getpwnedmail-x86.pl.txt

!/usr/bin/perl getpwnedmail.pl http://www.digitalmunition.com written by kf kflistsatdigitalmunitiondotcom This is a canibalized version of "Kansas City POP Daemon Version 0.0" - Copyright c 1999 David Nicol kevin-finisterres-mac-mini: kfinisterre$ /usr/bin/fetchmail -p pop3 --fastuidl 1 localhos...

USN-334-1: krb5 vulnerabilities

Michael Calmer and Marcus Meissner discovered that several krb5 tools did not check the return values from setuid system calls. On systems that have configured user process limits, it may be possible for an attacker to cause setuid to fail via resource starvation. In that situation, the tools wil...

CVE-2006-4124

The libXm library in LessTif 0.95.0 and earlier allows local users to gain privileges via the DEBUGFILE environment variable, which is used to create world-writable files when libXm is run from a setuid program...

CVE-2006-4124

The libXm library in LessTif 0.95.0 and earlier allows local users to gain privileges via the DEBUGFILE environment variable, which is used to create world-writable files when libXm is run from a setuid program...

GLSA-200608-15 : MIT Kerberos 5: Multiple local privilege escalation vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200608-15 MIT Kerberos 5: Multiple local privilege escalation vulnerabilities Unchecked calls to setuid in krshd and v4rcp, as well as unchecked calls to seteuid in kftpd and in ksu, have been found in the MIT Kerberos 5 program...

DSA-1150-1 shadow - programming error

Bulletin has no description...

MIT Kerberos 5: Multiple local privilege escalation vulnerabilities

Background MIT Kerberos 5 is a suite of applications that implement the Kerberos network protocol. It is designed to provide strong authentication for client/server applications by using secret-key cryptography. Description Unchecked calls to setuid in krshd and v4rcp, as well as unchecked calls ...

[SA21436] Heimdal setuid Security Issue

---------------------------------------------------------------------- Hardcore Disassembler / Reverse Engineer Wanted! Want to work with IDA and BinDiff? Want to write PoC's and Exploits? Your nationality is not important. We will get you a work permit, find an apartment, and offer a relocation...

MIT Kerberos / Heimdal privilege escalation

setuid/seteuid return code is not checked, allowing user to bypass protection by exhausting user limits...

DEBIAN-CVE-2006-3084

The 1 ftpd and 2 ksu programs in a MIT Kerberos 5 krb5 up to 1.5, and 1.4.x before 1.4.4, and b Heimdal 0.7.2 and earlier, do not check return codes for setuid calls, which might allow local users to gain privileges by causing setuid to fail to drop privileges. NOTE: as of 20060808, it is not kno...

CVE-2006-3083

The 1 krshd and 2 v4rcp applications in a MIT Kerberos 5 krb5 up to 1.5, and 1.4.x before 1.4.4, when running on Linux and AIX, and b Heimdal 0.7.2 and earlier, do not check return codes for setuid calls, which allows local users to gain privileges by causing setuid to fail to drop privileges usi...

CVE-2006-3084

The 1 ftpd and 2 ksu programs in a MIT Kerberos 5 krb5 up to 1.5, and 1.4.x before 1.4.4, and b Heimdal 0.7.2 and earlier, do not check return codes for setuid calls, which might allow local users to gain privileges by causing setuid to fail to drop privileges. NOTE: as of 20060808, it is not kno...

CVE-2006-3083

The 1 krshd and 2 v4rcp applications in a MIT Kerberos 5 krb5 up to 1.5, and 1.4.x before 1.4.4, when running on Linux and AIX, and b Heimdal 0.7.2 and earlier, do not check return codes for setuid calls, which allows local users to gain privileges by causing setuid to fail to drop privileges usi...

CVE-2006-3083

The 1 krshd and 2 v4rcp applications in a MIT Kerberos 5 krb5 up to 1.5, and 1.4.x before 1.4.4, when running on Linux and AIX, and b Heimdal 0.7.2 and earlier, do not check return codes for setuid calls, which allows local users to gain privileges by causing setuid to fail to drop privileges usi...

DEBIAN-CVE-2006-3083

The 1 krshd and 2 v4rcp applications in a MIT Kerberos 5 krb5 up to 1.5, and 1.4.x before 1.4.4, when running on Linux and AIX, and b Heimdal 0.7.2 and earlier, do not check return codes for setuid calls, which allows local users to gain privileges by causing setuid to fail to drop privileges usi...

CVE-2006-3084

CVE-2006-3084 affects MIT Kerberos 5 (krb5) up to 1.5 and 1.4.x before 1.4.4, and Heimdal 0.7.2 and earlier. The issue is that the (1) ftpd and (2) ksu setuid calls do not check return codes, which could allow local privilege escalation if setuid fails to drop privileges. The description notes th...

CVE-2006-3084

The 1 ftpd and 2 ksu programs in a MIT Kerberos 5 krb5 up to 1.5, and 1.4.x before 1.4.4, and b Heimdal 0.7.2 and earlier, do not check return codes for setuid calls, which might allow local users to gain privileges by causing setuid to fail to drop privileges. NOTE: as of 20060808, it is not kno...

CVE-2006-3084

The 1 ftpd and 2 ksu programs in a MIT Kerberos 5 krb5 up to 1.5, and 1.4.x before 1.4.4, and b Heimdal 0.7.2 and earlier, do not check return codes for setuid calls, which might allow local users to gain privileges by causing setuid to fail to drop privileges. NOTE: as of 20060808, it is not kno...

MITKRB-SA-2006-001: multiple local privilege escalation vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 MIT krb5 Security Advisory 2006-001 Original release: 2006-08-08 Topic: multiple local privilege escalation vulnerabilities Severity: serious SUMMARY ======= In certain application programs packaged in the MIT Kerberos 5 source distribution, calls to...

security flaw

The 1 krshd and 2 v4rcp applications in a MIT Kerberos 5 krb5 up to 1.5, and 1.4.x before 1.4.4, when running on Linux and AIX, and b Heimdal 0.7.2 and earlier, do not check return codes for setuid calls, which allows local users to gain privileges by causing setuid to fail to drop privileges usi...