SGI Performance Co-Pilot 2.1.x/2.2 - pmpost Symbolic Link

// source: https://www.securityfocus.com/bid/2887/info Performance Co-Pilot PCP is a set of services to support system-level performance monitoring developed by SGI. It has traditionally been an IRIX product, however SGI has made it open source and it is now available for Linux systems. One of th...

Due to insecure creation of configuration files via KApplication-class, local users can create arbitrary files when running setuid root KDE programs

Overview KApplication-class, a class used to create KDE applications, creates configuration files without checking for proper ownership or prior existence. Description KApplication-class, a class used to create KDE applications, creates configuration files. These files are created in a local...

Unsafe Signal Handling in Sendmail

RAZOR advisory: Unsafe Signal Handling in Sendmail Issue Date: May 28, 2001 Contact: Michal Zalewski [email protected] Topic: Sendmail signal handlers used for dealing with specific signals are vulnerable to numerous race conditions. Affected Systems: Any systems running sendmail tested ...

CVE-2001-1327

pmake before 2.1.35 in Turbolinux 6.05 and earlier is installed with setuid root privileges, which could allow local users to gain privileges by exploiting vulnerabilities in pmake or programs that are used by pmake...

CVE-2001-0459

Buffer overflows in ascdc Afterstep while running setuid allows local users to gain root privileges via a long 1 -d option, 2 -m option, or 3 -f option...

CVE-2001-0459

CVE-2001-0459 corresponds to buffer overflows in the ascdc component of AfterStep when run with setuid. The vulnerability allows local users to gain root privileges by providing excessively long arguments via the long options -d, -m, or -f. The connected sources confirm the affected component and...

CVE-2001-0170

Technical specifics (affected product versions, root cause, mitigations, or exploit details) are not publicly provided in the supplied documents; monitor for updates.

IRIX /usr/lib/print/netprint local root symbols exploit.

i haven't audited anything in some time. well, i just noticed this because i am doing a project with a name similar to "netprint" and i was wondering if it was at all related to what i was doing. it wasn't. but, i noticed it was setuid root and had a little bug. this bug takes advantage of the -n...

IRIX 5.36.x - netprint Arbitrary Shared Library Usage

IRIX 5.36.x - netprint Arbitrary Shared Library Usage // source: https://www.securityfocus.com/bid/2656/info The 'netprint' utility shipped with SGI Irix systems is used to send print jobs to print spoolers on remote hosts. It is installed setuid root by default. At the command line, 'netprint'...

IRIX 5.3/6.x - 'netprint' Arbitrary Shared Library Usage

// source: https://www.securityfocus.com/bid/2656/info The 'netprint' utility shipped with SGI Irix systems is used to send print jobs to print spoolers on remote hosts. It is installed setuid root by default. At the command line, 'netprint' accepts an option to specify the network type -n. This...

Проблемы в linux kernel (sysctl и ptrace)

Отрицательное смещение в вызове sysctl позволеят обращаться к памяти ядра, кроме того через ptrace можно изменить выполнение setuid процесса. На intel-архитектурах кроме того возможет DoS...

Solaris ufsrestore buffer overflow in command pathname parameters for interactive session

Overview There is a buffer overflow in ufsrestore, a file restoration utility. Description When operating in interactive mode, the pathname parameter of the extract command is not properly bounds checked. When used in conjunction with long pathnames contained in the dump file, an internal buffer...

Linux Kernel 2.2.18 (RedHat 6.27.0 2.2.142.2.182.2.18ow4) - ptraceexecve Race Condition Privilege Escalation (1)

Linux Kernel 2.2.18 RedHat 6.27.0 2.2.142.2.182.2.18ow4 - ptraceexecve Race Condition Privilege Escalation 1 / EDB Note: Updated exploit can be found here: https://www.exploit-db.com/exploits/20721/ source: https://www.securityfocus.com/bid/2529/info The Linux kernel is the core of all...

Linux Kernel 2.2.18 (RedHat 6.27.0 2.2.142.2.182.2.18ow4) - ptraceexecve Race Condition Privilege Escalation (2)

Linux Kernel 2.2.18 RedHat 6.27.0 2.2.142.2.182.2.18ow4 - ptraceexecve Race Condition Privilege Escalation 2 / source: https://www.securityfocus.com/bid/2529/info The Linux kernel is the core of all distributions of the Linux Operating System. It was originally written by Linus Torvalds, and is...

Linux Kernel 2.2.18 (RedHat 6.2/7.0 / 2.2.14/2.2.18/2.2.18ow4) - ptrace/execve Race Condition Privilege Escalation (1)

/ EDB Note: Updated exploit can be found here: https://www.exploit-db.com/exploits/20721/ source: https://www.securityfocus.com/bid/2529/info The Linux kernel is the core of all distributions of the Linux Operating System. It was originally written by Linus Torvalds, and is maintained by a...

[ Hackerslab bug_paper ] SunOS application perfmon vulnerability

============================================================================== Hackerslab bugpaper SunOS application perfmon vulnerability ============================================================================== File : /opt/JSParm/bin/perfmon SYSTEM : Solaris 2.X INFO : parm is a program th...

ascdc Buffer Overflow Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 TITLE: ascdc Buffer Overflow Vulnerability ADVISORY ID: WSIR-01/02-06 DISCOVERED BY: Christer Цberg, Wkit Security AB CONTACT: [email protected], Wkit Security AB CLASS: Buffer Overflow OBJECT: ascdc exec VENDOR: Rob Malda http://www.CmdrTaco.net...

Rob Malda ASCDC 0.3 - Local Buffer Overflow (2)

// source: https://www.securityfocus.com/bid/2462/info ascdc is a program written for X by Rob Malda. It is designed to provide a graphical interface to cd changing on linux systems. A vulnerability in the program could allow elevated privileges on a system with the package installed setuid. Due ...

FreeBSD 3.5.14.2 - Ports Package xklock Local Privilege Escalation

FreeBSD 3.5.14.2 - Ports Package xklock Local Privilege Escalation / xklock - FreeBSD 3.5.1 & 4.2 ports package local root exploit The X key lock program contain several exploitable buffer overflows in command line arguments aswell as the 'JNAME' environment variable. xklock is installed setuid...

CVE-2001-0084

The CVE-2001-0084 issue affects the GTK+ library, where the GTK_MODULES environment variable lets local users specify arbitrary modules. If GTK+ is used by a setuid/setgid program, this can let local users gain privileges. Reports from PT-2001-1319 describe GTK+ (affected versions not specified) ...