1289 matches found
Sun Solaris Dtsession本地缓冲区溢出漏洞
Sun Solaris是一款商业性质的操作系统。 Sun Solaris包含的通用桌面环境会话管理程序dtsession1X存在缓冲区溢出,本地攻击者可以利用漏洞获得ROOT特权。 目前没有详细漏洞细节提供。 Sun Solaris 9x86 Sun Solaris 9 Sun Solaris 8x86 Sun Solaris 8 Sun Solaris 10x86 Sun Solaris 10 Sun Solaris 9x86 Sun Solaris 9x86...
Immunity Canvas: SOLARIS_TELNET
Name| solaristelnet ---|--- CVE| CVE-2007-0882 Exploit Pack| CANVAS Description| solaristelnet Notes| References: 'http://sunsolve.sun.com/search/document.do?assetkey=1-26-102802-1', 'http://blogs.sun.com/tpenta/entry/theintelnetdvulnerabilityexploit', 'http://blogs.zdnet.com/security/?p=31',...
Important: Red Hat Security Advisory: XFree86 security update
Updated XFree86 packages that fix a security issue are now available for Red Hat Enterprise Linux 2.1 and 3. This update has been rated as having important security impact by the Red Hat Security Response Team. XFree86 is an implementation of the X Window System, which provides the core...
BSDi 3.0 inc Local Root Buffer Overflow Exploit
No description provided by source. / BSDiincmh buffer overflow, by [email protected]. this is will give you euid=0root on BSDi/3.0 systems. / define PATH "/usr/contrib/mh/bin/inc" / path to inc on BSDi/3.0 / define BUFFER 2048 / no need to change this. / define DEFAULTOFFSET -7000 / generalized...
CVE-2006-5483
The CVE affects FreeBSD 6.1, where p1003_1b.c allows a local user to cause an unspecified denial of service by altering a scheduler policy that should be settable only by root. The underlying cause is improper access control on the scheduler policy configuration, enabling a local DoS condition. N...
security flaw
Unspecified vulnerability in the sctpmakeabortuser function in the SCTP implementation in Linux 2.6.x before 2.6.17.10 and 2.4.23 up to 2.4.33 allows local users to cause a denial of service panic and possibly gain root privileges via unknown attack vectors...
rPSA-2006-0082-1 vixie-cron
rPath Security Advisory: 2006-0082-1 Published: 2006-05-25 Products: rPath Linux 1 Rating: Critical Exposure Level Classification: Local Root Deterministic Privilege Escalation Updated Versions: vixie-cron=/conary.rpath.com@rpl:devel//1/4.1-5.2-1 References:...
CVE-2006-2607
CVE-2006-2607 refers to a local privilege escalation in vixie-cron 4.1 where do_command.c does not check the return value of setuid(), potentially allowing a root gain if setuid() fails (e.g., PAM limits or resource limits). Connected advisories confirm this vulnerability and document patches/ups...
NSFOCUS SA2006-02 : IBM AIX mklvcopy Local Privilege Escalation Vulnerability
NSFOCUS Security Advisory SA2006-02 IBM AIX mklvcopy Local Privilege Escalation Vulnerability Release Date: 2006-04-24 CVE ID: CVE-2006-1246 http://www.nsfocus.com/english/homepage/research/0602.htm Affected systems & software =================== IBM AIX 5.3 Unaffected systems & software...
CVE-2006-1656
vserver in util-vserver 0.30.209 executes a command as root when the suexec userid parameter is invalid and non-numeric, which might cause local users to inadvertently execute dangerous commands as root...
Ubuntu 4.10 : linux-source-2.6.8.1 vulnerability (USN-39-1)
USN-30-1 fixed several flaws in the Linux ELF binary loader's handling of setuid binaries. Unfortunately it was found that these patches were not sufficient to prevent all possible attacks on 64-bit platforms, so previous amd64 kernel images were still vulnerable to root privilege escalation if...
CVE-2005-3784
CVE-2005-3784 concerns the Linux kernel 2.6.x series: auto-reap of child processes can include ptrace-attached children, causing a dangling ptrace reference that leads to local denial of service (crash) and potential root privileges. The description specifies the vulnerable condition is present i...
Linux Kernel 2.4/2.6 bluez Local Root Privilege Escalation Exploit (update)
Exploit for linux platform in category local exploits =========================================================================== Linux Kernel 2.4/2.6 bluez Local Root Privilege Escalation Exploit update =========================================================================== / Due to many...
XMail 1.21 (-t Command Line Option) Local Root Buffer Overflow Exploit
No description provided by source. / XMail 1.21 'sendmail' local exploit ret-into-libc Yields uid root || gid mail By qaaz at centrum dot cz, 2005 / include stdio.h include stdlib.h include unistd.h include string.h include signal.h include sys/types.h include sys/wait.h include sys/select.h defi...
ppxp -- local root exploit
A Debian Advisory reports: Jens Steube discovered that ppxp, yet another PPP program, does not release root privileges when opening potentially user supplied log files. This can be tricked into opening a root shell...
CVE-2004-1452
Tomcat before 5.0.27-r3 in Gentoo Linux sets the default permissions on the init scripts as tomcat:tomcat, but executes the scripts with root privileges, which could allow local users in the tomcat group to execute arbitrary commands as root by modifying the scripts...
Important: Red Hat Security Advisory: perl security update
Updated Perl packages that fix several security issues are now available for Red Hat Enterprise Linux 3. Perl is a high-level programming language commonly used for system administration utilities and Web programming. Kevin Finisterre discovered a stack based buffer overflow flaw in sperl, the Pe...
CVE-2004-0793
The calendar program in bsdmainutils 6.0 through 6.0.14 does not drop root privileges when executed with the -a flag, which allows attackers to execute arbitrary commands via a calendar event file...
CDRecord's ReadCD Local Root Privileges
Exploit for linux platform in category local exploits ======================================= CDRecord's ReadCD Local Root Privileges ======================================= !/bin/bash echo "readcd-exp.sh -- ReadCD local exploit Test on cdrecord-2.01-0.a27.2mdk" echo "Author : newbug at chroot.or...
Mandrake Linux Security Advisory : kernel (MDKSA-2001:079-2)
Alexander Viro discovered a vulnerability in the devfs implementation that is shipped with Mandrake Linux 8.1. We are aware of the problem and are currently working on a solution. As a workaround, until an update becomes available, please boot with the devfs=nomount option. Rafal Wojtczuk found a...