GLSA-200611-05 : Netkit FTP Server: Privilege escalation

The remote host is affected by the vulnerability described in GLSA-200611-05 Netkit FTP Server: Privilege escalation Paul Szabo reported that an incorrect seteuid call after the chdir function can allow an attacker to access a normally forbidden directory, in some very particular circumstances, f...

Netkit FTP Server: Privilege escalation

Background net-ftp/netkit-ftpd is the Linux Netkit FTP server with optional SSL support. Description Paul Szabo reported that an incorrect seteuid call after the chdir function can allow an attacker to access a normally forbidden directory, in some very particular circumstances, for example when...

Netkit FTP Server protection bypass

Invalid chroot and seteuid usage under some circumstances allow FTP root directory bypass...

Xcode OpenBase 10.0.0 (OSX) - Unsafe System Call Privilege Escalation

Xcode OpenBase 10.0.0 OSX - Unsafe System Call Privilege Escalation !/usr/bin/perl http://www.digitalmunition.com written by kf kflistsatdigitalmunitiondotcom \n\nTargets:\n\n"; foreach $key sortkeys %tgts $a,$b = split/:/,$tgts"$key"; print "\t$key . $a - $b\n"; print "\n"; exit 1; $ret =...

Debian DSA-1146-1 : krb5 - programming error

In certain application programs packaged in the MIT Kerberos 5 source distribution, calls to setuid and seteuid are not always checked for success and may fail with some PAM configurations. A local user could exploit one of these vulnerabilities to result in privilege escalation. No exploit code ...

CVE-2006-4447

X.Org and XFree86, including libX11, xdm, xf86dga, xinit, xload, xtrans, and xterm, does not check the return values for setuid and seteuid calls when attempting to drop privileges, which might allow local users to gain privileges by causing those calls to fail, such as by exceeding a ulimit...

CVE-2006-4447

X.Org and XFree86, including libX11, xdm, xf86dga, xinit, xload, xtrans, and xterm, does not check the return values for setuid and seteuid calls when attempting to drop privileges, which might allow local users to gain privileges by causing those calls to fail, such as by exceeding a ulimit...

CVE-2006-4447

X.Org and XFree86, including libX11, xdm, xf86dga, xinit, xload, xtrans, and xterm, does not check the return values for setuid and seteuid calls when attempting to drop privileges, which might allow local users to gain privileges by causing those calls to fail, such as by exceeding a ulimit...

GLSA-200608-21 : Heimdal: Multiple local privilege escalation vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200608-21 Heimdal: Multiple local privilege escalation vulnerabilities The ftpd and rcp applications provided by Heimdal fail to check the return value of calls to seteuid. Impact : A local attacker could exploit this vulnerabilit...

Heimdal: Multiple local privilege escalation vulnerabilities

Background Heimdal is a free implementation of Kerberos 5. Description The ftpd and rcp applications provided by Heimdal fail to check the return value of calls to seteuid. Impact A local attacker could exploit this vulnerability to execute arbitrary code with elevated privileges. Workaround Ther...

GLSA-200608-15 : MIT Kerberos 5: Multiple local privilege escalation vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200608-15 MIT Kerberos 5: Multiple local privilege escalation vulnerabilities Unchecked calls to setuid in krshd and v4rcp, as well as unchecked calls to seteuid in kftpd and in ksu, have been found in the MIT Kerberos 5 program...

MIT Kerberos 5: Multiple local privilege escalation vulnerabilities

Background MIT Kerberos 5 is a suite of applications that implement the Kerberos network protocol. It is designed to provide strong authentication for client/server applications by using secret-key cryptography. Description Unchecked calls to setuid in krshd and v4rcp, as well as unchecked calls ...

MIT Kerberos / Heimdal privilege escalation

setuid/seteuid return code is not checked, allowing user to bypass protection by exhausting user limits...

MITKRB-SA-2006-001: multiple local privilege escalation vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 MIT krb5 Security Advisory 2006-001 Original release: 2006-08-08 Topic: multiple local privilege escalation vulnerabilities Severity: serious SUMMARY ======= In certain application programs packaged in the MIT Kerberos 5 source distribution, calls to...

FailureToLaunch-2.pl.txt

!/usr/bin/perl http://www.digitalmunition.com/FailureToLaunch-ppc.pl Code by Kevin Finisterre kflistsatdigitalmunitiondotcom Much appreciation goes to John H for all kindsa random shit like exploiting Veritas and other random things in the past core... where the hell are you fool. This is just a...

Mac OS X <= 10.4.6 (launchd) Local Format String Exploit (ppc)

Exploit for macOS platform in category local exploits ============================================================== Mac OS X = 10.4.6 launchd Local Format String Exploit ppc ============================================================== !/usr/bin/perl...

Mac OS X &lt;= 10.4.6 (launchd) Local Format String Exploit (ppc)

No description provided by source. !/usr/bin/perl http://www.digitalmunition.com/FailureToLaunch-ppc.pl Code by Kevin Finisterre kflistsatdigitalmunitiondotcom Much appreciation goes to John H for all kindsa random shit like exploiting Veritas and other random things in the past core... where the...

CVE-2005-3254

The CGIwrap program before 3.9 on Debian GNU/Linux uses an incorrect minimum value of 100 for a UID to determine whether it can perform a seteuid operation, which could allow attackers to execute code as other system UIDs that are greater than the minimum value, which should be 1000 on Debian...

CVE-2005-3254

The CGIwrap program before 3.9 on Debian GNU/Linux uses an incorrect minimum value of 100 for a UID to determine whether it can perform a seteuid operation, which could allow attackers to execute code as other system UIDs that are greater than the minimum value, which should be 1000 on Debian...

Дырка в mtr

mtr использует вызов seteuid вместо setuid чтобы освободиться от привилегий root...