Lucene search
K

49 matches found

UbuntuCve
UbuntuCve
added 2005/12/28 1:3 a.m.18 views

CVE-2005-4532

scponlyc in scponly 4.1 and earlier, when the operating system supports LDPRELOAD mechanisms, allows local users to execute arbitrary code with root privileges by creating a chroot directory in their home directory, hard linking to a system setuid application, and using a modified LDPRELOAD to...

7.2CVSS6.3AI score0.00433EPSS
Exploits0References1
CVE
CVE
added 2005/12/28 1:0 a.m.47 views

CVE-2005-4532

CVE-2005-4532 affects scponly versions 4.1 and earlier. The root cause is a design/implementation flaw in scponlyc that can be exploited when LD_PRELOAD is available: an unprivileged user can create a chroot directory in their home, hard-link to a system setuid application, and override expected ...

7.2CVSS7AI score0.00433EPSS
Exploits0References8Affected Software1
NVD
NVD
added 2005/10/25 10:6 p.m.31 views

CVE-2005-2748

The malloc function in the libSystem library in Apple Mac OS X 10.3.9 and 10.4.2 allows local users to overwrite arbitrary files by setting the MallocLogFile environment variable to the target file before running a setuid application...

2.1CVSS6AI score0.00343EPSS
Exploits0References5
Cvelist
Cvelist
added 2005/10/25 4:0 a.m.35 views

CVE-2005-2748

The malloc function in the libSystem library in Apple Mac OS X 10.3.9 and 10.4.2 allows local users to overwrite arbitrary files by setting the MallocLogFile environment variable to the target file before running a setuid application...

6AI score0.00343EPSS
Exploits0References5
CVE
CVE
added 2005/10/25 4:0 a.m.59 views

CVE-2005-2748

The CVE-2005-2748 issue affects Apple Mac OS X 10.3.9 and 10.4.2, where the malloc function in libSystem can be manipulated via the MallocLogFile environment variable before running a setuid application. This allows local users to overwrite arbitrary files. Root cause: environment-controlled log ...

2.1CVSS6AI score0.00343EPSS
Exploits0References5Affected Software2
securityvulns
securityvulns
added 2005/01/15 12:0 a.m.58 views

iDEFENSE Security Advisory 01.13.05: SGI IRIX inpview Design Error Vulnerability

SGI IRIX inpview Design Error Vulnerability iDEFENSE Security Advisory 01.13.05 www.idefense.com/application/poi/display?id=182&type=vulnerabilities January 13, 2005 I. BACKGROUND The inpview program is a setuid root application that is included in the InPerson networked multimedia conferencing...

0.7AI score
Exploits0
RedHat Linux
RedHat Linux
added 2004/10/07 2:55 p.m.30 views

Important: Red Hat Security Advisory: cyrus-sasl security update

Updated cyrus-sasl packages that fix a setuid and setgid application vulnerability are now available. Updated 7th October 2004 Revised cryus-sasl packages have been added for Red Hat Enterprise Linux 3; the patch in the previous packages broke interaction with ldap. The cyrus-sasl package contain...

7.2CVSS5.8AI score0.00506EPSS
Exploits0References4
Exploit DB
Exploit DB
added 2004/02/25 12:0 a.m.24 views

MTools 3.9.x - 'MFormat' Local Privilege Escalation

source: https://www.securityfocus.com/bid/9746/info It has been reported that mformat is prone to a privilege escalation vulnerability when installed as a setUID application. This issue is due to a design error allowing a user to create any arbitrary files as the root user. A local attacker could...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2002/04/23 12:0 a.m.32 views

Pine Internet Advisory: Setuid application execution may give local root in FreeBSD

-----BEGIN PGP SIGNED MESSAGE----- ----------------------------------------------------------------------------- Pine Internet Security Advisory ----------------------------------------------------------------------------- Advisory ID : PINE-CERT-20020401 Authors : Joost Pol [email protected] Issue...

0.4AI score
Exploits0
Rows per page
Query Builder