120 matches found
Локальный root в InPerson
No description provided...
Security Advisory: FreeBSD-SA-00:58.chpass
-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-00:58 Security Advisory FreeBSD, Inc. Topic: chpass family contains local root vulnerability Category: core Module: chfn/chpass/chsh/ypchfn/ypchpass/ypchsh/passwd Announced:...
FreeBSD-SA-00:58.chpass
-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-00:58 Security Advisory FreeBSD, Inc. Topic: chpass family contains local root vulnerability Category: core Module: chfn/chpass/chsh/ypchfn/ypchpass/ypchsh/passwd Announced:...
PT-2000-1640 · Pccs · Pccs Mysqldatabase Admin Tool Manager
Name of the Vulnerable Software and Affected Versions: PCCS MySQLDatabase Admin Tool Manager versions 1.2.4 and earlier Description: The issue allows remote attackers to obtain sensitive information, such as the administrative password, because the file dbconnect.inc is installed within the web...
LPPlus 3.2.23.3 - dccscan Unprivileged read
LPPlus 3.2.23.3 - dccscan Unprivileged read source: https://www.securityfocus.com/bid/1644/info $LPHOME/bin/dccscan is suid-root and can be executed by any user. It is possible for an unprivileged user to print files to which he does not have read access. In testing, this works even for printers ...
012.txt
From [email protected] Wed Aug 2 11:08:46 2000 Return-Path: Date: Mon, 2 Aug 0100 11:56:57 +0000 Reply-To: [email protected] Sender: Bugtraq List From: [email protected] Subject: Local root compromise in PGX Config Sun Sparc Solaris To: [email protected] hi guys and gals yeah heres...
Удаленный root в proftpd
Дырка похожая на аналогичную в WU, связана с использованием ввода пользователя в качестве форматной строки...
Удаленный root через ISC DHCP
No description provided...
Security Advisory: REMOTE ROOT VULNERABILITY IN GSSFTP DAEMON
-----BEGIN PGP SIGNED MESSAGE----- REMOTE ROOT VULNERABILITY IN GSSFTP DAEMON 2000-06-14 SUMMARY: A remote user may execute certain FTP commands without authorization. IMPACT: A remote user may perform denial of service attacks. An attacker with access to a local account may gain unauthorized roo...
Local root vulnerability in most used Linux kernels
There is a zeroday exploit for kernel in hands of scriptkiddies. After they rooted locally 2 system which I've intrest and did dd if=/dev/zero of=/dev/hda1 & on both, I spended 7 hours to finding fragments we really need easies tools LDE with GUI block search capabilities This with help of Peter ...
Remote root против antisniff
Некорректное преобразование типов данных позволяет обойти проверку на размер строки и переполнить буфер...
AT Computing atsar_linux 1.4 - File Manipulation
source: https://www.securityfocus.com/bid/1048/info atsar is a linux load monitoring software package released under the GPL by AT Computing. atsadc is a setuid root binary that is included in the atsar package. atsadc is setuid because it obtains informatin via /dev/kmem. atsadc will accept as a...
wmmon.freebsd.txt
Posted Tuesday, December 21, 1999 - 16:41 by reid: Steve Reid wrote: Wmmon is a popular program for monitoring CPU load and other system utilization. It runs as a dockapp under WindowMaker. The FreeBSD version of this program has a feature that can be trivially exploited to gain group kmem in...
pepsi.txt
-----BEGIN PGP SIGNED HUMOR----- Hash: SHA1 It seems cans of Pepsi and Diet Pepsi have a possible remote root problem on them. While recently eyeing a can of coke while sitting on my terminal I noticed that I could actually drink from it while standing at a distance of at least 3 feet. The sploit...
LPRng.txt
Subject: Security problem with LPRng To: [email protected] Hi all, During some recent work I've been doing with LPRng, I found that is is possible on a default LPRng installation to control the print queues on the LPRng server. Most default installations allow the root user at the localhost to...
rxvt.sh
There is a major security hole in rxvt, a terminal emulator for X, when it is run on systems suid root, as is required on many configurations in order to write to the utmp file. It is obvious from the code that this program was not written to be run suid root, its a pity that sysadmins that insta...
Wietse Venema Rpcbind Replacement 2.1 - Denial of Service
source: https://www.securityfocus.com/bid/1893/info A remote root vulnerability exists in certain versions of rpcbind portmapper. RPC Remote Procedure Call allows a program to request a service from a program located in another computer in a network without requiring detailed information on the...
Wietse Venema Rpcbind Replacement 2.1 - Denial of Service
Wietse Venema Rpcbind Replacement 2.1 - Denial of Service source: https://www.securityfocus.com/bid/1893/info A remote root vulnerability exists in certain versions of rpcbind portmapper. RPC Remote Procedure Call allows a program to request a service from a program located in another computer in...
BSDI BSDOS 2.1 FreeBSD 2.1 IBM AIX 4.2 SGI IRIX 6.4 Sun SunOS 4.1.3 - Buffer Overrun
BSDI BSDOS 2.1 FreeBSD 2.1 IBM AIX 4.2 SGI IRIX 6.4 Sun SunOS 4.1.3 - Buffer Overrun / source: https://www.securityfocus.com/bid/129/info Rdist is a program to maintain identical copies of files over multiple hosts. It preserves the owner, group, mode, and mtime of files if possible and can updat...
HP-UX 10/11/ IRIX 3/4/5/6 / OpenSolaris build snv / Solaris 8/9/10 / SunOS 4.1 - 'rpc.ypupdated' Command Execution (1)
/ source: https://www.securityfocus.com/bid/1749/info HP-UX 10.x/11.x,IRIX 3.x/4.x/5.x/6.x,OpenSolaris build snv,Solaris 8/9/10,SunOS 4.1.x RPC.YPUpdated Command Execution 1 The 'rpc.ypupdated' deamon is part of the Network Information Service NIS or Yellow Pages YP. It allows clients to update N...