NSFOCUS SA2003-08: HP-UX libc NLSPATH Environment Variable Privilege Elevation Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 NSFOCUS Security AdvisorySA2003-08 Topic: HP-UX libc NLSPATH Environment Variable Privilege Elevation Vulnerability Release Date: 2003-11-13 CVE CAN ID: CAN-2003-0090 http://www.nsfocus.com/english/homepage/research/0308.htm Affected system:...

NSFOCUS SA2003-08: HP-UX libc NLSPATH Environment Variable Privilege Elevation Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 NSFOCUS Security AdvisorySA2003-08 Topic: HP-UX libc NLSPATH Environment Variable Privilege Elevation Vulnerability Release Date: 2003-11-13 CVE CAN ID: CAN-2003-0090 http://www.nsfocus.com/english/homepage/research/0308.htm Affected system:...

ld.so fails to unset LD_PRELOAD before executing suid root programs

Overview ld.so fails to unset LDPRELOAD before executing suid root programs, allowing loading of insecure or malicious libraries. Description ld.so, the UNIX/LINUX dynamic loader, fails in some conditions and some operating system releases to unset LDPRELOAD before loading suid root programs for...

libtermcap_exploit.txt

Subject: local libtermcap exploit To: [email protected] Well, I wrote this a little while back. This is a serious bug, so people should be able to test their systems properly. All admins should definitely upgrade to the newest libtermcap. - sk8 of LS / Local exploit for suid root programs...

IBM AIX 4.2.1 / Sun Solaris 7.0 - LC_MESSAGES libc Buffer Overflow (1)

source: https://www.securityfocus.com/bid/268/info A buffer overflow in libc's handling of the LCMESSAGES environment variable allows a malicious user to exploit any suid root program linked agains libc to obtain root privileges. This problem is found in both IBM's AIX and Sun Microsystem's...