EUVD-2002-1766

Malware in sbrugna...

CVE-2002-1787

Buffer overflow in uux in eoe.sw.uucp package of SGI IRIX 6.5 through 6.5.17 allows local users to execute arbitrary code via unknown attack vectors...

Solaris 2.6 (sparc) : 106894-01

SunOS 5.6: /usr/bin/uux patch. Date this patch was last updated by Sun : Jan/04/99 %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/09/17. C Tenable Network Security, Inc. if !...

CVE-2002-1787

Buffer overflow in uux in eoe.sw.uucp package of SGI IRIX 6.5 through 6.5.17 allows local users to execute arbitrary code via unknown attack vectors...

CVE-2002-1604

Multiple buffer overflows in HP Tru64 UNIX allow local and possibly remote attackers to execute arbitrary code via a long NLSPATH environment variable to 1 csh, 2 dtsession, 3 dxsysinfo, 4 imapd, 5 inc, 6 uucp, 7 uux, 8 rdist, or 9 deliver...

Solaris 7 (sparc) : 106952-04

SunOS 5.7: /usr/bin/uux patch. Date this patch was last updated by Sun : Feb/13/04 %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/10/24. C Tenable Network Security, Inc. if !...

rpcbind/fsr_efs/mv/errhook/uux vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- SGI Security Advisory Title: rpcbind/fsrefs/mv/errhook/uux vulnerabilities Number: 20020903-01-P Date: October 3, 2002 - ----------------------- - --- Issue Specifics --- - ----------------------- It's been reported that there are several vulnerabilities in...

Re: uucp --config patch -- not sufficient

On debian the uucp and uux binaries are owned by the uucp user. Additionally /usr/lib/uucp is writeable by the uucp user. This allows us to have some fun since we don't have that nasty makewhatis, but we can still get root by trojaning uucp and uux and hoping a root owned process executes either...