Sam Hawker wmcdplay 1.0 beta1-2 - Local Buffer Overflow (2)

source: https://www.securityfocus.com/bid/1047/info wmcdplay is cdplayer generally used with the WindowMaker X11 window-manager on unix systems. While wmcdplay is rarely installed at all by default, when it is installed it is typically set setuid root. wmcdplay is vulnerable to a buffer overflow...

AT Computing atsar_linux 1.4 - File Manipulation

AT Computing atsarlinux 1.4 - File Manipulation source: https://www.securityfocus.com/bid/1048/info atsar is a linux load monitoring software package released under the GPL by AT Computing. atsadc is a setuid root binary that is included in the atsar package. atsadc is setuid because it obtains...

AT Computing atsar_linux 1.4 - File Manipulation

source: https://www.securityfocus.com/bid/1048/info atsar is a linux load monitoring software package released under the GPL by AT Computing. atsadc is a setuid root binary that is included in the atsar package. atsadc is setuid because it obtains informatin via /dev/kmem. atsadc will accept as a...

Matt Kimball and Roger Wolff mtr 0.280.41 Turbolinux 3.5 b24.24.46.0 - mtr (2)

Matt Kimball and Roger Wolff mtr 0.280.41 Turbolinux 3.5 b24.24.46.0 - mtr 2 // source: https://www.securityfocus.com/bid/1038/info A potential vulnerability exists in the 'mtr' program, by Matt Kimball and Roger Wolff. Versions prior to 0.42 incorrectly dropped privileges on all Unix variants...

CVE-1999-0462

suidperl in Linux Perl does not check the nosuid mount option on file systems, allowing local users to gain root access by placing a setuid script in a mountable file system, e.g. a CD-ROM or floppy disk...

CVE-1999-1382

NetWare NFS mode 1 and 2 implements the "Read Only" flag in Unix by changing the ownership of a file to root, which allows local users to gain root privileges by creating a setuid program and setting it to "Read Only," which NetWare-NFS changes to a setuid root program...

SGI IRIX 6.2 - midikeyssoundplayer Local Privilege Escalation

SGI IRIX 6.2 - midikeyssoundplayer Local Privilege Escalation !/bin/sh source: https://www.securityfocus.com/bid/909/info SGI's Irix operating system ships with an X11 application called 'soundplayer' which is used to play .WAV files. It is not setuid root by itself, but can inherit root privileg...

Majordomo 1.94.4/1.94.5 - Local -C Parameter (1)

source: https://www.securityfocus.com/bid/903/info It is possible for a local user to gain majordomo privileges through a vulnerability which allows privileged arbitrary commands to be executed. If the -C parameter is passed to majordomo or one of several other scripts when run with the setuid ro...

Great Circle Associates Majordomo 1.94.4 - Local resend

Great Circle Associates Majordomo 1.94.4 - Local resend source: https://www.securityfocus.com/bid/902/info It is possible to execute arbitrary commands with elevated privileges through exploiting the majordomo binary, "resend". A setuid root wrapper program calls resend after setuiding and...

Great Circle Associates Majordomo 1.94.4 - Local resend

source: https://www.securityfocus.com/bid/902/info It is possible to execute arbitrary commands with elevated privileges through exploiting the majordomo binary, "resend". A setuid root wrapper program calls resend after setuiding and setgiding to lowered but still elevated privileges which it ru...

SunOS 4.1.1 - '/usr/release/bin/makeinstall' Local Privilege Escalation

source: https://www.securityfocus.com/bid/21/info This applies to sites that have installed Sun Source tapes only. The Sun distribution of sources sunsrc has an installation procedure which creates the directory /usr/release/bin and installs two setuid root files in it: makeinstall and winstall...

SunOS 4.1.1 - usrreleasebinmakeinstall Local Privilege Escalation

SunOS 4.1.1 - usrreleasebinmakeinstall Local Privilege Escalation source: https://www.securityfocus.com/bid/21/info This applies to sites that have installed Sun Source tapes only. The Sun distribution of sources sunsrc has an installation procedure which creates the directory /usr/release/bin an...

SunOS 4.1.1 - usrreleasebinwinstall Local Privilege Escalation

SunOS 4.1.1 - usrreleasebinwinstall Local Privilege Escalation source: https://www.securityfocus.com/bid/22/info This applies to sites that have installed Sun Source tapes only. The Sun distribution of sources sunsrc has an installation procedure which creates the directory /usr/release/bin and...

SunOS 4.1.1 - '/usr/release/bin/winstall' Local Privilege Escalation

source: https://www.securityfocus.com/bid/22/info This applies to sites that have installed Sun Source tapes only. The Sun distribution of sources sunsrc has an installation procedure which creates the directory /usr/release/bin and installs two setuid root files in it: makeinstall and winstall...

oracle_intelligent_agent.txt

START OF BUGTRAQ POST Oracle installations with the 'Oracle Intelligent Agent' installed have a path related vulnerability. The problem lies in the dbsnmp program located in $ORACLEHOME/bin . This setuid root program calls a tcl script nmiconf.tcl located by default in...

Mandriva Linux Mandrake 6.0 / Gnome Libs 1.0.8 - 'espeaker' Local Buffer Overflow

source: https://www.securityfocus.com/bid/663/info A buffer overflow vulnerabilityin GNOME's shared libraries handling of the 'espeaker' command line argument may allow local users to attack setuid binaries linked against these libraries to obtain root access. Calling a program linked against GNO...

Mandriva Linux Mandrake 6.0 Gnome Libs 1.0.8 - espeaker Local Buffer Overflow

Mandriva Linux Mandrake 6.0 Gnome Libs 1.0.8 - espeaker Local Buffer Overflow source: https://www.securityfocus.com/bid/663/info A buffer overflow vulnerabilityin GNOME's shared libraries handling of the 'espeaker' command line argument may allow local users to attack setuid binaries linked again...

dtsession_vuln.txt

Subject: Vulnerability in dtsession To: [email protected] Hello, I discovered the following security problem in dtsession actually in libtt.so, part of CDE: Description ----------- The session manager dtsession contains an overflow vulnerability when parsing the environment variable...

SCO Open Server 5.0.5 - X Library Buffer Overflow (1)

// source: https://www.securityfocus.com/bid/638/info A buffer overflow vulnerability in the shared X library may allows local users to obtain higher privileges. Any setuid applications linked against the library are possibly vulnerable. The vulnerability is in the handling of the '-bg' command...

SCO Open Server 5.0.5 - X Library Buffer Overflow (1)

SCO Open Server 5.0.5 - X Library Buffer Overflow 1 // source: https://www.securityfocus.com/bid/638/info A buffer overflow vulnerability in the shared X library may allows local users to obtain higher privileges. Any setuid applications linked against the library are possibly vulnerable. The...