procmail.overflows.txt

Date: Mon, 5 Apr 1999 02:23:59 -0500 From: Philip Guenther To: [email protected] Subject: Re: SECURITY new version of procmail with security fixes [email protected] writes: A new version of procmail has been released which fixes a couple of buffer overflows and has extr...

Oracle 8 8.1.5 - Intelligent Agent (1)

source: https://www.securityfocus.com/bid/585/info A vulnerability in the Oracle Intelligent Agent allows local malicious users to execute arbitrary commands and to create world writable files as the root user. The problem lies in the dbsnmp program located in $ORACLEHOME/bin . This setuid root a...

mailx 8.1.1-10 (BSD/Slackware) - Local Buffer Overflow (2)

/ source: https://www.securityfocus.com/bid/1305/info Some Linux distributions ship with BSD mailx 8.1.1-10 On Slackware 7.x it can be found as /usr/bin/Mail. A vulnerability exists in the 'mail' program, part of the Berkeley mailx package. The 'mail' program contains a buffer overflow condition...

mailx 8.1.1-10 (BSDSlackware) - Local Buffer Overflow (2)

mailx 8.1.1-10 BSDSlackware - Local Buffer Overflow 2 / source: https://www.securityfocus.com/bid/1305/info Some Linux distributions ship with BSD mailx 8.1.1-10 On Slackware 7.x it can be found as /usr/bin/Mail. A vulnerability exists in the 'mail' program, part of the Berkeley mailx package. Th...

CVE-1999-1079

Vulnerability in ptrace in AIX 4.3 allows local users to gain privileges by attaching to a setgid program...

CVE-1999-1486

sadc in IBM AIX 4.1 through 4.3, when called from programs such as timex that are setgid adm, allows local users to overwrite arbitrary files via a symlink attack...

BSD/OS 2.1 / Caldera UnixWare 7/7.1.0 / FreeBSD 1.1.5.1/2.0 / HP HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.3 / SunOS 4.1.4 - 'libXt Library' Local Overflow / Local Privilege Escalation (2)

/ source: https://www.securityfocus.com/bid/237/info The libXt library is part of the X Windows system. There are several buffer overflow conditions that may allow an unauthorized user to gain root privileges through setuid and setgid programs that are linked to libXt. These problems were openly...

CVE-1999-1143

Vulnerability in runtime linker program rld in SGI IRIX 6.x and earlier allows local users to gain privileges via setuid and setgid programs...

UNICOS 9/MAX 1.3/mk 1.5 / AIX 4.2 / libc 5.2.18 / RedHat 4 / IRIX 6 / Slackware 3 - NLS (1)

/ source: https://www.securityfocus.com/bid/711/info Cray UNICOS 9.0/9.2/MAX 1.3/mk 1.5,AIX = 4.2,Linux libc = 5.2.18,RedHat 4.0,IRIX 6.2,Slackware 3.1 Natural Language Service NLS Vulnerability 1 A buffer overflow condition affects libraries using the Natural Language Service NLS. The NLS is the...

BSDOS 2.1 FreeBSD 2.1.5 NeXTstep 4.x IRIX 6.4 SunOS 4.1.34.1.4 - lpr Buffer Overrun (1)

BSDOS 2.1 FreeBSD 2.1.5 NeXTstep 4.x IRIX 6.4 SunOS 4.1.34.1.4 - lpr Buffer Overrun 1 / source: https://www.securityfocus.com/bid/707/info BSD/OS 2.1,FreeBSD 2.1.5,NeXTstep 4.0/4.1,SGI IRIX 6.4,SunOS 4.1.3/4.1.4 lpr Buffer Overrun Vulnerability 1 Due to insufficient bounds checking on arguments i...

BSD/OS 2.1 / FreeBSD 2.1.5 / NeXTstep 4.x / IRIX 6.4 / SunOS 4.1.3/4.1.4 - '/usr/bin/lpr' Buffer Overrun Privilege Escalation (2)

/ source: https://www.securityfocus.com/bid/707/info Due to insufficient bounds checking on arguments in this case -C which are supplied by users, it is possible to overwrite the internal stack space of the lpr program while it is executing. This can allow an intruder to cause lpr to execute...

SunOS 4.1.3 - etccrash SetGID kmem Privilege Escalation

SunOS 4.1.3 - etccrash SetGID kmem Privilege Escalation source: https://www.securityfocus.com/bid/59/info /etc/crash was installed setgid kmem and excutable by anyone. Any user can use the ! shell command escape to executes commands, which are then performed with group set to kmem. $ /etc/crash !...

SunOS 4.1.3 - '/etc/crash' SetGID kmem Privilege Escalation

source: https://www.securityfocus.com/bid/59/info /etc/crash was installed setgid kmem and excutable by anyone. Any user can use the ! shell command escape to executes commands, which are then performed with group set to kmem. $ /etc/crash ! sh...

CVE-1999-1142

SunOS 4.1.2 and earlier allows local users to gain privileges via "LD" environmental variables to certain dynamically linked setuid or setgid programs such as 1 login, 2 su, or 3 sendmail, that change the real and effective user ids to the same user...

SunOS 4.1.3 - LD_LIBRARY_PATH / LD_OPTIONS

source: https://www.securityfocus.com/bid/43/info There exists a vulnerability involving environment variables and setuid/setgid programs under SunOS 4.0 and higher. A dynamically-linked program that is invoked by a setuid/setgid program has access to the caller's LD environmental variables if th...

SunOS 4.1.3 - LD_LIBRARY_PATH LD_OPTIONS

SunOS 4.1.3 - LDLIBRARYPATH LDOPTIONS source: https://www.securityfocus.com/bid/43/info There exists a vulnerability involving environment variables and setuid/setgid programs under SunOS 4.0 and higher. A dynamically-linked program that is invoked by a setuid/setgid program has access to the...

PT-2008-6954 · Opensuse +3 · Opensuse +3

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.31-rc3 SUSE Linux Enterprise kernel-default-base affected versions not specified SUSE Linux Enterprise kernel-pae affected versions not specified openSUSE kernel-pseries64 affected versions not specified...