4853 matches found
CVE-2001-0141
CVE-2001-0141 affects mgetty: multiple sources confirm insecure temporary-file handling that allows local users to overwrite arbitrary files via a symlink attack in certain configurations. Vulnerable until versions before 1.1.24 (Mandrake/MDKSA-2001:009; Debian DSA-011-2 notes patch in 1.1.21-3po...
CVE-2001-0142
CVE-2001-0142 affects squid 2.3 and earlier. The issue is a local symlink/race condition that can cause local users to overwrite arbitrary files via temporary file handling in certain configurations. Impact is described as local privilege/content modification without remote access; CVSS reflects ...
CVE-2001-0261
CVE-2001-0261 affects Microsoft Windows 2000 Encrypted File System. The issue is that backups of encrypted files are not properly destroyed, allowing a local attacker to recover the plaintext. The NVD entry assigns a low impact with partial confidentiality loss (CVSS v2 base score 2.1, LOCAL acce...
Serious Pitbull LX Vulnerability
Background: Back in February, eWeek and Argus Systems held OpenHack III. "Pitbull vs The Worlds Toughest". With much hype the contest came and went. The result? "17 days, 40,000 Challengers, 5.4 Million Punches and 1 E-Security Champion". As 'the first product to withstand an OpenHack unscathed'...
Локальный DoS против Windows NT (mutex)
Пользователь может захватить все mutex-объекты, после чего другие приложения не смогут работать с сетью...
Solaris 2.6/2.7 - '/usr/bin/write' Local Overflow
include include / /usr/bin/write overflow proof of conecpt. Tested on Solaris 7 x86 Pablo Sor, Buenos Aires, Argentina. 01/2000 [email protected] usage: write-exp shelloffset retaddroffset default offset should work. / long getesp asm"movl %esp,%eax"; char shell =...
CVE-2000-0996
CVE-2000-0996: A format-string vulnerability in the OpenBSD su utility (and possibly other BSD-based OSes) allows a local attacker to gain root privileges via a malformed shell. The issue is described in the NVD entry with a CVSS v2 base score of 7.2 (HIGH) and LOCAL, LOW–complexity conditions, e...
CVE-2000-1031
Technical details of CVE-2000-1031 are not publicly provided in the supplied documents; monitor for updates.
CVE-2000-1103
rcvtty in BSD 3.0 and 4.0 does not properly drop privileges before executing a script, which allows local attackers to gain privileges by specifying an alternate Trojan horse script on the command line...
CVE-2000-1103
rcvtty in BSD 3.0 and 4.0 does not properly drop privileges before executing a script, which allows local attackers to gain privileges by specifying an alternate Trojan horse script on the command line...
CVE-2000-1103
CVE-2000-1103 affects BSD 3.0/4.0; the rcvtty program does not drop privileges before executing a script, enabling local privilege escalation by supplying an alternate Trojan horse script on the command line. CVSS base score 7.2 (HIGH) from NVD indicates complete impact to confidentiality, integr...
AnalogX Proxy Server Buffer Overflow Vulnerability
From "zer0-logic" [email protected]: Network Security Solutions Inc. Security Advisory Philippine based Security Company Http://www.nssolution.net Http://connect.to/nssi AnalogX Proxy Server DoS/Buffer Overflow Vulnerabilty Author: Abraham Lincoln H. Handle: zer0logic Email :...
CVE-2000-0880
The CVE-2000-0880 entry concerns LPPlus creating the lpdprocess file with world-writable permissions, which allows local users to kill arbitrary processes by specifying a process ID and using the setuid dcclpdshut program to terminate the specified process. Impact is local access and partial inte...
CVE-2000-0468
man in HP-UX 10.20 and 11 allows local attackers to overwrite files via a symlink attack...
CVE-2000-0318
Atrium Mercur Mail Server 3.2 allows local attackers to read other user's email and create arbitrary files via a dot dot .. attack...
CVE-2000-0695
The CVE-2000-0695 entry relates to buffer overflows in the pgxconfig component of the Raptor GFX configuration tool, enabling local users to escalate privileges via crafted command line options. Affected software is the pgxconfig utility within Raptor GFX; the underlying issue is a buffer overflo...
IRIX 6.5.x - usrsbindmplay Local Buffer Overflow
IRIX 6.5.x - usrsbindmplay Local Buffer Overflow / source: https://www.securityfocus.com/bid/1528/info Certain versions of IRIX ship with a version of dmplay which is vulnerable to a buffer overflow attack. The program, dmplay, is used to play movie files under IRIX. The problem at hand is the wa...
Дырки в Secure desktop
Локальные и удаленный возможности для DoS-атаки, включая подмену адреса default gateway...
CVE-2000-0468
man in HP-UX 10.20 and 11 allows local attackers to overwrite files via a symlink attack...
CVE-2000-0224
The CVE-2000-0224 entry refers to ARCserve agent on SCO UnixWare 7.x. The vulnerability is a local privilege escalation via a symlink attack that could allow a local attacker to obtain root privileges. The description clearly states the affected product/component and the root cause (symlink-relat...