10 matches found
cvs recompiled against updated zlib + /tmp fix
New cvs packages are available to fix security problems. Here's the information from the Slackware 8.0 ChangeLog: ---------------------------- Mon Mar 11 17:54:12 PST 2002 patches/packages/cvs.tgz: Patched to link to the shared zlib on the system instead of statically linking to the included zlib...
sniffit-exp1.txt
/ Remote overflow in sniffit.0.3.7.beta tested on slackware 7.1 found/coded by g463 -18th january 2002- The vulnerability is triggered when the option -L is called from the command line with 'normmail' ie : ./sniffit -c ./sampleconfigfile -L normmail It calls a piece of code where the buffer is...
buffer overflow fix for NTP
The version of xntp3 that shipped with Slackware 7.1 as well as the version that was in Slackware -current contains a buffer overflow bug that could lead to a root compromise. Slackware 7.1 and Slackware -current users are urged to upgrade to the new packages available for their release. The...
Slackware 7.1 /usr/bin/mail Local Exploit
Exploit for linux platform in category local exploits ========================================= Slackware 7.1 /usr/bin/mail Local Exploit ========================================= / Slackware 7.1 /usr/bin/Mail Exploit give gid=1 bin if /usr/bin/Mail is setgid but it is not setgid, setuid for...
Slackware 7.1 - '/usr/bin/mail' Local Privilege Escalation
/ Slackware 7.1 /usr/bin/Mail Exploit give gid=1 bin if /usr/bin/Mail is setgid but it is not setgid, setuid for default. tested on my box sl 7.1 crazy exploited by kengz. GID.... \x01 = 1 bin \x02 = 2 , \x03 = 3 , ... \x0a = 10 \x0b = 11 .... / include include define GID "\x03" int mainint argc,...
Slackware 7.1 - usrbinmail Local Privilege Escalation
Slackware 7.1 - usrbinmail Local Privilege Escalation / Slackware 7.1 /usr/bin/Mail Exploit give gid=1 bin if /usr/bin/Mail is setgid but it is not setgid, setuid for default. tested on my box sl 7.1 crazy exploited by kengz. GID.... \x01 = 1 bin \x02 = 2 , \x03 = 3 , ... \x0a = 10 \x0b = 11 .......
multiple vulnerabilities in bind 8.x
Multiple vulnerabilities exist in the versions of BIND found in Slackware 7.1 and -current. Users of BIND 8.x are urged to upgrade to 8.2.3 to fix these problems. More information can be found on the BIND website: http://www.isc.org/products/BIND/ ... and in the CERT Advisory CA-2001-02 - Multipl...
Local /tmp vulnerability fixed in ppp-off
A local /tmp bug in the /usr/sbin/ppp-off program was found. This bug could allow a local user to corrupt system files. A fix has been made and an updated package is now available in the -current branch. The package described below will work for users of Slackware 7.0, 7.1, and -current...
Perl root exploit in Slackware 7.1 & -current
A root exploit was found in the /usr/bin/suidperl5.6.0 program that shipped with the Slackware 7.1 perl.tgz package. It is recommended that all users of Slackware 7.1 and -current upgrade to the perl.tgz package available in the Slackware -current branch. ==================================== perl...
wu-ftpd remote exploit patched
A remote exploit has been found in the FTP daemon, wu-ftpd. This can allow an attacker full access to your machine. The wu-ftpd daemon is part of the tcpip1.tgz package in the N series. A new tcpip1.tgz package is now available in the Slackware 7.1 tree. We have also provided a seperate patch...