3209 matches found
[SECURITY] [DSA-310-1] New xaos packages fix improper setuid-root execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 310-1 [email protected] http://www.debian.org/security/ Matt Zimmerman June 8th, 2003 http://www.debian.org/security/faq -...
[SECURITY] [DSA-310-1] New xaos packages fix improper setuid-root execution
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 310-1 [email protected] http://www.debian.org/security/ Matt Zimmerman June 8th, 2003 http://www.debian.org/security/faq -...
DSA-310 xaos - improper setuid-root execution
Bulletin has no description...
HP-UX "rexec" command vulnerable to buffer overflow when supplied overly long command line argument to "-l" option
Overview A buffer overflow vulnerability in the rexec program supplied in some versions of the HP-UX operating system could allow local users to gain privileged access. Description The rexec program allows local users to execute commands on remote servers. rexec calls the rexec subroutine to act ...
CVE-2003-0262
leksbot 1.2.3 in Debian GNU/Linux installs the KATAXWR as setuid root, which allows local users to gain root privileges by exploiting unknown vulnerabilities related to the escalated privileges, which KATAXWR is not designed to have...
AIX 4.35.1 - diagrpt Arbitrary Privileged Program Execution
AIX 4.35.1 - diagrpt Arbitrary Privileged Program Execution source: https://www.securityfocus.com/bid/2916/info AIX ships with a diagnostic reporting utility called 'diagrpt'. This utility is installed setuid root by default. When 'diagrpt' executes, it relies on an environment variable to locate...
CDRTools CDRecord 1.11/2.0 - Devname Format String
// source: https://www.securityfocus.com/bid/7565/info CDRecord has been reported prone to a format string vulnerability. The issue presents itself due to a programming error that occurs when calling a printf-like function. It has been reported that by harnessing an unsupported feature of the...
CDRTools CDRecord 1.112.0 - Devname Format String
CDRTools CDRecord 1.112.0 - Devname Format String // source: https://www.securityfocus.com/bid/7565/info CDRecord has been reported prone to a format string vulnerability. The issue presents itself due to a programming error that occurs when calling a printf-like function. It has been reported th...
[SECURITY] [DSA 299-1] New leksbot packages fix improper setuid-root execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 299-1 [email protected] http://www.debian.org/security/ Matt Zimmerman May 6th, 2003 http://www.debian.org/security/faq -...
Leksbot 1.2 - Multiple Vulnerabilities
/ source: https://www.securityfocus.com/bid/7505/info Multiple vulnerabilities have been reported for Leksbot. The precise nature of these vulnerabilities are currently unknown however, exploitation of this issue may result in an attacker obtaining elevated privileges. This is because in some...
DSA-299 leksbot - improper setuid-root execution
Bulletin has no description...
HP-UX 11.0 /usr/bin/kermit
Hi! There are many buffer overflows in kermit on HP-UX 11.0 . I am sure it is vulnerable in other HP-UX versions, too, since "C-Kermit 6.0.192, 6 Sep 96, for HP-UX 10.00" is installed in HP-UX 11.0 by default. /usr/bin/kermit is setuid to bin and setgrp to daemon, so upon succesfull exploitation,...
HP-UX 11.0 /usr/lbin/rwrite
Hi! There is a vulnerability in /usr/lbin/rwrite on HP-UX 11.0 other versions might be vulnerable too. /usr/lbin/rwrite is installed setuid to root by default. $ /usr/lbin/rwrite something perl -e 'print "A" x 14628' something Segmentation fault Solution : remove setuid bit until patch is...
VapidSAP.txt
Vapid Labs SAP database local root vulnerability during installation. December 10, 2002 I. BACKGROUND SAP DB is a Free Enterprise database http://www.sapdb.org. An exploitable race condition exists during installation that can be won to yield root to a local malicous user. An executable is world...
ChiTeX 6.1.2 - Local Privilege Escalation
ChiTeX 6.1.2 - Local Privilege Escalation source: https://www.securityfocus.com/bid/7263/info A vulnerability in ChiTex has been reported that may allow local users to obtain root privileges on vulnerable systems. The vulnerability exists due to the existence of two setuid root binaries that...
safemode-adv-chitext.txt
================================================================== Safemode.org security advisory: CHITEX ================================================================== Introduction: ============= ChiTeX can be used to put Chinese Big5 codes in TeX/LaTeX documents. Operations with the ChiTeX...
ChiTeX 6.1.2 - Local Privilege Escalation
source: https://www.securityfocus.com/bid/7263/info A vulnerability in ChiTex has been reported that may allow local users to obtain root privileges on vulnerable systems. The vulnerability exists due to the existence of two setuid root binaries that execute the 'cat' program without an absolute...
CVE-2002-0246
Format string vulnerability in the message catalog library functions in UnixWare 7.1.1 allows local users to gain privileges by modifying the LCMESSAGE environment variable to read other message catalogs containing format strings from setuid programs such as vxprint...
CVE-2001-1327
CVE-2001-1327 affects pmake prior to 2.1.35 installed on Turbolinux 6.05 and earlier. The issue arises because pmake is installed with setuid root privileges, enabling local users to gain privileges by exploiting vulnerabilities in pmake or programs used by pmake. The NVD lists a base CVSS2 score...
HP-UX 1011 - NLSPATH Environment Variable Format String (2)
HP-UX 1011 - NLSPATH Environment Variable Format String 2 // source: https://www.securityfocus.com/bid/8985/info HP-UX allows the NLSPATH to be set for setuid root programs, which use catopen3C and may be executed by other local users. This could result in privilege escalation as an attacker coul...