4067 matches found
[SECURITY] glibc update for Debian GNU/Linux 2.1
------------------------------------------------------------------------ Debian Security Advisory [email protected] http://www.debian.org/security/ Wichert Akkerman September 5, 2000 - ------------------------------------------------------------------------ Package: glibc Vulnerability: local...
[SECURITY] New version of glibc released
------------------------------------------------------------------------ Debian Security Advisory [email protected] http://www.debian.org/security/ Wichert Akkerman September 2, 2000 - ------------------------------------------------------------------------ Package: glibc Vulnerability: local...
[SECURITY] New version of xlockmore/xlockmore-gl released
Package: xlockmore, xlockmore-gl Vulnerability type: local exploit Debian-specific: no There is a format string bug in all versions of xlockmore/xlockmore-gl. Debian 2.1 slink installs xlock setgid by default, and this exploit can be used to gain read access to the shadow file. We recommend...
[SECURITY] New version of mailx released
Package : mailx Problem type : local exploit Debian-specific: no mailx is a often used by other programs to send email. Unfortunately mailx as distributed in Debian GNU/Linux 2.1 has some features that made it possible to execute system commands if a user can trick a privileged program to send...
[SECURITY] New version of mailx released
------------------------------------------------------------------------ Debian Security Advisory [email protected] http://www.debian.org/security/ Wichert Akkerman August 8, 2000 - ------------------------------------------------------------------------ Package : mailx Problem type : local...
[SECURITY] New version of userv released
-----BEGIN PGP SIGNED MESSAGE----- - ------------------------------------------------------------------------ Debian Security Advisory [email protected] http://www.debian.org/security/ Wichert Akkerman July 27, 2000 - ------------------------------------------------------------------------...
[SECURITY] New version of userv released
Package : userv Problem type : local exploit Debian-specific: no The version of userv that was distributed with Debian GNU/Linux 2.1 / slink had a problem in the fd swapping algorithm: it could sometimes make an out-of-bounds array reference. It might be possible for local users to abuse this to...
[SECURITY] New version of userv released
------------------------------------------------------------------------ Debian Security Advisory [email protected] http://www.debian.org/security/ Wichert Akkerman July 27, 2000 - ------------------------------------------------------------------------ Package : userv Problem type : local...
[SECURITY] New version of mailx released
---------------------------------------------------------------------------- Debian Security Advisory [email protected] http://www.debian.org/security/ Daniel Jacobowitz June 5, 2000 - ---------------------------------------------------------------------------- Package: mailx Vulnerability:...
[SECURITY] Majordomo will be removed
Package : majordomo Problem type : local exploit Debian-specific: no The majordomo package as shipped in the non-free section accompanying Debian GNU/Linux 2.1/slink allows any local user to trick majordomo into executing arbitrary code or to create or write files as the majordomo user anywhere o...
[SECURITY] Majordomo will be removed
------------------------------------------------------------------------ Debian Security Advisory [email protected] http://www.debian.org/security/ Wichert Akkerman June 3, 2000 - ------------------------------------------------------------------------ Package : majordomo Problem type : local...
Sam Lantinga splitvt 1.6.3 - Local Buffer Overflow
Sam Lantinga splitvt 1.6.3 - Local Buffer Overflow // source: https://www.securityfocus.com/bid/1346/info A buffer overflow condition that could be exploited to obtain root exists in splitvt 1.6.3 and earlier. Splitvt is distributed with several Linux distributions. / Local exploit for Debian...
xsoldier (FreeBSD 3.3/Linux Mandrake 7.0) - Local Buffer Overflow (2)
/ source: https://www.securityfocus.com/bid/871/info Certain versions of FreeBSD 3.3 Confirmed and Linux Mandrake confirmed ship with a vulnerable binary in their X11 games package. The binary/game in question, xsoldier, is a setuid root binary meant to be run via an X windows console. The binary...
Solaris 7 x86 lp exploit.
Setuid proggie /usr/bin/lp has an easily exploitable buffer overflow. This exploit is for Solaris 7 x86 version, no sparc exploit is available to my knowledge. later, DiGiT / solaris 2.7 /usr/bin/lp local exploit, i386. discovered by DiGiT. try offset 150-250 if sploit fails greets: !ADM,...
mtr-0.41 root exploit
/ c 2000 babcia padlina / buffer0verfl0w security www.b0f.com / / freebsd mtr-0.41 local root exploit / include stdio.h include sys/param.h include sys/stat.h include string.h define NOP 0x90 define BUFSIZE 10000 define ADDRS 1200 long getespvoid asm"movl esp, eaxn"; int mainargc, argv int argc;...
Solaris 2.67.0 - lp -d Option Buffer Overflow
Solaris 2.67.0 - lp -d Option Buffer Overflow // source: https://www.securityfocus.com/bid/1143/info A buffer overrun has been discovered in the lp program, as included with Sun's Solaris 7 operating system. By passing well crafted, machine executable code of sufficient length to the -d option of...
Sam Hawker wmcdplay 1.0 beta1-2 - Local Buffer Overflow (1)
Sam Hawker wmcdplay 1.0 beta1-2 - Local Buffer Overflow 1 // source: https://www.securityfocus.com/bid/1047/info wmcdplay is cdplayer generally used with the WindowMaker X11 window-manager on unix systems. While wmcdplay is rarely installed at all by default, when it is installed it is typically...
[SECURITY] New version of mtr released
------------------------------------------------------------------------ Debian Security Advisory [email protected] http://www.debian.org/security/ Wichert Akkerman March 9, 2000 - ------------------------------------------------------------------------ Package: mtr Vulnerability type: possible...
CVE-1999-0730
CVE-1999-0730 concerns the zsoelim program in the Debian man-db package, where a symlink attack allows local users to overwrite files. The vulnerability is described across multiple connected records (Red Hat, CVE listing, NVD) as a local attack with potential complete impact on confidentiality, ...
analogx.www.txt
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Happy New Year! to All!! Local / Remote GET Buffer Overflow Vulnerability in AnalogX SimpleServer:WWW HTTP Server v1.1 USSR Advisory Code: USSR-99029 Release Date: December 31, 1999 5/5 not the original one, original 5/5 will be released 15/01/1900 :...