CVE-2004-1453

GNU glibc 2.3.4 before 2.3.4.20040619, 2.3.3 before 2.3.3.20040420, and 2.3.2 before 2.3.2-r10 does not restrict the use of LDDEBUG for a setuid program, which allows local users to gain sensitive information, such as the list of symbols used by the program...

CVE-2004-1453

GNU glibc 2.3.4 before 2.3.4.20040619, 2.3.3 before 2.3.3.20040420, and 2.3.2 before 2.3.2-r10 does not restrict the use of LDDEBUG for a setuid program, which allows local users to gain sensitive information, such as the list of symbols used by the program...

GNU a2ps "Anything to PostScript" Local Exploit (not suid)

Exploit for linux platform in category local exploits ========================================================== GNU a2ps "Anything to PostScript" Local Exploit not suid ========================================================== / Not added to Local Non Poc section /str0ke / include include inclu...

CVE-2005-0073

Buffer overflow in queue.c in a support script for sympa 3.3.3, when running setuid, allows local users to execute arbitrary code...

[Full-Disclosure] iDEFENSE Security Advisory 02.10.05: IBM AIX lspath Local File Access Vulnerability

IBM AIX lspath Local File Access Vulnerability iDEFENSE Security Advisory 02.10.05 www.idefense.com/application/poi/display?id=195&type=vulnerabilities February 10, 2005 I. BACKGROUND The lspath program is a setuid root application, installed by default under newer versions of IBM AIX. It is used...

CVE-2005-0076

Multiple buffer overflows in the XView library 3.2 may allow local users to execute arbitrary code via setuid applications that use the library...

Mandrake Linux Security Advisory : perl (MDKSA-2005:031)

Jeroen van Wolffelaar discovered that the rmtree function in the perl File::Path module would remove directories in an insecure manner which could lead to the removal of arbitrary files and directories via a symlink attack CVE-2004-0452. Trustix developers discovered several insecure uses of...

DSA-672-1 xview - buffer overflows

Bulletin has no description...

xview -- multiple buffer overflows in xv_parse_one

A Debian Security Advisory reports: Erik Sjölund discovered that programs linked against xview are vulnerable to a number of buffer overflows in the XView library. When the overflow is triggered in a program which is installed setuid root a malicious user could perhaps execute arbitrary code as...

security flaw

The PerlIO implementation in Perl 5.8.0, when installed with setuid support sperl, allows local users to create arbitrary files via the PERLIODEBUG variable...

security flaw

Buffer overflow in the PerlIO implementation in Perl 5.8.0, when installed with setuid support sperl, allows local users to execute arbitrary code by setting the PERLIODEBUG variable and executing a Perl script whose full pathname contains a long directory tree...

CVE-2005-0156

Buffer overflow in the PerlIO implementation in Perl 5.8.0, when installed with setuid support sperl, allows local users to execute arbitrary code by setting the PERLIODEBUG variable and executing a Perl script whose full pathname contains a long directory tree...

CVE-2005-0156

The CVE-2005-0156 issue affects Perl 5.8.0 when built with setuid support (sperl). The vulnerability is a buffer overflow in the PerlIO implementation that can be triggered by setting PERLIO_DEBUG and running a Perl script whose full pathname has a long directory tree. This allows local users to ...

DEBIAN-CVE-2005-0156

Buffer overflow in the PerlIO implementation in Perl 5.8.0, when installed with setuid support sperl, allows local users to execute arbitrary code by setting the PERLIODEBUG variable and executing a Perl script whose full pathname contains a long directory tree...

CVE-2005-0156

Buffer overflow in the PerlIO implementation in Perl 5.8.0, when installed with setuid support sperl, allows local users to execute arbitrary code by setting the PERLIODEBUG variable and executing a Perl script whose full pathname contains a long directory tree...

CVE-2005-0156

Buffer overflow in the PerlIO implementation in Perl 5.8.0, when installed with setuid support sperl, allows local users to execute arbitrary code by setting the PERLIODEBUG variable and executing a Perl script whose full pathname contains a long directory tree...

CVE-2005-0155

The PerlIO implementation in Perl 5.8.0, when installed with setuid support sperl, allows local users to create arbitrary files via the PERLIODEBUG variable...

Setuid perl - PerlIO_Debug() Root Owned File Creation Privilege Escalation

Setuid perl - PerlIODebug Root Owned File Creation Privilege Escalation / Copyright Kevin Finisterre DISCLAIMER I am in no way responsible for your stupidity. DISCLAIMER I am in no way liable for any damages caused by compilation and or execution of this code. WARNING DO NOT RUN THIS UNLESS YOU...

Setuid perl - 'PerlIO_Debug()' Local Overflow

/ Copyright Kevin Finisterre Setuid perl PerlIODebug overflow Tested on Debian 3.1 perl-suid 5.8.4-5 11:07:20 corezion: who is tha man with tha masta plan? 11:07:36 corezion: a nigga with a buffer overrun 11:07:39 corezion: heh of course that is to the tune of...

Setuid perl PerlIO_Debug() root owned file creation

Exploit for linux platform in category local exploits =================================================== Setuid perl PerlIODebug root owned file creation =================================================== / Copyright Kevin Finisterre DISCLAIMER I am in no way responsible for your stupidity...