3209 matches found
IBM DB2 - db2govd Format String Arbitrary Code Execution
IBM DB2 - db2govd Format String Arbitrary Code Execution source: https://www.securityfocus.com/bid/8989/info Multiple command-line parameter format string vulnerabilities have been discovered in various IBM DB2 binaries. Specifically, format-based functions are implemented erroneously within the...
IBM DB2 - 'db2start' Format String Arbitrary Code Execution
source: https://www.securityfocus.com/bid/8989/info Multiple command-line parameter format string vulnerabilities have been discovered in various IBM DB2 binaries. Specifically, format-based functions are implemented erroneously within the db2govd, db2start, and db2stop programs. These binaries a...
kpopup 0.9.x - Privileged Command Execution
kpopup 0.9.x - Privileged Command Execution // source: https://www.securityfocus.com/bid/8915/info It has been alleged that it is possible for local attackers to gain root privileges through kpopup, which is is installed setuid root by default. According to the report, kpopup uses the system3...
Solaris Runtime Linker (SPARC) - ld.so.1 Local Buffer Overflow
Solaris Runtime Linker SPARC - ld.so.1 Local Buffer Overflow / ld.so.1 exploit SPARC coded by: osker178 bjr213 psu.edu Alright, so this exploits a fairly standard buffer overflow in the default Solaris runtime linker ld.so.1 discovery by Jouko Pynnonen Only real deviation here from the standard...
CVE-2001-1411
Format string vulnerability in gm4 aka m4 on Mac OS X may allow local users to gain privileges if gm4 is called by setuid programs...
CVE-2001-1411
CVE-2001-1411 describes a format string vulnerability in gm4 (m4) on Mac OS X. The flaw may allow local users to gain privileges if gm4 is executed by setuid programs. The vulnerability is triggered through improper handling of format strings in gm4, leading to potential privilege escalation. The...
Oracle Database Server 9.0.x - Oracle Binary Local Buffer Overflow
// source: https://www.securityfocus.com/bid/8844/info Oracle Database Server 'oracle' binary has been reported prone to a local buffer overflow vulnerability. The issue likely presents itself due to a lack of sufficient boundary checks performed on command line arguments passed to the affected...
[SECURITY] [DSA-385-1] New hztty packages fix buffer overflows
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 385-1 [email protected] http://www.debian.org/security/ Matt Zimmerman September 18th, 2003 http://www.debian.org/security/faq -...
CORE-2003-0531: Multiple IBM DB2 Stack Overflow Vulnerabilities
Core Security Technologies Advisory http://www.coresecurity.com Multiple IBM DB2 Stack Overflow Vulnerabilities Date Published: 2003-09-18 Last Update: 2003-09-18 Advisory ID: CORE-2003-0531 Bugtraq ID: 8552, 8553 CVE Name: CAN-2003-0758, CAN-2003-0759 Title: Multiple IBM DB2 Stack Overflow...
[UNIX] KisMAC Local Privilege Escalation
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...
CVE-2003-0630
CVE-2003-0630 affects the Atari 800 emulator (atari800), specifically the setuid program atari800.svgalib. Multiple buffer overflows in this component, present before version 1.2.2, allow local users to gain privileges via long command line arguments (demonstrated with -osa_rom). The issue is doc...
CVE-2003-0671
Format string vulnerability in tcpflow, when used in a setuid context, allows local users to execute arbitrary code via the device name argument, as demonstrated in Sustworks IPNetSentryX and IPNetMonitorX the setuid program RunTCPFlow...
ViRobot Linux Server 2.0 - Local Overflow
ViRobot Linux Server 2.0 - Local Overflow source: https://www.securityfocus.com/bid/8462/info Various potential security vulnerabilities have been reported for ViRobot Linux Server. Problems are said to occur within various setuid binaries installed by the program. Reports indicate that some of...
ViRobot Linux Server 2.0 - Local Overflow
source: https://www.securityfocus.com/bid/8462/info Various potential security vulnerabilities have been reported for ViRobot Linux Server. Problems are said to occur within various setuid binaries installed by the program. Reports indicate that some of these binaries may be prone to buffer...
CVE-2003-0670
Sustworks IPNetSentryX and IPNetMonitorX are affected. The setuid helper applications RunTCPDump (invokes tcpdump) and RunTCPFlow (invokes tcpflow) allow local users to sniff network packets, exposing partial confidentiality. Root cause is the presence of setuid wrappers enabling packet capture. ...
CVE-2003-0501
The /proc filesystem in Linux allows local users to obtain sensitive information by opening various entries in /proc/self before executing a setuid program, which causes the program to fail to change the ownership and permissions of those entries...
[SECURITY] [DSA-364-1] New man-db packages fix buffer overflows, arbitrary command execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 364-1 [email protected] http://www.debian.org/security/ Matt Zimmerman August 4th, 2003 http://www.debian.org/security/faq -...
IBM DB2 - Shared Library Injection
IBM DB2 - Shared Library Injection source: https://www.securityfocus.com/bid/8346/info IBM DB2 ships with a number of shared libraries, stored in a directory owned by the user and group 'bin'. As setuid root utilities are linked to these libraries, their ownership by a user and group of a lower...
DSA-364 man-db - buffer overflows, arbitrary command execution
Bulletin has no description...
CDRTools 2.0 - RSCSI Debug File Arbitrary Local File Manipulation
CDRTools 2.0 - RSCSI Debug File Arbitrary Local File Manipulation source: https://www.securityfocus.com/bid/8328/info It has been reported that the rscsi utility may provide for the modification of ownership and the corruption of arbitrary attacker specified files. It has been reported that a loc...