[Full-disclosure] Mac OS X - malloc() local privilege escalation vulnerability.

Suresec Security Advisory - 00007 25/09/2005 Mac OS X - malloc insecure use of environment variable. Advisory: http://www.suresec.org/advisories/adv7.pdf Description: The malloc function on Mac OS X insecurely trusts a debug variable, regardless of the fact that the calling application may be sui...

[Full-disclosure] [ Suresec Advisories ] - Several MacOS X vulnerabilities

Buffer overflow in ping and traceroute. Vulnerability summary: The ping and traceroute programs used in Mac OS X are vulnerable to a buffer overflow when resolving a hostname. In the case of ping a hostname gets copied into a static buffer which is 80 bytes long. For traceroute the hostname gets...

[ Suresec Advisories ] - Linux kernel ia32 compatibility (ia64/x86-64) race condition

Suresec Security Advisory - 00004 10/07/05 Linux kernel ia32 compatibility race condition Advisory: http://www.suresec.org/advisories/adv4.pdf http://www.suresec.org/advisories/adv3.pdf Description: A race condition vulnerability has been found in the ia32 compatibility execve systemcall. The rac...

[ Suresec Advisories ] - Mac OS X 10.4 - launchd local root vulnerability

Securesec Security Advisory - 00003 09/06/05 Apple Mac OS X 10.4 launchd race condition vulnerability Advisory: http://www.suresec.org/advisories/adv3.pdf Description: A race condition vulnerability has been found in the temporary file creation done by the suid launchd program on Mac OSX 10.4. Th...

remote root security bug in ethereal 0.9.13 >= and <= 0.10.10

Suresec security advisory 2 9th May 2005 CVE ID: CAN-2005-1461 Remote root vulnerability in Ethereal. About ethereal: Ethereal is a widely used network packet capturing utility which has support for over 700 network protocols. Vulnerability summary: Ethereal has a dissector for the distcc network...