2392 matches found
[SECURITY] New versions of termcap-compat fixes buffer overflow
We have received a report that former versions of libtermcap contained an exploitable buffer overflow. Debian itself is not exploitable by this bug since termcap was abandoned in favour of terminfo long ago. However, if you have compiled your own programs using termcap or have installed third par...
RedHat Linux 6.0 Slackware Linux 4.0 - Termcap tgetent() Local Buffer Overflow (2)
RedHat Linux 6.0 Slackware Linux 4.0 - Termcap tgetent Local Buffer Overflow 2 // source: https://www.securityfocus.com/bid/588/info A buffer overflow existed in libtermcap's tgetent function, which could cause the user to execute arbitrary code if they were able to supply their own termcap file...
mother2.sh
!/bin/sh mother2.sh by; syg @ EFnet AKA the bitch who doesnt care to take credit for such a worthless script that doesnt do anything hard, I just wanted to say those other two bitches are dumb as fuck for even sending this to the public and actually making a huge prop header as if it was some sor...
midnight-commander-tty.txt
Date: Sun, 6 Sep 1998 00:53:24 +0200 From: Michal Zalewski To: [email protected] Subject: Sendmail, lynx, Netscape, sshd, Linux kernel twice More kernel 'things' - tty allocation ------------------------------------- Hmm, I've posted it months ago, and I have no idea why it hasn't been approve...
zgv.iopl.txt
Date: Fri, 19 Feb 1999 18:10:00 +0000 From: Chris Evans To: [email protected] Subject: Security hole: "zgv" Overview: "zgv" is an image viewer which runs under SVGAlib at the linux console probably BSD too. It has to be installed suid-root to access graphics hardware. History: "zgv" has a long...
NetBSD 1.4 / OpenBSD 2.5 / Solaris 7.0 - 'profil(2)' Modify The Internal Data Space
/ source: https://www.securityfocus.com/bid/570/info Some BSD's use a profil2 system call that dates back to "version 6" unix. This system call arranges for the kernel to sample the PC and increment an element of an array on every profile clock tick. The security issue stems from the fact that...
CVE-1999-1412
A possible interaction between Apple MacOS X release 1.0 and Apache HTTP server allows remote attackers to cause a denial of service crash via a flood of HTTP GET requests to CGI programs, which generates a large number of processes...
IBM AIX 4.2.1 / Sun Solaris 7.0 - LC_MESSAGES libc Buffer Overflow (1)
source: https://www.securityfocus.com/bid/268/info A buffer overflow in libc's handling of the LCMESSAGES environment variable allows a malicious user to exploit any suid root program linked agains libc to obtain root privileges. This problem is found in both IBM's AIX and Sun Microsystem's...
Oracle 8 - File Access
Oracle 8 - File Access source: https://www.securityfocus.com/bid/170/info A number of security file access security vulnerabilities in suid programs that are part of Oracle may be exploited to obtain the privileges of the 'oracle' user and full access to the database system. Only the Unix version...
Oracle 8 - File Access
source: https://www.securityfocus.com/bid/170/info A number of security file access security vulnerabilities in suid programs that are part of Oracle may be exploited to obtain the privileges of the 'oracle' user and full access to the database system. Only the Unix version of Oracle is vulnerabl...
WebCom datakommunikation Guestbook 0.1 - 'rguest.exe' Arbitrary File Access
source: https://www.securityfocus.com/bid/2024/info The freeware guestbook package from freeware.webcom.se provides a web-based guestbook feature, using CGI. Some versions of this guestbook undetermined at the time of writing are vulnerable to an attack allowing an intruder to retrieve the conten...
CVE-1999-0422
In some cases, NetBSD 1.3.3 mount allows local users to execute programs in some file systems that have the "noexec" flag set...
Compaq Java Applet for Presario SpawnApp - Code Execution
source: https://www.securityfocus.com/bid/557/info Some Compaq computers come with a Java applet called SpawnApp. This applet is used to run Compaq diagnostic utilities from the local hard drive when certain Compaq websites are viewed. The problem is that the applet can run any program, and can b...
Wietse Venema Rpcbind Replacement 2.1 - Denial of Service
Wietse Venema Rpcbind Replacement 2.1 - Denial of Service source: https://www.securityfocus.com/bid/1893/info A remote root vulnerability exists in certain versions of rpcbind portmapper. RPC Remote Procedure Call allows a program to request a service from a program located in another computer in...
Wietse Venema Rpcbind Replacement 2.1 - Denial of Service
source: https://www.securityfocus.com/bid/1893/info A remote root vulnerability exists in certain versions of rpcbind portmapper. RPC Remote Procedure Call allows a program to request a service from a program located in another computer in a network without requiring detailed information on the...
CVE-1999-0343
A malicious Palace server can force a client to execute arbitrary programs...
PT-1998-1082 · Palace · Palace
Name of the Vulnerable Software and Affected Versions: Palace affected versions not specified Description: A malicious server can force a client to execute arbitrary programs. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability...
[SECURITY] New versions of ncurses fixes security problem
We have received a report that using ncurses in setuid programs will give the user a way to open arbitrary files. We recommend you upgrade your ncurses3.4-dev package immediately. dpkg -i file.deb will install the referenced file. Debian GNU/Linux 2.0 alias hamm This version of Debian were releas...
[SECURITY] New versions of ncurses fixes security problem
We have received a report that using ncurses in setuid programs will give the user a way to open arbitrary files. We recommend you upgrade your ncurses3.4-dev package immediately. dpkg -i file.deb will install the referenced file. Debian GNU/Linux 2.0 alias hamm ------------------------------- Th...
CVE-1999-1486
sadc in IBM AIX 4.1 through 4.3, when called from programs such as timex that are setgid adm, allows local users to overwrite arbitrary files via a symlink attack...