|
[[-irix
5.3-]] |
|
|
[-local-] |
[-description-] |
[-author-] |
addnetpr.sh |
addnetpr race condition |
jaechul choe |
cdplayer.c |
command line parsing
buffer overflow |
david hedley |
cdplayer |
race conditions allow
local root shell |
unknown |
chost
/ cimport |
users can write to any
file on system |
grant kaufmann |
csetup |
csetup follows symlinks,
allows local root exploit |
jay |
df.c / df2.c
/ df3.c |
command line parsing
buffer overflow |
[multiple] |
dutman.c |
unchecked argument control
exploit |
unknown |
gmemusage.sh |
gmemusage libc system()
function vulnerability |
lsd |
iwsh.c |
command line parsing
buffer overflow |
dcrh |
libxt.c |
libXt.so library buffer
overflow vulnerability |
lsd |
login.c / login2.c |
command line parsing
buffer overflow |
[multiple] |
monpanel.c
|
command line parsing
buffer overflow |
david hedley |
netprint |
bad system() call allows
priveledge lp gain |
yuri volobuev |
ordist.c |
command line parsing
buffer overflow |
lsd |
perm.c |
permissions enviroment
overflow |
dcrh |
pkgadjust.sh |
users can run commands
as root |
unknown |
printers.c |
-xrm argument overflow |
dcrh |
pset.c |
pset -s argument overflow |
lsd |
rlogin.c |
term environment buffer
overflow vulnerability |
lsd |
rld.sh |
runtime linker behaviour
vulnerability |
lsd |
scanners |
scanners fail to drop
uid=0 |
yuri volobuev |
serialport.sh |
race conditions with
suid administration scripts |
unknown |
sexec.sh |
suid_exec environment
exploit |
unknown |
startmidi |
startmidi race condition
allows file creation |
unknown |
systour.sh
|
race condition allows
command execution |
unknown |
xconsole.c |
command line parsing
buffer overflow |
david hedley |
xlock.c |
command line parsing
buffer overflow |
dcrh |
xterm.c |
command line parsing
buffer overflow |
dcrh |
xwsh.c |
command line parsing
buffer overflow |
david hedley |
|
[-remote-] |
[-description-] |
[-author-] |
binds.c / named.c
/ named2.c |
dns iquery buffer overflow
vulnerability |
lsd |
handler |
handle.cgi allows remote
command execution |
unknown |
objectserver.c
/ objectserver2.c |
objectserver protocol
remote management vulnerability |
lsd |
rpc_ttdbserverd.c |
rpc.ttdbserverd daemon
buffer overflow vulnerability |
lsd |
webdist-cgi
|
webdest.cgi allows remote
command execution |
unknown |
|