2180 matches found
CVE-2001-0762
Buffer overflow in su-wrapper 1.1.1 allows local users to execute arbitrary code via a long first argument...
CVE-2001-0762
CVE-2001-0762 describes a buffer overflow in su-wrapper 1.1.1 that allows local users to execute arbitrary code by providing a long first argument. The vulnerability is consistent with a local-exploit scenario and a potential impact on confidentiality, integrity, and availability as per the CVSS ...
CVE-2001-0762
Buffer overflow in su-wrapper 1.1.1 allows local users to execute arbitrary code via a long first argument...
Переполнение буфера в su-wrapper (buffer overflow)
Переполнение буфера в агрументе командной строки...
su-wrapper 1.1.1 Local root exploit.
/ - su-wrapper.c - / // / /usr/sbin/su-wrappersu-wrapper 1.1.1 local root exploit. / / / / Package Description: / / su-wrapper is an little util which lets special users execute / / processes under another uid/gid. / / / / Vulnerability Description: / / If a long line on the first argument is...
kosch suid wrapper 1.1.1 - Local Buffer Overflow
kosch suid wrapper 1.1.1 - Local Buffer Overflow // source: https://www.securityfocus.com/bid/2837/info A boundary condition error exists in suid wrapper or 'su-wrapper.' The overflow occurs when a string exceeding approximately 1032 characters is given as the first argument when the program is...
kosch suid wrapper 1.1.1 - Local Buffer Overflow
// source: https://www.securityfocus.com/bid/2837/info A boundary condition error exists in suid wrapper or 'su-wrapper.' The overflow occurs when a string exceeding approximately 1032 characters is given as the first argument when the program is run. Because the program is installed setuid root,...
SGI IRIX df buffer overflow in directory argument
Overview Description The df program is used to display statistics about the amount of used and free disc space on a set of mounted file systems. Alternately, it can be used to check on the amount of space available on unmounted block devices which may be specified by some path. Due to insufficien...
CVE-2000-0701
The vulnerability CVE-2000-0701 affects the Mailman project’s wrapper program in versions 2.0beta3 and 2.0beta4. The root cause is improper cleansing of untrusted format strings, which permits local privilege escalation. The NVD entry lists local attack vector with low complexity and partial impa...
CVE-2000-0037
Technical details for CVE-2000-0037 are not publicly provided in the connected documents; only the high-level description is available. Monitor for updates.
Majordomo 1.94.4/1.94.5 - Local -C Parameter (1)
source: https://www.securityfocus.com/bid/903/info It is possible for a local user to gain majordomo privileges through a vulnerability which allows privileged arbitrary commands to be executed. If the -C parameter is passed to majordomo or one of several other scripts when run with the setuid ro...
CVE-2000-0037
Majordomo wrapper allows local users to gain privileges by specifying an alternate configuration file...
Attackers can trigger deserialization of arbitrary data via the phar:// wrapper.
There was a problem hiding this comment. Choose a reason for hiding this comment The reason will be displayed to describe this comment to others. Learn more. Choose a reason Spam Abuse Off Topic Outdated Duplicate Resolved Hide comment I'm afraid this change is wrong. fileexists is not the only...
Attackers can trigger deserialization of arbitrary data via the phar:// wrapper.
There was a problem hiding this comment. Choose a reason for hiding this comment The reason will be displayed to describe this comment to others. Learn more. Choose a reason Spam Abuse Off Topic Outdated Duplicate Resolved Hide comment I'm afraid this change is wrong. fileexists is not the only...
Attackers can trigger deserialization of arbitrary data via the phar:// wrapper.
There was a problem hiding this comment. Choose a reason for hiding this comment The reason will be displayed to describe this comment to others. Learn more. Choose a reason Spam Abuse Off Topic Outdated Duplicate Resolved Hide comment I'm afraid this change is wrong. fileexists is not the only...
Attackers can trigger deserialization of arbitrary data via the phar:// wrapper.
There was a problem hiding this comment. Choose a reason for hiding this comment The reason will be displayed to describe this comment to others. Learn more. Choose a reason Spam Abuse Off Topic Outdated Duplicate Resolved Hide comment I'm afraid this change is wrong. fileexists is not the only...
Attackers can trigger deserialization of arbitrary data via the phar:// wrapper.
Fix for security vulnerability: Using the phar:// wrapper it was possible to trigger the unserialization of user provided data...
Attackers can trigger deserialization of arbitrary data via the phar:// wrapper.
Fix for security vulnerability: Using the phar:// wrapper it was possible to trigger the unserialization of user provided data...
Attackers can trigger deserialization of arbitrary data via the phar:// wrapper.
Fix for security vulnerability: Using the phar:// wrapper it was possible to trigger the unserialization of user provided data...
Attackers can trigger deserialization of arbitrary data via the phar:// wrapper.
Fix for security vulnerability: Using the phar:// wrapper it was possible to trigger the unserialization of user provided data...