 |
|
|
|
| HP Tru64 Unix libpthread buffer overflow | | Published: |  | 10.11.2006 | | Source: |  | FULL-DISCLOSURE | | SecurityVulns ID: |  | 6805 | | Type: |  | library | | Level: |  | 5/10 | | Description: |  | Buffer overflow on parsing PTHREAD_CONFIG environment variable. |
| Affected: |  | HP : Tru64 5.1 |
| Original document |  | Netragard Security Advisories, [Full-disclosure] [NETRAGARD-20061109 SECURITY ADVISORY] [HP Tru64 libpthread buffer overflow][http://www.netragard.com] (10.11.2006) |
| Netkit FTP Server protection bypass | | Published: | | 10.11.2006 | | Source: | | FULL-DISCLOSURE | | SecurityVulns ID: | | 6806 | | Type: | | remote | | Level: | | 5/10 | | Description: | | Invalid chroot() and seteuid() usage under some circumstances allow FTP root directory bypass. |
| Affected: | | NETKIT : ftpd 0.17 | | CVE: |  | CVE-2006-6008 (ftpd in Linux Netkit (linux-ftpd) 0.17, and possibly other versions, does not check the return status of certain seteuid, setgid, and setuid calls, which might allow remote authenticated users to gain privileges if these calls fail in cases such as PAM failures or resource limits, a different vulnerability than CVE-2006-5778.) | | | | CVE-2006-5778 (ftpd in linux-ftpd 0.17, and possibly other versions, performs a chdir before setting the UID, which allows local users to bypass intended access restrictions by redirecting their home directory to a restricted directory.) |
| |
|
| |
