CVE-2004-1070

Technical details (affected kernel versions, vulnerable component, impact, or remediation) are not publicly available in the provided documents. Monitor for updates.

CVE-2004-0186

smbmnt in Samba 2.x and 3.x on Linux 2.6, when installed setuid, allows local users to gain root privileges by mounting a Samba share that contains a setuid root program, whose setuid attributes are not cleared when the share is mounted...

CVE-2004-0172

Heap-based buffer overflow in the searchforcommand function of ltrace 0.3.10, if it is installed setuid, could allow local users to execute arbitrary code via a long filename. NOTE: It is unclear whether there are any packages that install ltrace as a setuid program, so this candidate might be...

PT-2003-1958 · Sco · Open Unix +1

Name of the Vulnerable Software and Affected Versions: SCO UnixWare versions 7.1.1, 7.1.3 Open UNIX version 8.0.0 Description: The issue allows local users to bypass protections for the address space file for a process ID by obtaining a procfs file descriptor for the file and calling execve on a...

CVE-2003-0501

The /proc filesystem in Linux allows local users to obtain sensitive information by opening various entries in /proc/self before executing a setuid program, which causes the program to fail to change the ownership and permissions of those entries...

CVE-2003-0501

The /proc filesystem in Linux allows local users to obtain sensitive information by opening various entries in /proc/self before executing a setuid program, which causes the program to fail to change the ownership and permissions of those entries...

CVE-1999-1080

rmmount in SunOS 5.7 may mount file systems without the nosuid flag set, contrary to the documentation and its use in previous versions of SunOS, which could allow local users with physical access to gain root privileges by mounting a floppy or CD-ROM that contains a setuid program and running...

QNX 6.x - 'ptrace()' Arbitrary Process Modification

source: https://www.securityfocus.com/bid/4919/info The QNX implementation of 'ptrace' is reportedly insecure. An unprivileged process may attach to a setuid program without restriction. Since the attaching process may view or edit memory, an attacker may exploit this issue to escalate privileges...

CVE-1999-1382

NetWare NFS mode 1 and 2 implements the "Read Only" flag in Unix by changing the ownership of a file to root, which allows local users to gain root privileges by creating a setuid program and setting it to "Read Only," which NetWare-NFS changes to a setuid root program...

CVE-1999-1382

CVE-1999-1382 describes a local privilege escalation in NetWare NFS mode 1 and 2. The issue arises when NetWare-NFS implements the Unix Read Only flag by changing a file’s ownership to root, which can be exploited by a local user who creates a setuid program and marks it as Read Only; NetWare-NFS...

Linux Kernel 2.22.4 - procfs Stream redirection to Process Memory Privilege Escalation

Linux Kernel 2.22.4 - procfs Stream redirection to Process Memory Privilege Escalation / source: https://www.securityfocus.com/bid/2937/info The Linux /proc filesystem is a virtual filesystem provided by the Linux Kernel as an interface to some process and system information and parameters. Under...

Linux Kernel 2.2/2.4 - procfs Stream redirection to Process Memory Privilege Escalation

/ source: https://www.securityfocus.com/bid/2937/info The Linux /proc filesystem is a virtual filesystem provided by the Linux Kernel as an interface to some process and system information and parameters. Under certain circumstances, an access validation error may exist in the handling of...

CVE-2000-0959

glibc2 does not properly clear the LDDEBUGOUTPUT and LDDEBUG environmental variables when a program is spawned from a setuid program, which could allow local users to overwrite files via a symlink attack...

itetris[v1.6.2] local root exploit (system()+../ protection)

i was auditing some svgalibsuid root programs and noticed itetris had a possibly exploitable system; call... which has since obviously proven exploitable or i wouldn't be posting this message. : ORIGINAL exploit url belowun-wrapped: http://realhalo.org/xitetris.c xitetris.c: / itetrisv1.6.2 local...

CVE-1999-1382

NetWare NFS mode 1 and 2 implements the "Read Only" flag in Unix by changing the ownership of a file to root, which allows local users to gain root privileges by creating a setuid program and setting it to "Read Only," which NetWare-NFS changes to a setuid root program...

qmail-DoS.txt

Date: Mon, 4 Jan 1999 00:04:09 -0500 From: Wietse Venema To: [email protected] Subject: Anonymous Qmail Denial of Service In recent postings, Daniel Bernstein expands on the insecurity of the Postfix world-writable directory for local mail submission. Of all the attacks possible with such a...

CVE-1999-1182

Buffer overflow in run-time linkers 1 ld.so or 2 ld-linux.so for Linux systems allows local users to gain privileges by calling a setuid program with a long program name argv0 and forcing ld.so/ld-linux.so to report an error...