[CLOSE] OSVDB ID : 83849 - Disclosed: 1996-12-29

Description:

NetKit (netkit-base) contains a flaw related to multiple components. The issue is triggered when an error occurs. This may allow an attacker to spoof an h_length header in the DNS responses.

[CLOSE] OSVDB ID : 83848 - Disclosed: 1996-12-29

Description:

The bsd-finger component of NetKit contains a flaw related to the parsing of real names from the password file. Specifically, when handling the & character, an error could occur that "probably has security implications" according to the vendor.

[CLOSE] OSVDB ID : 83847 - Disclosed: 1996-12-29

Description:

NetKit (netkit-rsh) contains a flaw that is triggered when the program authenticates a user after the opening of stedrr in rexecd. This may allow an unauthenticated attacker to use the service to port scan an arbitrary system, using the vulnerable rexecd as a proxy.

[CLOSE] OSVDB ID : 83846 - Disclosed: 1996-12-29

Description:

NetKit (netkit-ftp) contains a flaw that is triggered by an unspecified issue in /tmp during the creation of new files. No further details have been provided.

[CLOSE] OSVDB ID : 993 - Disclosed: 1996-12-27

Description:

IRIX contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when the netprint program calls the disable command via a system() call without supplying an absolute path. The PATH environment variable for finding and executing the disable program can be trivially modified by a malicious user. This flaw may lead to a loss of integrity.

[CLOSE] OSVDB ID : 105 - Disclosed: 1996-12-24

Description:

(Description Provided by CVE) : The jj CGI program allows command execution via shell metacharacters.

[CLOSE] OSVDB ID : 9605 - Disclosed: 1996-12-24

Description:

(Description Provided by CVE) : Vulnerability in direct audio user space code on HP-UX 10.20 and 10.10 allows local users to cause a denial of service.

[CLOSE] OSVDB ID : 29235 - Disclosed: 1996-12-22

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 8670 - Disclosed: 1996-12-20

Description:

(Description Provided by CVE) : aspppd on Solaris 2.5 x86 allows local users to modify arbitrary files and gain root privileges via a symlink attack on the /tmp/.asppp.fifo file.

[CLOSE] OSVDB ID : 83140 - Disclosed: 1996-12-20

Description:

IBM AIX is prone to a flaw in the way it loads libraries. The /usr/games/fortune binary uses a fixed path to look for specific files or libraries. This path includes directories that may not be trusted or under user control. By placing a custom version of the file or library in the path, the program will load it before the legitimate version. This allows a local attacker to inject custom code that will be run with the privilege of the program or user executing the program.

[CLOSE] OSVDB ID : 11454 - Disclosed: 1996-12-18

Description:

(Description Provided by CVE) : Oversized ICMP ping packets can result in a denial of service, aka Ping o' Death.

[CLOSE] OSVDB ID : 6085 - Disclosed: 1996-12-16

Description:

A local overflow exists in FreeBSD. Its ppp fails to validate input for the HOME environment variable, resulting in a buffer overflow. With a specially crafted request, an attacker can execute arbitrary code to gain root privileges resulting in a loss of integrity.

[CLOSE] OSVDB ID : 11505 - Disclosed: 1996-12-16

Description:

(Description Provided by CVE) : Buffer overflow in Vixie Cron library up to version 3.0 allows local users to obtain root access via a long environmental variable.

[CLOSE] OSVDB ID : 3101 - Disclosed: 1996-12-12

Description:

Lotus Domino contains a flaw that allows a remote attacker to access databases via HTTP. By manipulating the URL of a document, an attacker can change key components to edit or delete web server content and all data entered is done so under another user ID.

[CLOSE] OSVDB ID : 17001 - Disclosed: 1996-12-11

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 83565 - Disclosed: 1996-12-10

Description:

IRIX contains a flaw that may allow an attacker to gain access to unauthorized privileges. When /usr/sbin/datman is executed, the program looks for the presence of .cdplayerrc and ~/.cddb. If neither is present, the program will make a system call to manipulate database names that can be subverted to execute arbitrary commands.

[CLOSE] OSVDB ID : 55269 - Disclosed: 1996-12-09

Description:

(Description Provided by CVE) : Denial of service in Windows NT IIS server using ..\..

[CLOSE] OSVDB ID : 9598 - Disclosed: 1996-12-09

Description:

(Description Provided by CVE) : Buffer overflow in chfn command in HP-UX 9.X through 10.20 allows local users to gain privileges via a long command line argument.

[CLOSE] OSVDB ID : 8563 - Disclosed: 1996-12-06

Description:

IRIX contains a flaw that may allow a malicious local user to overwrite arbitrary files on the system. The issue is due to the searchbook program creating the iconbook and searchbook desktop files insecurely. It is possible for a user to use a symlink style attack to manipulate arbitrary files, resulting in a loss of integrity.

[CLOSE] OSVDB ID : 6994 - Disclosed: 1996-12-05

Description:

Solaris chkperm utility contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a malicious user sets the VMSYS variable to a user writeable directory, creates a symlink to .facerc, then executes chkperm which will disclose the first five lines of the file given as an argument resulting in a loss of confidentiality.

[CLOSE] OSVDB ID : 1093 - Disclosed: 1996-12-04

Description:

(Description Provided by CVE) : Command execution via shell metachars in INN daemon (innd) 1.5 using "newgroup" and "rmgroup" control messages, and others.

[CLOSE] OSVDB ID : 1005 - Disclosed: 1996-12-03

Description:

(Description Provided by CVE) : lquerypv in AIX 4.1 and 4.2 allows local users to read arbitrary files by specifying the file in the -h command line parameter.

[CLOSE] OSVDB ID : 1011 - Disclosed: 1996-12-02

Description:

(Description Provided by CVE) : Buffer overflow in Korn Shell (ksh) suid_exec program on IRIX 6.x and earlier, and possibly other operating systems, allows local users to gain root privileges.

[CLOSE] OSVDB ID : 83139 - Disclosed: 1996-12-02

Description:

IBM AIX contains a flaw where permissions in /usr/sbin/route are set to 4555 by default. This may allow an unprivileged local attacker to modify routing tables. This would allow them to potentially direct traffic to an alternate system under their control, potentially revealing sensitive information.

[CLOSE] OSVDB ID : 1113 - Disclosed: 1996-12-02

Description:

(Description Provided by CVE) : Sendmail allows local users to write to a file and gain group permissions via a .forward or :include: file.

[CLOSE] OSVDB ID : 984 - Disclosed: 1996-11-28

Description:

IRIX contains a flaw that may allow a malicious local user to overwrite arbitrary files on the system. The issue is due to the fsdump program creating files insecurely. It is possible for a user to use a symlink style attack to manipulate arbitrary files, resulting in a loss of integrity.

[CLOSE] OSVDB ID : 11893 - Disclosed: 1996-11-26

Description:

(Description Provided by CVE) : Buffer overflow in cddbd CD database server allows remote attackers to execute arbitrary commands via a long log message.

[CLOSE] OSVDB ID : 4882 - Disclosed: 1996-11-22

Description:

(Description Provided by CVE) : Kerberos 4 allows remote attackers to obtain sensitive information via a malformed UDP packet that generates an error string that inadvertently includes the realm name and the last user.

[CLOSE] OSVDB ID : 1114 - Disclosed: 1996-11-21

Description:

(Description Provided by CVE) : Local users can start Sendmail in daemon mode and gain root privileges.

[CLOSE] OSVDB ID : 8448 - Disclosed: 1996-11-21

Description:

IRIX contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when a malicious user can create arbitrary directories using a command line option for the cdplayer program, which is setuid root. This flaw may lead to a loss of integrity.

[CLOSE] OSVDB ID : 9606 - Disclosed: 1996-11-21

Description:

(Description Provided by CVE) : Certain programs in HP-UX 10.20 do not properly handle large user IDs (UID) or group IDs (GID) over 60000, which could allow local users to gain privileges.

[CLOSE] OSVDB ID : 8754 - Disclosed: 1996-11-17

Description:

(Description Provided by CVE) : dxchpwd in Digital Unix (OSF/1) 3.x allows local users to modify arbitrary files via a symlink attack on the dxchpwd.log file.

[CLOSE] OSVDB ID : 15042 - Disclosed: 1996-11-16

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 83135 - Disclosed: 1996-11-12

Description:

IBM AIX contains a flaw that may allow a malicious local user to manipulate arbitrary files on the system. The issue is due to the /usr/sbin/fibred script creating temporary files insecurely. It is possible for a local attacker to use a symlink attack against the /usr/sbin/fibred.log file to cause the program to unexpectedly write to, or overwrite an attacker specified file. This may allow an attacker to gain escalated privileges

[CLOSE] OSVDB ID : 57411 - Disclosed: 1996-11-11

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 1628 - Disclosed: 1996-11-09

Description:

(Description Provided by CVE) : Solaris syslogd crashes when receiving a message from a host that doesn't have an inverse DNS entry.

[CLOSE] OSVDB ID : 56387 - Disclosed: 1996-11-01

Description:

Secure Sockets Layer (SSL) version 2 (v2) has been found to contain several weaknesses. Depending on the time and resources of an attacker, any communication protected by SSLv2 may be vulnerable to Man-in-The-Middle (MiTM) attacks that could allow data tampering or disclosure. SSLv2 flaws in summary: - SSL encrypted web requests traffic analysis can disclose which pages were downloaded, length of data downloaded, what web servers were accessed and more. This requires sniffing or physical access and is considered a passive attack. - Bellovin cut-and-paste attack. This requires sniffing and MiTM manipulation and is considered an active attack. - Bellovin short-block attack. This requires sniffing and MiTM manipulation and is considered an active attack. - Insecure MAC use post-encryption. This is considered a design flaw weakness. - Horton Principle failure. This requires sniffing and MiTM manipulation and is considered an active attack. - Ciphersuite rollback attack. This requires sniffing and MiTM manipulation. - Diffie-hellman Key-exchange MiTM attack. - 40-bit MAC use. This is considered a design flaw weakness.

[CLOSE] OSVDB ID : 5864 - Disclosed: 1996-11-01

Description:

(Description Provided by CVE) : Buffer overflow in HP-UX cstm program allows local users to gain root privileges.

[CLOSE] OSVDB ID : 5868 - Disclosed: 1996-11-01

Description:

(Description Provided by CVE) : Buffer overflow in mstm in HP-UX allows local users to gain root access.

[CLOSE] OSVDB ID : 9643 - Disclosed: 1996-11-01

Description:

(Description Provided by CVE) : fpkg2swpk in HP-UX allows local users to gain root access.