Matt Kimball and Roger Wolff mtr 0.28/0.41,Turbolinux 3.5 b2/4.2/4.4/6.0 mtr Vulnerability.2

No description provided by source. source: http://www.securityfocus.com/bid/1038/info A potential vulnerability exists in the 'mtr' program, by Matt Kimball and Roger Wolff. Versions prior to 0.42 incorrectly dropped privileges on all Unix variants except HPUX. By calling a seteuidgetuid call, th...

IBM DB2 Shared Library Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8346/info IBM DB2 ships with a number of shared libraries, stored in a directory owned by the user and group 'bin'. As setuid root utilities are linked to these libraries, their ownership by a user and group of a lower...

MTools 3.9.x MFormat Privilege Escalation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9746/info It has been reported that mformat is prone to a privilege escalation vulnerability when installed as a setUID application. This issue is due to a design error allowing a user to create any arbitrary files as the...

SunOS <= 4.1.1 /usr/release/bin/winstall Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/22/info This applies to sites that have installed Sun Source tapes only. The Sun distribution of sources sunsrc has an installation procedure which creates the directory /usr/release/bin and installs two setuid root files...

SunOS <= 4.1.1 /usr/release/bin/makeinstall Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/21/info This applies to sites that have installed Sun Source tapes only. The Sun distribution of sources sunsrc has an installation procedure which creates the directory /usr/release/bin and installs two setuid root files...

HP-UX 10/11 NLSPATH Environment Variable Format String Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/8985/info HP-UX allows the NLSPATH to be set for setuid root programs, which use catopen3C and may be executed by other local users. This could result in privilege escalation as an attacker could specify an arbitrary path...

BSD/OS <= 2.1,Caldera UnixWare 7/7.1 .0,FreeBSD FreeBSD 1.1.5 .1/2.0 ,HP HP-UX <= 10.34,IBM AIX <= 4.2,SGI IRIX <= 6.3,SunOS <= 4.1.4 libXt library Vulnerability (3)

No description provided by source. source: http://www.securityfocus.com/bid/237/info The libXt library is part of the X Windows system. There are several buffer overflow conditions that may allow an unauthorized user to gain root privileges through setuid and setgid programs that are linked to...

Ifenslave 0.0.7 Argument Local Buffer Overflow Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/7682/info ifenslave for Linux has been reported prone to a buffer overflow vulnerability. The issue is reportedly due to a lack of sufficient bounds checking performed on user-supplied data before it is copied into an...

Mac OS X <= 10.4.7 Mach Exception Handling Local Root Exploit

No description provided by source. / excploit.c - 28 Nov 2005 - [email protected] Exploitable Mach Exception Handling Affected: Mac OS X 10.4.6 darwin 8.6.0 and older When a process executes a setuid executable, all existing rights to the task port are invalidated, to make sure unauthorize...

OSX/Intel - setuid shell x86_64 - 51 bytes

No description provided by source. / Title: OSX/Intel - setuid shell x8664 - 51 bytes Date: 2010-11-25 Tested on: Mac OS X 10.6.5 - Darwin Kernel Version 10.5.0 Author: Dustin Schultz - twitter: @thexploit http://thexploit.com BITS 64 section .text global start start: a: mov r8b, 0x02 ; Unix clas...

Knox Software Arkeia 4.0 Backup Local Overflow

No description provided by source. / source: http://www.securityfocus.com/bid/661/info Knox Software Arkeia 4.0 Backup rnavc & nlserverd HOME Environment Variable Buffer Overflow A local buffer overflow in the handling of the HOME environment variable by the rlserver and rnavc binaries that are...

Linux Kernel 2.6.29 - ptrace_attach() Local Root Race Condition Exploit

No description provided by source. / GNU/Linux kernel 2.6.29 ptraceattach local root race condition exploit. ========================================================================== This is a local root exploit for the 2.6.29 ptraceattach race condition that allows a process to gain elevated...

CDRTools CDRecord 1.11/2.0 Devname Format String Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7565/info CDRecord has been reported prone to a format string vulnerability. The issue presents itself due to a programming error that occurs when calling a printf-like function. It has been reported that by harnessing an...

Stanley T. Shebs Xconq 7.2.2 - Buffer Overflow Vulnerabilities in xconq

No description provided by source. source: http://www.securityfocus.com/bid/1495/info Xconq is a multiple player strategy game available for many unix platforms. It contains a number of buffer overflow vulnerabilities including the ability to overflow stack buffers with either the DISPLAY or the...

BSDI BSD/OS <= 2.1,FreeBSD <= 2.1,IBM AIX <= 4.2,SGI IRIX <= 6.4,Sun SunOS <= 4.1.3

No description provided by source. source: http://www.securityfocus.com/bid/129/info Rdist is a program to maintain identical copies of files over multiple hosts. It preserves the owner, group, mode, and mtime of files if possible and can update programs that are executing. Rdist reads commands...

Linuxconf 1.1.x/1.2.x Local Environment Variable Buffer Overflow Vulnerability (3)

No description provided by source. source: http://www.securityfocus.com/bid/5585/info Linuxconf is a Linux configuration utility from Solucorp. It is typically installed as a setuid root utility for the management and configuration of Linux operating systems. A buffer overflow vulnerability has...

Linuxconf 1.1.x/1.2.x Local Environment Variable Buffer Overflow Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/5585/info Linuxconf is a Linux configuration utility from Solucorp. It is typically installed as a setuid root utility for the management and configuration of Linux operating systems. A buffer overflow vulnerability has...

LPPlus 3.2.2/3.3 Permissions DoS Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/1643/info Vulnerability 1: Several files that are part of the LPPlus print management system are installed setuid root by default. These files include: $LPHOME/bin/dccsched $LPHOME/bin/dcclpdser $LPHOME/bin/dccbkst These...

Linux Kernel 2.2/2.4 Ptrace/Setuid Exec Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3447/info Linux contains a vulnerability in it's exec implementation that may allow for modification of setuid process memory via ptrace. The vulnerability is due to the fact that it is possible for a traced process to ex...

Linux/x86-64 - setuid(0) & chmod ("/etc/passwd", 0777) & exit(0) - 63 bytes

No description provided by source. / Title: Linux/x86-64 - setuid0 & chmod /etc/passwd, 0777 & exit0 - 63 bytes Date: 2010-06-17 Tested: Archlinux x8664 k2.6.33 Author: Jonathan Salwan Web: http://shell-storm.org | http://twitter.com/jonathansalwan ! Dtabase of shellcodes...