|
[[-irix 5.3-]]
|
||
| [-local-] | [-description-] | [-author-] |
| addnetpr.sh | addnetpr race condition | jaechul choe |
| cdplayer.c | command line parsing buffer overflow | david hedley |
| cdplayer | race conditions allow local root shell | unknown |
| chost / cimport | users can write to any file on system | grant kaufmann |
| csetup | csetup follows symlinks, allows local root exploit | jay |
| df.c / df2.c / df3.c | command line parsing buffer overflow | [multiple] |
| dutman.c | unchecked argument control exploit | unknown |
| gmemusage.sh | gmemusage libc system() function vulnerability | lsd |
| iwsh.c | command line parsing buffer overflow | dcrh |
| libxt.c | libXt.so library buffer overflow vulnerability | lsd |
| login.c / login2.c | command line parsing buffer overflow | [multiple] |
| monpanel.c | command line parsing buffer overflow | david hedley |
| netprint | bad system() call allows priveledge lp gain | yuri volobuev |
| ordist.c | command line parsing buffer overflow | lsd |
| perm.c | permissions enviroment overflow | dcrh |
| pkgadjust.sh | users can run commands as root | unknown |
| printers.c | -xrm argument overflow | dcrh |
| pset.c | pset -s argument overflow | lsd |
| rlogin.c | term environment buffer overflow vulnerability | lsd |
| rld.sh | runtime linker behaviour vulnerability | lsd |
| scanners | scanners fail to drop uid=0 | yuri volobuev |
| serialport.sh | race conditions with suid administration scripts | unknown |
| sexec.sh | suid_exec environment exploit | unknown |
| startmidi | startmidi race condition allows file creation | unknown |
| systour.sh | race condition allows command execution | unknown |
| xconsole.c | command line parsing buffer overflow | david hedley |
| xlock.c | command line parsing buffer overflow | dcrh |
| xterm.c | command line parsing buffer overflow | dcrh |
| xwsh.c | command line parsing buffer overflow | david hedley |
| [-remote-] | [-description-] | [-author-] |
| binds.c / named.c / named2.c | dns iquery buffer overflow vulnerability | lsd |
| handler | handle.cgi allows remote command execution | unknown |
| objectserver.c / objectserver2.c | objectserver protocol remote management vulnerability | lsd |
| rpc_ttdbserverd.c | rpc.ttdbserverd daemon buffer overflow vulnerability | lsd |
| webdest.cgi allows remote command execution | unknown | |