FreeBSD 3.3 gdc Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/834/info There is a buffer overflow vulnerability known to be present in the version of gdc shipped with the 3.3-RELEASE version of FreeBSD. By default, only users in group wheel have execute access to gdc. The overflow...

[Full-Disclosure] iDEFENSE Security Advisory 06.16.03: Linux-PAM getlogin() Spoofing Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 iDEFENSE Security Advisory 06.16.03: http://www.idefense.com/advisory/06.16.03.txt Linux-PAM getlogin Spoofing Vulnerability June 16, 2003 I. BACKGROUND The Pluggable Authentication Module PAM is a flexible mechanism for authenticating users. More...

Group-writable executable in OpenLDAP

OpenLDAP installs the ud binary in $binpath with mode 775 and default group i.e. either you primary gid or the directories gid. Of course the consequences depend on which group this actually is. This was checked with 1.2.11 latest stable, but probably also exists in earlier versions, since the...