Design/Logic Flaw

The FTP client in IBM AIX 6.1 and 7.1, and VIOS 2.2.1.4-FP-25 SP-02, does not properly manage privileges in an RBAC environment, which allows attackers to bypass intended file-read restrictions by leveraging the setuid installation of the ftp executable file...

CVE-2012-4845

The FTP client in IBM AIX 6.1 and 7.1, and VIOS 2.2.1.4-FP-25 SP-02, does not properly manage privileges in an RBAC environment, which allows attackers to bypass intended file-read restrictions by leveraging the setuid installation of the ftp executable file...

ascdc Buffer Overflow Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 TITLE: ascdc Buffer Overflow Vulnerability ADVISORY ID: WSIR-01/02-06 DISCOVERED BY: Christer Цberg, Wkit Security AB CONTACT: [email protected], Wkit Security AB CLASS: Buffer Overflow OBJECT: ascdc exec VENDOR: Rob Malda http://www.CmdrTaco.net...

Rob Malda ASCDC 0.3 - Local Buffer Overflow (2)

// source: https://www.securityfocus.com/bid/2462/info ascdc is a program written for X by Rob Malda. It is designed to provide a graphical interface to cd changing on linux systems. A vulnerability in the program could allow elevated privileges on a system with the package installed setuid. Due ...

Fred N. van Kempen dip 3.3.7 - Local Buffer Overflow (1)

Fred N. van Kempen dip 3.3.7 - Local Buffer Overflow 1 // source: https://www.securityfocus.com/bid/86/info A buffer overflow resides in 'dip-3.3.7o' and derived programs. This is a problem only on systems where 'dip' is installed setuid. The culpable code is an 'sprintf' in line 192 in 'main.c':...

Fred N. van Kempen dip 3.3.7 - Local Buffer Overflow (2)

// source: https://www.securityfocus.com/bid/86/info A buffer overflow resides in 'dip-3.3.7o' and derived programs. This is a problem only on systems where 'dip' is installed setuid. The culpable code is an 'sprintf' in line 192 in 'main.c': sprintfbuf, "%s/LCK..%s", PATHLOCKD, nam; / Linux x86...