www.hack.co.za

	[[-irix 5.3-]]

[-local-]	[-description-]	[-author-]
addnetpr.sh	addnetpr race condition	jaechul choe
cdplayer.c	command line parsing buffer overflow	david hedley
cdplayer	race conditions allow local root shell	unknown
chost / cimport	users can write to any file on system	grant kaufmann
csetup	csetup follows symlinks, allows local root exploit	jay
df.c / df2.c / df3.c	command line parsing buffer overflow	[multiple]
dutman.c	unchecked argument control exploit	unknown
gmemusage.sh	gmemusage libc system() function vulnerability	lsd
iwsh.c	command line parsing buffer overflow	dcrh
libxt.c	libXt.so library buffer overflow vulnerability	lsd
login.c / login2.c	command line parsing buffer overflow	[multiple]
monpanel.c	command line parsing buffer overflow	david hedley
netprint	bad system() call allows priveledge lp gain	yuri volobuev
ordist.c	command line parsing buffer overflow	lsd
perm.c	permissions enviroment overflow	dcrh
pkgadjust.sh	users can run commands as root	unknown
printers.c	-xrm argument overflow	dcrh
pset.c	pset -s argument overflow	lsd
rlogin.c	term environment buffer overflow vulnerability	lsd
rld.sh	runtime linker behaviour vulnerability	lsd
scanners	scanners fail to drop uid=0	yuri volobuev
serialport.sh	race conditions with suid administration scripts	unknown
sexec.sh	suid_exec environment exploit	unknown
startmidi	startmidi race condition allows file creation	unknown
systour.sh	race condition allows command execution	unknown
xconsole.c	command line parsing buffer overflow	david hedley
xlock.c	command line parsing buffer overflow	dcrh
xterm.c	command line parsing buffer overflow	dcrh
xwsh.c	command line parsing buffer overflow	david hedley

[-remote-]	[-description-]	[-author-]
binds.c / named.c / named2.c	dns iquery buffer overflow vulnerability	lsd
handler	handle.cgi allows remote command execution	unknown
objectserver.c / objectserver2.c	objectserver protocol remote management vulnerability	lsd
rpc_ttdbserverd.c	rpc.ttdbserverd daemon buffer overflow vulnerability	lsd
webdist-cgi	webdest.cgi allows remote command execution	unknown