1904 matches found
WU-FTPD ABOR Command Arbitrary File Access
The version of WU-FTPD running on the remote host contains a flaw that may allow a malicious user to gain access to unauthorized privileges. Specifically, there is a flaw in the way that the server handles an ABOR command after a data connection has been closed. The flaw is within the dologout...
OpenFTPd 0.30.1 - message system Remote Shell
/ shouts to mitakeet :D exploit for openftpd format string bug. tested on most current version only. -infamous42md AT hotpop DOT com is real email only tricky part is find a place to stick the shell, as there isn't enough room to send it with the format string. thankfully when using the 'site msg...
SuSE-SA:2004:019: dhcp/dhcp-server
The remote host is missing the patch for the advisory SuSE-SA:2004:019 dhcp/dhcp-server. The Dynamic Host Configuration Protocol DHCP server is used to configure clients that dynamically connect to a network WLAN hotspots, customer networks, .... The CERT informed us about a buffer overflow in th...
RHEL 2.1 : pam (RHSA-2003:028)
Updated PAM packages are now available. These packages correct a bug in pamxauth's handling of authorization data for the root user. Updated 12 March 2003 Added packages for Red Hat Enterprise Linux ES and Red Hat Enterprise Linux WS The pamxauth module is used to forward xauth information from...
CVE-2004-0622
Apple Mac OS X 10.3.4, 10.4, 10.5, and possibly other versions does not properly clear memory for login aka Loginwindow.app, Keychain, or FileVault passwords, which could allow the root user or an attacker with physical access to obtain sensitive information by reading memory...
IRIX syssgi system call vulnerability and other security fixes
-----BEGIN PGP SIGNED MESSAGE----- SGI Security Advisory Title: syssgi system call vulnerability and other security fixes Number: 20040601-01-P Date: June 14, 2004 Reference: SGI BUG 914420, CVE CAN-2004-0135 Reference: SGI BUG 912601, CVE CAN-2004-0136 Reference: SGI BUG 907407, CVE CAN-2004-013...
Linux Kernel 2.5.x/2.6.x - CPUFreq Proc Handler Integer Handling Memory Read
/ source: https://www.securityfocus.com/bid/10201/info A local integer handling vulnerability has been announced in the Linux kernel. It is reported that this vulnerability may be exploited by an unprivileged local user to obtain kernel memory contents. Additionally it is reported that a root use...
AIX 4.3.35.x - Getlvcb Command Line Argument Buffer Overflow (2)
AIX 4.3.35.x - Getlvcb Command Line Argument Buffer Overflow 2 // source: https://www.securityfocus.com/bid/9905/info getlvcb has been reported to be prone to a buffer overflow vulnerability. When an argument is passed to the getlvcb utility, the string is copied into a reserved buffer in memory...
MTools 3.9.x - MFormat Local Privilege Escalation
MTools 3.9.x - MFormat Local Privilege Escalation source: https://www.securityfocus.com/bid/9746/info It has been reported that mformat is prone to a privilege escalation vulnerability when installed as a setUID application. This issue is due to a design error allowing a user to create any...
[Full-Disclosure] Proofpoint Protection Server remote MySQL root user vulnerability
Product: Protection Server Version: unknown/Red Hat Linux Developer: Proofpoint URL: www.proofpoint.com Summary: The MySQL server may be remotely access by the "root" user without using a password. Details: The Proofpoint Protection Server is a software product to filter spam and other e-mail...
Proofpoint protection server unauthorized access
User root with empty password can access mySQL...
CVE-2004-2073
Linux-VServer 1.24 allows local users with root privileges on a virtual server to gain access to the filesystem outside the virtual server via a modified chroot-again exploit using the chmod command...
pound remotely exploitable vulnerability
An unknown remotely exploitable vulnerability was disclosed. Robert Segall writes: a security vulnerability was brought to my attention many thanks to Akira Higuchi. Everyone running any previous version should upgrade to 1.6 immediately - the vulnerability may allow a remote exploit. No exploits...
Multiple IBM DB2 Stack Overflow Vulnerabilities
Advisory ID Internal CORE-2003-0531 Vulnerability Information: Date Published: 2003-09-18 Last Update: 2003-09-17 Advisory ID: CORE-2003-0531 Bugtraq ID:8552, 8553 CVE Name:CAN-2003-0758, CAN-2003-0759 Title: Multiple IBM DB2 Stack Overflow Vulnerabilities Class: Boundary Error Condition Buffer...
CVE-2003-0473
Unknown vulnerability in the IPv6 capability in IRIX 6.5.19 causes snoop to process packets as the root user, with unknown implications...
SRT2003-08-01-0126 - cdrtools local root exploit
Secure Network Operations, Inc. http://www.secnetops.com Strategic Reconnaissance Team [email protected] Team Lead Contact [email protected] Our Mission: Secure Network Operations offers expertise in Networking, Intrusion Detection Systems IDS, Software Security Validation, and...
CVE-2003-0473
Technical details for CVE-2003-0473 are not publicly available in the provided documents. No product, vector, impact, or patch information is listed. Monitor for official updates.
CVE-2003-0473
Unknown vulnerability in the IPv6 capability in IRIX 6.5.19 causes snoop to process packets as the root user, with unknown implications...
AIX 4.3.3/5.x - Getlvcb Command Line Argument Buffer Overflow (1)
source: https://www.securityfocus.com/bid/9905/info getlvcb has been reported to be prone to a buffer overflow vulnerability. When an argument is passed to the getlvcb utility, the string is copied into a reserved buffer in memory. Data that exceeds the size of the reserved buffer will overflow i...
Important: Red Hat Security Advisory: : : : Updated PAM packages fix bug in pam_xauth module
Updated PAM packages are now available for Red Hat Linux 7.1, 7.2, 7.3, and 8.0. These packages correct a bug in pamxauth's handling of authorization data for the root user. Updated 16 April 2003 Added packages for Red Hat Linux on IBM iSeries and pSeries systems. The pamxauth module is used to...