7 matches found
PT-2025-30917
Name of the Vulnerable Software and Affected Versions GitLab EE versions 16.6 through 18.2.7 GitLab EE versions 18.3 through 18.3.3 GitLab EE versions 18.4 through 18.4.1 sudo affected versions not specified Description A security issue exists in GitLab EE where Project Maintainers can assign...
HP CIFS9000 Server A.01.05A.01.06 - Local Buffer Overflow
HP CIFS9000 Server A.01.05A.01.06 - Local Buffer Overflow // source: https://www.securityfocus.com/bid/5088/info A vulnerability has been reported in the /opt/cifsclient/bin/cifslogin utility distributed with CIFS/9000. The utility is prone to several buffer overflow conditions and may lead to ro...
unixware.pkg.exploits.txt
Greetings, OVERVIEW Most of UnixWare's pkg commands can be exploited to print /etc/shadow, leading to a probable root compromise. BACKGROUND Only tested on UnixWare 7.1. DETAILS The permissions for the UnixWare pkg commands are as follows: bash-2.02$ ls -la /usr/sbin/pkgchk /usr/bin/pkginfo...
cfingerd.txt
Date: Thu, 23 Jul 1998 23:48:21 -0500 From: John Goerzen Subject: CFINGERD root security hole SUMMARY ------- I have found out that cfingerd 1.3.2 contains a security hole that could lead to easy root compromise for any user that has an account on the local machine, but only if ALLOWEXECUTION is...
snplog.bof.txt
Date: Tue, 16 Feb 1999 00:42:49 +0000 From: Rupert Weber-Henschel To: [email protected] Subject: snplog-1.0 buffer overflow There is a possible buffer overflow in snplog-1.0. Or is it 0.1? The tar file is 0.1, the docs say 1.0. % snplog contains tcplogd, icmplogd, udplogd The offending code is...
IRIX 6.26.3 - binlpstat Local Buffer Overflow
IRIX 6.26.3 - binlpstat Local Buffer Overflow / source: https://www.securityfocus.com/bid/1529/info Certain versions of IRIX ship with a version of lpstat which is vulnerable to a buffer overflow attack. The program, lpstat, is used to check the status of the printer being used by the IRIX machin...
SGI IRIX 6.4 - 'xfsdump' Local Privilege Escalation
source: https://www.securityfocus.com/bid/472/info The xfsdump program shipped with Irix 5.x and 6.x from SGI contains a vulnerability which could lead to root compromise. By creating a log file in /usr/tmp called bck.log, a user could create a symbolic link from this file to any file they wish t...