OSVDB: Open Sourced Vulnerability Database

Browse Database

Browsing Vulnerabilities Disclosed in May of 1994

OSVDB ID	Disclosure Date	Title
17039 [CLOSE] OSVDB ID : 17039 - Disclosed: 1994-05-27 Description: Unknown / Incomplete	1994-05-27	SunOS Console proc cred Structure Modification Privilege Escalation
1007 [CLOSE] OSVDB ID : 1007 - Disclosed: 1994-05-21 Description: The rlogin command of multiple Unix vendor contains a flaw that may allow a remote attacker to bypass authentication settings. The issue is triggered when using the '-froot' parameter, which allows a remote attacker to gain root access on a system without being prompted for a password resulting in a loss of integrity.	1994-05-21	Multiple Unix Vendor rlogin -froot Remote Authentication Bypass
8740 [CLOSE] OSVDB ID : 8740 - Disclosed: 1994-05-11 Description: SunOS contains a flaw in "/usr/bin/passwd" binary that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when a local attacker creates a symlink to the password file and uses the "passwd -F" option, which will recreate the password file with increased attacker priveilges. This flaw may lead to a loss of integrity.	1994-05-11	SunOS passwd -F Symlink Race Arbitrary File Overwrite
17038 [CLOSE] OSVDB ID : 17038 - Disclosed: 1994-05-10 Description: Unknown / Incomplete	1994-05-10	Multiple Unix Vendor passwd -F Arbitrary Privileged File Access
17036 [CLOSE] OSVDB ID : 17036 - Disclosed: 1994-05-06 Description: UCB Pop Server (a.k.a. popper/qpop/qpopper) contains a flaw that may allow a malicious local user to overwrite or create arbitrary root-owned files on the system. The issue is due to the pop program creating temporary files insecurely. It is possible for a user to use a symlink style attack to manipulate arbitrary files, resulting in a loss of integrity.	1994-05-06	UCB Pop Server Arbitrary Privileged File Creation
17037 [CLOSE] OSVDB ID : 17037 - Disclosed: 1994-05-06 Description: UCB Pop Server (a.k.a. popper/qpop/qpopper) contains a flaw related to the logging that may allow an attacker to send anonymous, untraceable mail. Popper does not, by default log users. Using XTND XMIT it's possible send mail that cannot be traced back to the user.	1994-05-06	UCB Pop Server XTND XMIT Anonymous Mail Send
17035 [CLOSE] OSVDB ID : 17035 - Disclosed: 1994-05-05 Description: Unknown / Incomplete	1994-05-05	Solaris automountd Floppy Mount Privilege Escalation
9654 [CLOSE] OSVDB ID : 9654 - Disclosed: 1994-05-04 Description: (Description Provided by CVE) : Vulnerability in Glance and gpm programs in GlancePlus for HP-UX 9.x and earlier allows local users to access arbitrary files and gain privileges.	1994-05-04	HP-UX GlancePlus glance Arbitrary File Access Privilege Escalation
9655 [CLOSE] OSVDB ID : 9655 - Disclosed: 1994-05-04 Description: (Description Provided by CVE) : Vulnerability in Glance and gpm programs in GlancePlus for HP-UX 9.x and earlier allows local users to access arbitrary files and gain privileges.	1994-05-04	HP-UX GlancePlus gpm Arbitrary File Access Privilege Escalation

The database information may change without any notice. Use of the information constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the copyright holder or distributor (OSVDB or OSF) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.