCal 2.1 Patch2 - iPlanet iCal csstart Local Privilege Escalation
Netscape iCal 2.1 Patch2 - iPlanet iCal csstart Local Privilege Escalation source: https://www.securityfocus.com/bid/1769/info Netscape's iPlanet iCal application is a network based calendar service built for deployment in organizations which require a centralized calendar system. Certain version...
GnoRPM local /tmp vulnerability
While fixing other problems with the gnorpm package a locally exploitable security hole was found where a normal user could trick root running GnoRPM into writing to arbitary files due to a bug in the gnorpm tmp file handling. A new release of GnoRPM 0.95.1 is now available. This fixes significan...
[SECURITY] glibc update for Debian GNU/Linux 2.1 (update)
Package: glibc Vulnerability: local exploit Debian-specific: no Recently two problems have been found in the glibc suite, which could be used to trick setuid applications to run arbitrary code. An earlier advisory listed the updates for Debian 2.2/potato. This advisory contains updates for Debian...
[SECURITY] glibc update for Debian GNU/Linux 2.1 (update)
------------------------------------------------------------------------ Debian Security Advisory [email protected] http://www.debian.org/security/ Wichert Akkerman September 5, 2000 - ------------------------------------------------------------------------ Package: glibc Vulnerability: local...
[SECURITY] glibc update for Debian GNU/Linux 2.1
Package: glibc Vulnerability: local exploit Debian-specific: no Recently two problems have been found in the glibc suite, which could be used to trick setuid applications to run arbitrary code. An earlier advisory listed the updates for Debian 2.2/potato. This advisory contains updates for Debian...
[SECURITY] glibc update for Debian GNU/Linux 2.1
------------------------------------------------------------------------ Debian Security Advisory [email protected] http://www.debian.org/security/ Wichert Akkerman September 5, 2000 - ------------------------------------------------------------------------ Package: glibc Vulnerability: local...
[SECURITY] new version of screen released
------------------------------------------------------------------------ Debian Security Advisory [email protected] http://www.debian.org/security/ Michael Stone September 2, 2000 - ------------------------------------------------------------------------ Package: screen Vulnerability: local...
[SECURITY] New version of glibc released
------------------------------------------------------------------------ Debian Security Advisory [email protected] http://www.debian.org/security/ Wichert Akkerman September 2, 2000 - ------------------------------------------------------------------------ Package: glibc Vulnerability: local...
[SECURITY] New version of xlockmore/xlockmore-gl released
Package: xlockmore, xlockmore-gl Vulnerability type: local exploit Debian-specific: no There is a format string bug in all versions of xlockmore/xlockmore-gl. Debian 2.1 slink installs xlock setgid by default, and this exploit can be used to gain read access to the shadow file. We recommend...
[SECURITY] New version of mailx released
Package : mailx Problem type : local exploit Debian-specific: no mailx is a often used by other programs to send email. Unfortunately mailx as distributed in Debian GNU/Linux 2.1 has some features that made it possible to execute system commands if a user can trick a privileged program to send...