739 matches found
FreeBSD 3.3 angband Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/840/info The version angband shipped with FreeBSD 3.3-RELEASE is vulnerable to a local buffer overflow attack. Since it is setgid games, a compromise of files and directories owned by group games is possible. / FreeBSD 3....
Oracle <= 8 8.1.5 Intelligent Agent Vulnerability (2)
No description provided by source. source: http://www.securityfocus.com/bid/585/info A vulnerability in the Oracle Intelligent Agent allows local malicious users to execute arbitrary commands and to create world writable files as the root user. The problem lies in the dbsnmp program located in...
BSD/OS <= 2.1,Caldera UnixWare 7/7.1 .0,FreeBSD FreeBSD 1.1.5 .1/2.0 ,HP HP-UX <= 10.34,IBM AIX <= 4.2,SGI IRIX <= 6.3,SunOS <= 4.1.4 libXt library Vulnerability (2)
No description provided by source. source: http://www.securityfocus.com/bid/237/info The libXt library is part of the X Windows system. There are several buffer overflow conditions that may allow an unauthorized user to gain root privileges through setuid and setgid programs that are linked to...
Solaris 8 libsldap Buffer Overflow Vulnerability (2)
No description provided by source. source: http://www.securityfocus.com/bid/2931/info Solaris 8 ships with a shared library that implements LDAP functionality called 'libsldap'. This library is linked to by a number of system utilities, many of them installed setuid or setgid. Libsldap contains a...
Solaris 8 libsldap Buffer Overflow Vulnerability (1)
No description provided by source. source: http://www.securityfocus.com/bid/2931/info Solaris 8 ships with a shared library that implements LDAP functionality called 'libsldap'. This library is linked to by a number of system utilities, many of them installed setuid or setgid. Libsldap contains a...
GNU AN Local Command Line Option Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8099/info A local buffer overflow has been reported for GNU an that may result in an attacker potentially obtaining elevated privileges. The vulnerability exists due to insufficient boundary checks performed on some...
SunOS <= 4.1.3 kmem setgid /etc/crash Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/59/info /etc/crash was installed setgid kmem and excutable by anyone. Any user can use the ! shell command escape to executes commands, which are then performed with group set to kmem. $ /etc/crash ! sh...
Nethack 3 Local Buffer Overflow Vulnerability (1)
No description provided by source. source: http://www.securityfocus.com/bid/6806/info By passing an overly large string when invoking nethack, it is possible to corrupt memory. By exploiting this issue it may be possible for an attacker to overwrite values in sensitive areas of memory, resulting ...
Xtokkaetama 1.0 b-6 Nickname Local Buffer Overflow Vulnerability (1)
No description provided by source. source: http://www.securityfocus.com/bid/8337/info xtokkaetama is prone to a locally exploitable buffer overflow vulnerability. This is due to insufficient bounds checking of the '-nickname' command line option, which could result in execution of arbitrary code ...
BSD/OS <= 2.1,Caldera UnixWare 7/7.1 .0,FreeBSD FreeBSD 1.1.5 .1/2.0 ,HP HP-UX <= 10.34,IBM AIX <= 4.2,SGI IRIX <= 6.3,SunOS <= 4.1.4 libXt library Vulnerability (3)
No description provided by source. source: http://www.securityfocus.com/bid/237/info The libXt library is part of the X Windows system. There are several buffer overflow conditions that may allow an unauthorized user to gain root privileges through setuid and setgid programs that are linked to...
Maelstrom Server 3.0.x Argument Buffer Overflow Vulnerability (3)
No description provided by source. source: http://www.securityfocus.com/bid/7630/info Maelstrom for Linux has been reported prone to a buffer overflow vulnerability. The issue is reportedly due to a lack of sufficient bounds checking performed on user-supplied data before it is copied into an...
BSDi 3.0 / 4.0 rcvtty[mh] Local Exploit
No description provided by source. / BSDi3.0/4.0rcvttymh local exploit, by [email protected]. this exploit is for the rcvtty of the mh package, which is setgid=4tty on BSDi. this exploit gives you egid/group=4tty access. example: ------------------------------------------------- bash-2.02$ id...
BSD mailx 8.1.1 -10 Buffer Overflow Vulnerability (2)
No description provided by source. source: http://www.securityfocus.com/bid/1305/info Some Linux distributions ship with BSD mailx 8.1.1-10 On Slackware 7.x it can be found as /usr/bin/Mail. A vulnerability exists in the 'mail' program, part of the Berkeley mailx package. The 'mail' program...
FreeBSD 3.3 Seyon setgid dialer Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/838/info FreeBSD 3.3-RELEASE ships with Seyon, a communications program which is known to have several vulnerabilities which can allow for a malicious user to elevate priviliges. The vulnerability, however, is that seyon ...
GNU Chess 5.0 - Local Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8097/info A local buffer overflow has been reported for GNU Chess that may result in an attacker obtaining elevated privileges. The vulnerability exists due to insufficient boundary checks performed on some commandline...
Ifenslave 0.0.7 Argument Local Buffer Overflow Vulnerability (2)
No description provided by source. source: http://www.securityfocus.com/bid/7682/info ifenslave for Linux has been reported prone to a buffer overflow vulnerability. The issue is reportedly due to a lack of sufficient bounds checking performed on user-supplied data before it is copied into an...
CVE-2014-4014
The capabilities implementation in the Linux kernel before 3.14.8 does not properly consider that namespaces are inapplicable to inodes, which allows local users to bypass intended chmod restrictions by first creating a user namespace, as demonstrated by setting the setgid bit on a file with grou...
CVE-2014-4014
The capabilities implementation in the Linux kernel before 3.14.8 does not properly consider that namespaces are inapplicable to inodes, which allows local users to bypass intended chmod restrictions by first creating a user namespace, as demonstrated by setting the setgid bit on a file with grou...
DEBIAN-CVE-2014-4014
The capabilities implementation in the Linux kernel before 3.14.8 does not properly consider that namespaces are inapplicable to inodes, which allows local users to bypass intended chmod restrictions by first creating a user namespace, as demonstrated by setting the setgid bit on a file with grou...
Design/Logic Flaw
The capabilities implementation in the Linux kernel before 3.14.8 does not properly consider that namespaces are inapplicable to inodes, which allows local users to bypass intended chmod restrictions by first creating a user namespace, as demonstrated by setting the setgid bit on a file with grou...