50 matches found
Xmame 0.102 - '-pb/-lang/-rec' Local Buffer Overflow
/ xmame-expl.c by sj [email protected] On 20th of Jan it came to my attention that Xmame suffered from several buffer overflow problems. Thinking this issue was resolved, I installed Xmame on my Ubuntu laptop, from the Ubuntu repositories which installed a vulnerable version of Xmame. This is what...
Debian DSA-438-1 : linux-kernel-2.4.18-alpha+i386+powerpc - missing function return value check
Paul Starzetz and Wojciech Purczynski of isec.pl discovered a critical security vulnerability in the memory management code of Linux inside the mremap2 system call. Due to missing function return value check of internal functions a local attacker can gain root privileges. %NASLMINLEVEL 70300 C...
Solaris 2.6 (x86) : 108493-01
SunOS 5.6x86: Snoop may be exploited to gain root access. Date this patch was last updated by Sun : Dec/07/99 %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/09/17. C Tenable Network Security,...
Solaris 2.6 (sparc) : 108492-01
SunOS 5.6: Snoop may be exploited to gain root access. Date this patch was last updated by Sun : Dec/07/99 %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/09/17. C Tenable Network Security, Inc...
SunOS versions of sendmail use popen to return undeliverable mail
Overview Older versions of sendmail circa 1995 incorrectly used popen to process certain arguments. Description There is a problem with the way that the older circa 1995 versions of Sun Microsystems, Inc. version of sendmail processes the -oR option. This problem has been verified as existing in...
WsMp3d 0.x - Remote Heap Overflow
WsMp3d 0.x - Remote Heap Overflow / Title: Remote Heap Corruption Overflow vulnerability in WsMp3d + Exploit: 0x82-Remote.WsMp3d.again.c bash$ ./0x82--Remote.WsMp3d.again -h 61.37.xxx.xx -t2 WsMp3 Server Heap Corruption Remote root exploit by Xpl017Elz. + Hostname: 61.37.xxx.xx + Port num: 8000 +...
Critical: Red Hat Security Advisory: : Updated kerberos packages available
A remotely exploitable stack buffer overflow has been found in the Kerberos v4 compatibility administration daemon distributed with the Red Hat Linux krb5 packages. Kerberos is a network authentication system. A stack buffer overflow has been found in the implementation of the Kerberos v4...
[SECURITY] [DSA 137-1] New mm packages fix insecure temporary file creation
-------------------------------------------------------------------------- Debian Security Advisory DSA 137-1 [email protected] http://www.debian.org/security/ Martin Schulze July 30th, 2002 - -------------------------------------------------------------------------- Package : mm Vulnerability...
Grsecurity Kernel Patch 1.9.4 (Linux Kernel) - Memory Protection
Grsecurity Kernel Patch 1.9.4 Linux Kernel - Memory Protection source: https://www.securityfocus.com/bid/4762/info An attacker with root access may be able to write to kernel memory in spite of the security patch provided by grsecurity. The patch operates by redirecting the write system call, whe...
OpenBSD local DoS and root exploit
The following is research material from FozZy from Hackademy and Hackerz Voice newspaper http://www.hackerzvoice.org, and can be distributed modified or not if proper credits are given to them. For educational purposes only, no warranty of any kind, I may be wrong, this post could kill you mail...
CylantSecure 1.0 - Kernel Module Syscall Rerouting
CylantSecure 1.0 - Kernel Module Syscall Rerouting / source: https://www.securityfocus.com/bid/2958/info CylantSecure is a commercial Linux hardening tool and security infrastructure available from Cylant Technology. A problem in the CylantSecure infrastructure could allow users to escape...
FreeBSD 4.2-stable - FTPd glob() Remote Buffer Overflow
FreeBSD 4.2-stable - FTPd glob Remote Buffer Overflow source: https://www.securityfocus.com/bid/2548/info The BSD ftp daemon and derivatives such as IRIX ftpd or the ftp daemon shipped with Kerberos 5 contain a number of buffer overflows that may lead to a compromise of root access to malicious...
SSH CRC-32 Compensation Attack Remote Overflow
The remote host is running a version of SSH that is older than version 1.2.32, or a version of OpenSSH that is older than 2.3.0. The remote version of this software is vulnerable to a flaw known as a 'CRC-32 compensation attack' that could allow an attacker to gain a root shell on this host. C...
Vulnerability in jaZip.
Dear, Bugtraq. jaZip is a program for managing an Iomega Zip or Jaz drive. It is often installed setuid root - and because of a buffer overflow it is possible for regular users to become root. Please excuse me if this was know. Please note that I can not guarantee that this information is correct...
Client Agent 6.62 for Unix Vulnerability
Client Agent 6.62 for Unix Vulnerability Hi all, Excuse-me for my poor english : I discover a vulnerability in Client Agent 6.62 for Unix. It's tested on a Debian 2.2.14 Perhaps it doesn't important. Introduction -------------- Client Agent has a hole allowing to execute an arbitrary code by root...
Corel Linux OS 1.0 - Dosemu Distribution Configuration
source: https://www.securityfocus.com/bid/1030/info A vulnerability exists in the configuration of Dosemu, the DOS emulator, as shipped with Corel Linux 1.0. Dosemu documentation cautions that the system.com binary should not be made available to users, as it implements the system libc call. User...
CVE-1999-0126
SGI IRIX buffer overflow in xterm and Xaw allows root access...
CVE-1999-0334
In Solaris 2.2 and 2.3, when fsck fails on startup, it allows a local user with physical access to obtain root access...
CVE-1999-0206
MIME buffer overflow in Sendmail 8.8.0 and 8.8.1 gives root access...
CVE-1999-0122
Buffer overflow in AIX lchangelv gives root access...