101 matches found
Ubuntu 4.10 : ntp vulnerability (USN-175-1)
Thomas Biege discovered a flaw in the privilege dropping of the NTP server. When ntpd was configured to drop root privileges, and the group to run under was specified as a name as opposed to a numeric group ID, ntpd changed to the wrong group. Depending on the actual group it changed to, this cou...
[SA17922] Mac OS X Perl "$<" Privilege Dropping Security Issue
TITLE: Mac OS X Perl "$" Privilege Dropping Security Issue SECUNIA ADVISORY ID: SA17922 VERIFY ADVISORY: http://secunia.com/advisories/17922/ CRITICAL: Less critical IMPACT: Security Bypass WHERE: From remote OPERATING SYSTEM: Apple Macintosh OS X http://secunia.com/product/96/ DESCRIPTION: Jason...
USN-175-1: ntp server vulnerability
Thomas Biege discovered a flaw in the privilege dropping of the NTP server. When ntpd was configured to drop root privileges, and the group to run under was specified as a name as opposed to a numeric group ID, ntpd changed to the wrong group. Depending on the actual group it changed to, this cou...
CVE-2005-0072
zhcon before 0.2 does not drop privileges before reading a user configuration file, which allows local users to read arbitrary files...
[SECURITY] [DSA 557-1] New rp-pppoe packages fix potential root compromise
-------------------------------------------------------------------------- Debian Security Advisory DSA 557-1 [email protected] http://www.debian.org/security/ Martin Schulze October 4th, 2004 http://www.debian.org/security/faq -...
Debian DSA-050-1 : sendfile - broken privileges dropping, broken tempfile
Colin Phipps and Daniel Kobras discovered and fixed several serious bugs in the saft daemon sendfiled' which caused it to drop privileges incorrectly. Exploiting this a local user can easily make it execute arbitrary code under root privileges. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...
CVE-2002-1311
Courier sqwebmail before 0.40.0 does not quickly drop privileges after startup in certain cases, which could allow local users to read arbitrary files...
GLSA-200401-02 : Honeyd remote detection vulnerability via a probe packet
The remote host is affected by the vulnerability described in GLSA-200401-02 Honeyd remote detection vulnerability via a probe packet A bug in handling NMAP fingerprints caused Honeyd to reply to TCP packets with both the SYN and RST flags set. Watching for replies, it is possible to detect IP...
CVE-2003-0949
xsok 1.02 does not properly drop privileges before finding and executing the "gunzip" program, which allows local users to execute arbitrary commands...
CVE-2003-0949
xsok 1.02 does not properly drop privileges before finding and executing the "gunzip" program, which allows local users to execute arbitrary commands...
ProFTPd 1.2.71.2.8 - .ASCII File Transfer Buffer Overrun
ProFTPd 1.2.71.2.8 - .ASCII File Transfer Buffer Overrun // source: https://www.securityfocus.com/bid/8679/info A remotely exploitable buffer overrun vulnerability has been reported in ProFTPD. This issue could be triggered if an attacker uploads a malformed file and then that file is downloaded ...
ProFTPd 1.2.7/1.2.8 - '.ASCII' File Transfer Buffer Overrun
// source: https://www.securityfocus.com/bid/8679/info A remotely exploitable buffer overrun vulnerability has been reported in ProFTPD. This issue could be triggered if an attacker uploads a malformed file and then that file is downloaded in ASCII mode. Successful exploitation will permit a...
CVE-2002-0469
Ecartis formerly Listar 1.0.0 in snapshot 20020125 and earlier does not properly drop privileges when Ecartis is installed setuid-root, "lock-to-user" is not set, and ecartis is called by certain MTA's, which could allow local users to gain privileges...
Ecartis/Listar multiple vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Name: Ecartis / Listar Version: read the details Vendor: The Ecartis Project. http://www.ecartis.org/ Author: Janusz Niewiadomski [email protected], Wojciech Purczynski [email protected] Date: March 10, 2002 Issue: ====== Multiple buffer overflow...
CVE-2001-0623
CVE-2001-0623 affects the sendfiled component of SAFT on Linux, where privileges are not properly dropped when sending notification emails, enabling a local user to gain privileges (local privilege escalation). The issue is documented in Debian security advisories DSA-050-1 and DSA-052-1, which d...
[SECURITY] [DSA 052-1] New sendfile packages fix root exploit
---------------------------------------------------------------------------- Debian Security Advisory DSA 052-1 [email protected] http://www.debian.org/security/ Martin Schulze April 23, 2001 - ---------------------------------------------------------------------------- Package : sendfile...
[SECURITY] [DSA 050-1] New version sendfile fix local root exploit
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ---------------------------------------------------------------------------- Debian Security Advisory DSA 050-1 [email protected] http://www.debian.org/security/ Martin Schulze April 20, 2001 -...
[SECURITY] [DSA 050-1] New version sendfile fix local root exploit
---------------------------------------------------------------------------- Debian Security Advisory DSA 050-1 [email protected] http://www.debian.org/security/ Martin Schulze April 20, 2001 - ---------------------------------------------------------------------------- Package : sendfile...
CVE-2000-0525
Overview OpenSSH does not properly drop privileges when the UseLogin option is enabled, which allows local users to execute arbitrary commands by providing the command to the ssh daemon. Remediation There is no fixed version for openssh. References - Archives.neohapsis.com - Openbsd.org - Osvdb.o...
Security Advisory 2000-003
-----BEGIN PGP SIGNED MESSAGE----- NetBSD Security Advisory 2000-003 ================================= Topic: Exploitable Vulnerability in Xlockmore Version: NetBSD pkgsrc prior to 11th May 2000. Severity: xlock can be manipulated to print the shadow password information Abstract ======== The...