Slackware Linux 14.0 / 14.1 / 14.2 / current curl Multiple Vulnerabilities (SSA:2021-258-01)

The version of curl installed on the remote host is prior to 7.79.0. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2021-258-01 advisory. - When curl = 7.20.0 and = 7.20.0 and = 7.78.0 to require a successful upgrade to TLS when speaking to an IMAP, POP3 or FTP...

Slackware Linux 14.2 / current ntfs-3g Multiple Vulnerabilities (SSA:2021-243-01)

The version of ntfs-3g installed on the remote host is prior to 2021.8.22. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2021-243-01 advisory. - A crafted NTFS image can trigger a heap-based buffer overflow, caused by an unsanitized attribute in...

Slackware 14.0 / 14.1 / 14.2 / current : irssi (SSA:2018-046-01)

New irssi packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2018-046-01. The text itself is copyright C Slackware Linux...

CVE-2007-0823

xterm on Slackware Linux 10.2 stores information that had been displayed for a different user account using the same xterm process, which might allow local users to bypass file permissions and read other users' files, or obtain other sensitive information, by reading the xterm process memory. NOT...

CVE-2007-0822

umount, when running with the Linux 2.6.15 kernel on Slackware Linux 10.2, allows local users to trigger a NULL dereference and application crash by invoking the program with a pathname for a USB pen drive that was mounted and then physically removed, which might allow the users to obtain sensiti...

F5 FirePass Detection (HTTP)

HTTP based detection of F5 FirePass. SPDX-FileCopyrightText: 2015 SCHUTZWERK GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...

RedHat Linux <= 6.0, Slackware Linux <= 4.0 Termcap tgetent() Buffer Overflow (1)

No description provided by source. source: http://www.securityfocus.com/bid/588/info A buffer overflow existed in libtermcap's tgetent function, which could cause the user to execute arbitrary code if they were able to supply their own termcap file. Versions of libtermcap 2.0.8 and earliear are...

RedHat Linux <= 6.0, Slackware Linux <= 4.0 Termcap tgetent() Buffer Overflow (2)

No description provided by source. source: http://www.securityfocus.com/bid/588/info A buffer overflow existed in libtermcap's tgetent function, which could cause the user to execute arbitrary code if they were able to supply their own termcap file. Versions of libtermcap 2.0.8 and earliear are...

BSD mailx 8.1.1 -10 Buffer Overflow Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/1305/info Some Linux distributions ship with BSD mailx 8.1.1-10 On Slackware 7.x it can be found as /usr/bin/Mail. A vulnerability exists in the 'mail' program, part of the Berkeley mailx package. The 'mail' program...

nbSMTP <= 0.99 (util.c) Client-Side Command Execution Exploit

No description provided by source. / nbSMTPfsexp.c nbSMTP v0.99 remote format string exploit by CoKi [email protected] root@nosystem:/home/coki/audi ./nbSMTPfsexp nbSMTP v0.99 remote format string exploit by CoKi [email protected] Use: ./nbSMTPfsexp options options: -t arg type of target...

Citadel/UX <= 6.27 Remote Root Format String Exploit

No description provided by source. / citadelfsexp.c Citadel/UX v6.27 remote format string exploit Use: ./citadelfsexp -h host options options: -h arg host or IP -t arg type of target system -l targets list -g arg syslog GOT address -r arg RET address coki@nosystem:/audit$ ./citadelfsexp -h...

Slackware Linux 3.1 - Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/364/info superprobe is an program supplied with XFree86 that helps determine video hardware. It is shipped with Slackware Linux 3.1 and is installed setuid root. There is an exploitable strcpy buffer overflow in the...

Slackware Linux 3.1/3.2 color_xterm Buffer Overflow Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/369/info In Slackware Linux 3.1 and 3.2, the version of color xterm included is vulnerable to a buffer overflow attack that allows for a local user to gain root access. / exploit for colorxterm, modified by zgv / / origin...

Slackware Linux 3.1/3.2 color_xterm Buffer Overflow Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/369/info In Slackware Linux 3.1 and 3.2, the version of color xterm included is vulnerable to a buffer overflow attack that allows for a local user to gain root access. / colorxterm buffer overflow exploit for Linux with...

RedHat Linux 5.0/5.1/5.2,Slackware Linux <= 3.5 klogd Buffer Overflow Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/398/info It is possible to cause a denial of service remote and local through generating old, obscure kernel messages not terminated with \n in klogd. The problem exists because of a buffer overflow in the klogd handling ...

RedHat Linux 5.0/5.1/5.2,Slackware Linux <= 3.5 klogd Buffer Overflow Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/398/info It is possible to cause a denial of service remote and local through generating old, obscure kernel messages not terminated with \n in klogd. The problem exists because of a buffer overflow in the klogd handling ...

Slackware Linux /usr/bin/ppp-off Insecure /tmp Call Exploit

No description provided by source. !/bin/sh In SlackWare Linux the script /usr/bin/ppp-off writes the output of 'ps x' to /tmp/grep.tmp. Since root is the user that runs ppp-off, a non-privileged user could create a link from /tmp/grep.tmp to any fileie: /etc/issue, thus when root runs the ppp-of...

Slackware Linux 3.4 makebootdisk temporary file Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/78/info makebootdisk creates the file /tmp/return insecurely and follows symbolic links. An attacker can create a symbolic link from /tmp/return to any file and wait for root to run the program. This will clober the targe...

Slackware Linux 3.4 liloconfig-color temporary file Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/77/info liloconfig-color creates the file /tmp/reply insecurely and follows symbolic links. An attacker can create a symbolic link from /tmp/reply to any file and wait for root to run the program. This will clober the...

PHP 3.0.16/4.0.2 - Remote Format Overflow Exploit

No description provided by source. / PHP 3.0.16/4.0.2 remote format overflow exploit. Copyright c 2000 Field Marshal Count August Anton Wilhelm Neithardt von Gneisenau [email protected] my regards to sheib and darkx All rights reserved Pascal Boucheraine's paper was enlightening THERE IS NO...