8756 matches found
RedHat Linux 6.0 - Single User Mode Authentication
source: https://www.securityfocus.com/bid/1005/info A vulnerability exists in the manner in which RedHat Linux 6.0 protects the obtaining of a shell by booting single user mode. RedHat will prompt for the root password upon entering single user mode. Pressing ^C causing a SIGINT to be sent...
Mandrake 6.x RedHat 6.x Turbolinux 3.5 b24.x6.0.2 userhelperPAM - Path (1)
Mandrake 6.x RedHat 6.x Turbolinux 3.5 b24.x6.0.2 userhelperPAM - Path 1 Mandrake 6.0/6.1,RedHat 6.0/6.1,Turbolinux 3.5 b2/4.2/4.4/6.0.2 userhelper/PAM Path Vulnerability 1 source: https://www.securityfocus.com/bid/913/info Because of double path vulnerabilities in the binary userhelper and PAM, ...
Mandrake 6.x / RedHat 6.x / Turbolinux 3.5 b2/4.x/6.0.2 userhelper/PAM - Path (1)
Mandrake 6.0/6.1,RedHat 6.0/6.1,Turbolinux 3.5 b2/4.2/4.4/6.0.2 userhelper/PAM Path Vulnerability 1 source: https://www.securityfocus.com/bid/913/info Because of double path vulnerabilities in the binary userhelper and PAM, it is possible to get root locally on RedHat 6.0 and 6.1 systems. Both...
ssh-1.2.27-exploit.txt
Ok, here is the exploit for SSH-1.2.27 compiled with RSAREF2. It was tested against sshd running on Linux Redhat 6.0 and OpenBSD 2.6, from a Linux Redhat 6.0 box. Since its a modified ssh client, i will just send the diffs against an unpatched ssh-1.2.27 distribution. and i'll try to explain what...
Linux Kernel 2.0.x (Debian 2.1 / RedHat 5.2) - Packet Length with Options
/ source: https://www.securityfocus.com/bid/870/info Debian 2.1,Linux kernel 2.0.34/2.0.35/2.0.36/2.0.37/2.0.38,RedHat 5.2 i386 Packet Length with Options Vulnerability A vulnerability in the Linux kernel's TCP/IP allows local users to crash, hang or corrupt the system. A local user can crash, ha...
OpenLinux 2.32.4 RedHat 6.06.1 SCO eServer 2.3 - Denial of Service
OpenLinux 2.32.4 RedHat 6.06.1 SCO eServer 2.3 - Denial of Service // source: https://www.securityfocus.com/bid/1377/info gpm is a program that allows Linux users to use the mouse in virtual consoles. It communicates with a device, /dev/gpmctl, via unix domain STREAM sockets and is vulnerable to ...
OpenLinux 2.3/2.4 / RedHat 6.0/6.1 / SCO eServer 2.3 - Denial of Service
// source: https://www.securityfocus.com/bid/1377/info gpm is a program that allows Linux users to use the mouse in virtual consoles. It communicates with a device, /dev/gpmctl, via unix domain STREAM sockets and is vulnerable to a locally exploitable denial of service attack. If a malicious user...
nfsd.linux.txt
Hi, this is voice of lam3rZ .pl -- Introduction - After reading lcamtuf's posts I decided write this one. Few months ago one of my friends - digit - found bug in linux nfsd daemon. I made example sploit about IV 1999. Now in distributions is new nfsd and nowhere was information about security...
upgrade.sendmail.8x.txt
Seems to me there's something really bad about software vendors. First of all, if author of program finds bug in it - even when this bug seems to be nasty - very often, he'll silently fix it, even without mentioning it in CHANGES blessed those who put there text like 'some security fixes', at lea...
amanda.backup.txt
OVERVIEW: The Amanda backup package has a several vulnerabilities which will allow any user to gain root privs. BACKGROUND: My tests were done ONLY on FreeBSD 3.3-RELEASE, though this is almost certainly not the only vulnerable OS. A search for "amanda-2 and not freebsd" on altavista yields...
SSH.1.2.27.DOS.txt
SSH 1.2.27 DOS: o SSH has the option of setting up "authentication sockets", used to pass authentication keys securely. When this is used, a socket is created on both client and server machines; the socket created on the server uses an often easy to guess filename based on the PID... The creation...
portmap.txt
Subject: portmap.c Trojan To: [email protected] Trojan being spread to clueless kiddies, claims to exploit portmap on Redhat boxes, really adds a rootshell to your inetd.conf file and sends other info like your ip address by executing ifconfig, it sends this mail to [email protected] Co...
proftpd_exploit.txt
Subject: ProFTPD To: [email protected] / !!!! Private .. ... distribute !!!! proftpd-1.2.0 remote root exploit beta2 Still need some code, but it works fine Offset: Linux Redhat 6.0 0 - proftpd-1.2.0pre1 0 - proftpd-1.2.0pre2 0 - proftpd-1.2.0pre3 If this dont work, try changing the align...
libtermcap_exploit.txt
Subject: local libtermcap exploit To: [email protected] Well, I wrote this a little while back. This is a serious bug, so people should be able to test their systems properly. All admins should definitely upgrade to the newest libtermcap. - sk8 of LS / Local exploit for suid root programs...
VMWare_exploit.txt
Subject: Re: VMWare Advisory.. - exploit To: [email protected] / VMware v1.0.1 root sploit funkySh 02/07/99 1. Redhat 5.2 2.2.9 offset 800-1100 2. offset 1600-2200 1. Slackware 3.6 2.2.9 offset 0 2. offset ? 1 - started from xterm on localhost 2 - started from telnet, with valid display /...
amd_exploit.txt
Subject: SDI AMD remote exploit for RH linux To: [email protected] Here is the exploit for the AMD vulnerability. You may choose to send the information via UDP or TCP, or even to bypasse the portmap by specifing the automount port. ------------------------------------ / SDI rpc.AMD...
ISC INN 2.2 RedHat Linux 6.0 - inews Buffer Overflow
ISC INN 2.2 RedHat Linux 6.0 - inews Buffer Overflow // source: https://www.securityfocus.com/bid/616/info INN versions 2.2 and earlier have a buffer overflow-related security condition in the inews program. inews is a program used to inject new postings into the news system. It is used by many...
ISC INN 2.2 / RedHat Linux 6.0 - inews Buffer Overflow
// source: https://www.securityfocus.com/bid/616/info INN versions 2.2 and earlier have a buffer overflow-related security condition in the inews program. inews is a program used to inject new postings into the news system. It is used by many news reading programs and scripts. The default...
BSDOS 3.14.0.1 FreeBSD 3.03.13.2 RedHat Linux 6.0 - amd Remote Buffer Overflow (1)
BSDOS 3.14.0.1 FreeBSD 3.03.13.2 RedHat Linux 6.0 - amd Remote Buffer Overflow 1 // source: https://www.securityfocus.com/bid/614/info There is a remotely exploitable buffer overflow condition in the amd daemon under several operating systems. Amd is a daemon that automatically mounts filesystems...
RedHat Linux 4.25.26.0 S.u.S.E Linux 6.06.1 - Cron Buffer Overflow (1)
RedHat Linux 4.25.26.0 S.u.S.E Linux 6.06.1 - Cron Buffer Overflow 1 // source: https://www.securityfocus.com/bid/602/info The version of Vixie cron that ships with RedHat versions 4.2, 5.2 and 6.0 is vulnerable to a local buffer overflow attack. By utilizing the MAILTO environment variable, a...