RHEL 2.1 / 3 : cyrus-sasl (RHSA-2004:546)

Updated cyrus-sasl packages that fix a setuid and setgid application vulnerability are now available. Updated 7th October 2004 Revised cryus-sasl packages have been added for Red Hat Enterprise Linux 3; the patch in the previous packages broke interaction with ldap. The cyrus-sasl package contain...

ncurses-overflow.txt

OVERVIEW The CRT screen handling library ncurses contains buffer overflows, making programs using it vulnerable. If the programs are setuid or setgid, a local user may elevate their privilege. The problem exists in ncurses versions 4.2 and 5.0, probably earlier, and libocurses. The overflows can ...

mailx 8.1.1-10 (BSDSlackware) - Local Buffer Overflow (2)

mailx 8.1.1-10 BSDSlackware - Local Buffer Overflow 2 / source: https://www.securityfocus.com/bid/1305/info Some Linux distributions ship with BSD mailx 8.1.1-10 On Slackware 7.x it can be found as /usr/bin/Mail. A vulnerability exists in the 'mail' program, part of the Berkeley mailx package. Th...