22 matches found
Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information
The multiple vulnerabilities in the sash package of the Debian GNU/Linux operating system may lead to breaches of the confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...
Linux Kernel < 2.6.22 ftruncate()/open() Local Exploit
No description provided by source. / gw-ftrex.c: Linux kernel 2.6.22 open/ftruncate local exploit by gat3way at gat3way dot eu bug information: http://osvdb.org/49081 !!!This is for educational purposes only!!! To use it, you've got to find a sgid directory you've got permissions to write into...
sash <= 3.7 - Local Buffer Overflow Exploit
No description provided by source. / sash-3.7 buffer overflow in c argyment written by lammat for practice purposes http://grpower.ath.cx [email protected] gdb r -c perl -e 'print Ax10256' The program being debugged has been started already. Start it from the beginning? y or n y Starting program:...
Linux Kernel < 2.6.22 - 'ftruncate()'/'open()' Local Privilege Escalation
/ gw-ftrex.c: Linux kernel bug information: http://osvdb.org/49081 !!!This is for educational purposes only!!! To use it, you've got to find a sgid directory you've got permissions to write into obviously world-writable, e.g: find / -perm -2000 -type d 2/dev/null|xargs ls -ld|grep "rwx" which...
Linux Kernel < 2.6.22 ftruncate()/open() Local Exploit
Exploit for linux platform in category local exploits ====================================================== Linux Kernel bug information: http://osvdb.org/49081 !!!This is for educational purposes only!!! To use it, you've got to find a sgid directory you've got permissions to write into obvious...
Debian Security Advisory DSA 015-1 (sash)
The remote host is missing an update to sash announced via advisory DSA 015-1. OpenVAS Vulnerability Test $Id: deb0151.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 015-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...
Debian Security Advisory DSA 1026-1 (sash)
The remote host is missing an update to sash announced via advisory DSA 1026-1. Markus Oberhumer discovered a flaw in the way zlib, a library used for file compression and decompression, handles invalid input. This flaw can cause programs which use zlib to crash when opening an invalid file. A...
Debian Security Advisory DSA 015-1 (sash)
The remote host is missing an update to sash announced via advisory DSA 015-1. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DSA-1026-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-1026-1 : sash - buffer overflows
Markus Oberhumer discovered a flaw in the way zlib, a library used for file compression and decompression, handles invalid input. This flaw can cause programs which use zlib to crash when opening an invalid file. A further error in the way zlib handles the inflation of certain compressed files ca...
Mandrake Linux Security Advisory : sash (MDKSA-2006:070)
Tavis Ormandy of the Gentoo Security Project discovered a vulnerability in zlib where a certain data stream would cause zlib to corrupt a data structure, resulting in the linked application to dump core CVE-2005-2096. Markus Oberhumber discovered additional ways that a specially crafted compresse...
[SECURITY] [DSA 1026-1] New sash packages fix potential arbitrary code execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 1026-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff April 6th, 2006 http://www.debian.org/security/faq -...
DSA-1026-1 sash - buffer overflows
Bulletin has no description...
sash <= 3.7 Local Buffer Overflow Exploit
No description provided by source. / sash-3.7 buffer overflow in c argyment written by lammat for practice purposes http://grpower.ath.cx [email protected] gdb r -c perl -e 'print "A"x10256' The program being debugged has been started already. Start it from the beginning? y or n y Starting program...
sash 3.7 - Local Buffer Overflow
/ sash-3.7 buffer overflow in c argyment written by lammat for practice purposes http://grpower.ath.cx [email protected] gdb r -c perl -e 'print "A"x10256' The program being debugged has been started already. Start it from the beginning? y or n y Starting program: /sbin/sash -c perl -e 'print...
Debian DSA-015-1 : sash - broken maintainer script
Versions of the sash package prior to 3.4-4 did not clone /etc/shadow properly, causing it to be made world-readable. This package only exists in stable, so if you are running unstable you won't see a bugfix unless you use the resources from the bottom of this message to the proper configuration...
CVE-2001-0195
sash before 3.4-4 in Debian GNU/Linux does not properly clone /etc/shadow, which makes it world-readable and could allow local users to gain privileges via password cracking...
CVE-2001-0195
The CVE-2001-0195 issue affects sash
CVE-2001-0195
sash before 3.4-4 in Debian GNU/Linux does not properly clone /etc/shadow, which makes it world-readable and could allow local users to gain privileges via password cracking...
PT-2001-1424 · Sash · Sash
Name of the Vulnerable Software and Affected Versions: sash versions prior to 3.4-4 Description: The issue is related to the improper cloning of /etc/shadow, making it world-readable. This could allow local users to gain privileges via password cracking. Recommendations: For versions prior to...