RedHat 6.2/7.0 Tmpwatch Arbitrary Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1785/info A vulnerability exists in tmpwatch, a utility which automates the removal of temporary files in unix-like systems. An optional component of tmpwatch, fuser, improperly handles arguments to system library calls. ...

UoW imapd 10.234/12.264 Buffer Overflow Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/1110/info A buffer overflow exists in imapd. The vulnerability exists in the list command. By supplying a long, well-crafted string as the second argument to the list command, it becomes possible to execute code on the...

RedHat 6.1/6.2/7.0/7.1 - Man Cache File Creation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2815/info A vulnerability exists in the 'man' system manual pager program. It is possible for local users to cause man to cache files in the system cache directory from outside of the configured manual page hierarchy sear...

LPRng (RedHat 7.0) lpd Remote Root Format String Exploit

No description provided by source. / Copyright c 2000 - Security.is The following material may be freely redistributed, provided that the code or the disclaimer have not been partly removed, altered or modified in any way. The material is the property of security.is. You are allowed to adopt the...

LPRng 3.6.24-1 Remote Root Exploit

No description provided by source. / REMOTE ROOT EXPLOIT for linux x86 - LPRng-3.6.24-1 RedHat 7.0 The RedHat 7.0 replaced the BSD lpr with the LPRng package which is vulnerable to format string attacks because it passes information to the syslog incorrectly. You can get remote root access on...

xmame gain root exploit

/ --------------------------------------------------------------------------- Web: http://qb0x.net Author: Gabriel A. Maggiotti Date: March 31, 2003 E-mail: [email protected] --------------------------------------------------------------------------- / include stdio.h define OFFSET 1058 defi...

Linuxconf 1.1.x/1.2.x - Local Environment Variable Buffer Overflow (2)

// source: https://www.securityfocus.com/bid/5585/info Linuxconf is a Linux configuration utility from Solucorp. It is typically installed as a setuid root utility for the management and configuration of Linux operating systems. A buffer overflow vulnerability has been reported for Linuxconf. The...

Linuxconf 1.1.x1.2.x - Local Environment Variable Buffer Overflow (2)

Linuxconf 1.1.x1.2.x - Local Environment Variable Buffer Overflow 2 // source: https://www.securityfocus.com/bid/5585/info Linuxconf is a Linux configuration utility from Solucorp. It is typically installed as a setuid root utility for the management and configuration of Linux operating systems. ...

'/usr/bin/at 31337 + vuln' problem + exploit

Affects: /usr/bin/at To check if you are potentially vulnerable to this exploit, execute: /usr/bin/at 31337 + vuln If you are vulnerable this will cause: Segmentation fault If not, there will be a message similar to: Garbled time possibly with some extra information The problem is caused by a bug...

Redhat 7.0 local root (via uucp) (attempt 2)

Affects: RedHat 7.0 possibly others 28 Aug 2001 01:27:24 +1200 uucp vulnerability exposed to vendor 9 Nov 2001 07:14:15 +1300 this makewhatis vulnerability exposed to vendor /usr/sbin/makewhatis An earlier version1 of makewhatis had a fault in the handling of compressed files that allowed executi...

LPRng/rhs-printfilters - remote execution of commands

posted to vendor security ppl, no reply, no patch, so posting here. --begin forwarded message-- RedHat 7.0 possibly others If the lpd is listening on 0.0.0.0 and no access controls are in place, it is possible to execute commands as the lp user, assuming tetex-dvips is installed. From man dvips...

RH 7.0 Crontab exploit - apparently fixed

/ Crontab tmp file race condition http://bugzilla.redhat.com/bugzilla/showbug.cgi?id=37771 Apparently this is fixed. Wonder why it still works. Local exploit Quick and dirty exploit for crontab insecure tmp files Redhat 7.0 - kept up2date with up2date Checked Tue Jun 26 00:15:32 NZST 2001...

man 1.5h10 + man 1.5i-4 exploits

This advisory is also stored, along with the exploits at http://generic.labs.pulltheplug.com/zen/ as man.txt ====================================================================== Local root from /usr/bin/man + /etc/cron.daily/makewhatis.cron Redhat 7.0 Redhat 7.1 on other distributions it may al...

XFree86-xfs-4.0.1-1 DoS

Hello, xfs from the package XFree86-xfs-4.0.1-1 i386.rpm, RedHat 7.0 seems to suffer from a Denial of Service attack. To cause xfs to stop responding for requests, try to do the fillowing: $ telnet victim xfs /dev/urandom Repeat about 100 or 1000 times and you get Connection refused message...

RH7.0: man local gid 15 (man) exploit

======================================================== Vulnerable systems: redhat 7.0 with man-1.5h1-10 default package and earlier. ========================================================= Heap Based Overflow of man via -S option gives GID man. Due to a slight error in a length check, the -S...

minicom exploit

This advisory was posted Wed Apr 11 08:06:49 2001 to bugzilla.redhat.com/bugzilla and became inaccessable not long after. I went to add more information, a couple of days after and had been locked out, so I tried emailing the QAContact this information on Tue Apr 24 , but received no reply. Now...

LPRng 3.6.24-1 - Remote Command Execution

LPRng 3.6.24-1 - Remote Command Execution / REMOTE ROOT EXPLOIT for linux x86 - LPRng-3.6.24-1 RedHat 7.0 The RedHat 7.0 replaced the BSD lpr with the LPRng package which is vulnerable to format string attacks because it passes information to the syslog incorrectly. You can get remote root access...

LPRng 3.6.24-1 - Remote Command Execution

/ REMOTE ROOT EXPLOIT for linux x86 - LPRng-3.6.24-1 RedHat 7.0 The RedHat 7.0 replaced the BSD lpr with the LPRng package which is vulnerable to format string attacks because it passes information to the syslog incorrectly. You can get remote root access on machines running RedHat 7.0 with lpd...

LPRng (RedHat 7.0) - lpd Format String

LPRng RedHat 7.0 - lpd Format String / Copyright c 2000 - Security.is The following material may be freely redistributed, provided that the code or the disclaimer have not been partly removed, altered or modified in any way. The material is the property of security.is. You are allowed to adopt th...

LPRng (RedHat 7.0) lpd Remote Root Format String Exploit

Exploit for linux platform in category remote exploits ======================================================== LPRng RedHat 7.0 lpd Remote Root Format String Exploit ======================================================== / Copyright c 2000 - Security.is The following material may be freely...