|
1997-07-21
|
|
Exim Buffer 1.6.2/1.6.51 - Local Overflow
|
2 |
LOCAL
|
D. J. Bernstein
|
|
2000-10-20
|
|
HP-UX 10.20/11.0 - crontab '/tmp' File
|
2 |
LOCAL
|
Kyong-won Cho
|
|
2000-10-18
|
|
ntop 1.x - i Local Format String
|
3 |
LOCAL
|
Paul Starzetz
|
|
2000-10-23
|
|
Microsoft Windows NT 4.0 - MSIEXEC Registry Permissions
|
3 |
LOCAL
|
Mnemonix
|
|
2000-10-20
|
|
BSD 'lpr' 0.54 -4 - Arbitrary Command Execution
|
1 |
LOCAL
|
zenith parsec
|
|
2000-10-18
|
|
Oracle Internet Directory 2.0.6 - oidldap
|
3 |
LOCAL
|
Juan Manuel Pascual Escribá
|
|
2012-08-06
|
|
CoolPlayer+ Portable 2.19.2 - Local Buffer Overflow (ASLR Bypass)
|
2 |
LOCAL
|
Robert Larsen
|
|
2000-10-12
|
|
XFree86 3.3.5/3.3.6 - Xlib Display Buffer Overflow
|
3 |
LOCAL
|
Michal Zalewski
|
|
1995-12-26
|
|
Elm 2.4 - 'filter' Arbitrary Mail Disclosure
|
3 |
LOCAL
|
David J Meltzer
|
|
1997-09-08
|
|
AIX 3.x - bugfiler Arbitrary File Creation
|
3 |
LOCAL
|
Johannes Schwabe
|
|
2000-10-06
|
|
RedHat 6.2/7.0 Tmpwatch - Arbitrary Command Execution
|
3 |
LOCAL
|
X-Force
|
|
2000-10-10
|
|
Netscape iCal 2.1 Patch2 - iPlanet iCal 'csstart' Local Privilege Escalation
|
4 |
LOCAL
|
@stake
|
|
2000-10-10
|
|
Netscape iCal 2.1 Patch2 - iPlanet iCal 'iplncal.sh' Permissions
|
3 |
LOCAL
|
@stake
|
|
1999-10-24
|
|
IBM Websphere 2.0/3.0 - ikeyman Weak Encrypted Password
|
3 |
LOCAL
|
Ben Laurie
|
|
2000-10-03
|
|
Microsoft Windows NT 4.0/2000 - Spoofed LPC Request (MS00-003)
|
3 |
LOCAL
|
BindView's Razor Team
|
|
1995-03-02
|
|
IRIX 5.2/6.0 - Permissions File Manipulation
|
4 |
LOCAL
|
Larry Glaze
|
|
2012-08-05
|
|
CoolPlayer Portable 2.19.2 - Local Buffer Overflow (ASLR Bypass) (2)
|
3 |
LOCAL
|
pole
|
|
2000-10-03
|
|
Microsoft Windows NT 4.0/2000 Predictable LPC Message Identifier - Multiple Vulnerabilities
|
3 |
LOCAL
|
BindView's Razor Team
|
|
2000-10-04
|
|
OpenBSD 2.x - 'fstat' Format String
|
3 |
LOCAL
|
K2
|
|
2000-09-28
|
|
LBL Traceroute 1.4 a5 - Heap Corruption (3)
|
2 |
LOCAL
|
Michel Kaempf
|
|
2000-09-28
|
|
LBL Traceroute 1.4 a5 - Heap Corruption (2)
|
3 |
LOCAL
|
Perry Harrington
|
|
2000-09-28
|
|
LBL Traceroute 1.4 a5 - Heap Corruption (1)
|
3 |
LOCAL
|
Dvorak
|
|
2000-09-26
|
|
Palm OS 3.5.2 - Weak Encryption
|
2 |
LOCAL
|
@stake
|
|
2000-09-18
|
|
Microsoft Windows NT 4.0/2000 - DLL Search Path
|
3 |
LOCAL
|
Georgi Guninski
|
|
2000-06-24
|
|
Tridia DoubleVision 3.0 7.00 - Local Privilege Escalation
|
3 |
LOCAL
|
Stephen J. Friedl
|
|
2000-09-03
|
|
AIX 4.2/4.3 - netstat -Z Statistic Clearing
|
3 |
LOCAL
|
alex medvedev
|
|
2000-08-31
|
|
GNOME esound 0.2.19 - Unix Domain Socket Race Condition
|
2 |
LOCAL
|
Kris Kennaway
|
|
2000-09-06
|
|
Microsoft Windows Server 2000 - Still Image Service Privilege Escalation
|
4 |
LOCAL
|
dildog
|
|
2012-08-02
|
|
Nvidia Linux Driver - Local Privilege Escalation
|
3 |
LOCAL
|
anonymous
|
|
2000-09-06
|
|
LPPlus 3.2.2/3.3 - dccscan Unprivileged read
|
2 |
LOCAL
|
Dixie Flatline
|
|
2000-09-05
|
|
Juergen Weigert screen 3.9 - User Supplied Format String
|
2 |
LOCAL
|
IhaQueR@IRCnet
|
|
2000-09-04
|
|
Libc locale - Local Privilege Escalation (2)
|
2 |
LOCAL
|
anonymous
|
|
2000-09-04
|
|
Libc locale - Local Privilege Escalation (1)
|
2 |
LOCAL
|
Synnergy.net
|
|
2000-09-08
|
|
Solaris 2.6/7.0 'eject' locale - Subsystem Format String
|
2 |
LOCAL
|
warning3
|
|
2000-09-04
|
|
Immunix OS 6.2 - LC glibc format string
|
2 |
LOCAL
|
Kil3r of Lam3rZ
|
|
2000-11-02
|
|
Solaris 2.6/7.0 /locale - Subsystem Format String
|
3 |
LOCAL
|
warning3
|
|
2000-09-06
|
|
RedHat 6 GLIBC/locale - Subsystem Format String
|
3 |
LOCAL
|
warning3
|
|
2000-08-25
|
|
Gert Doering mgetty 1.1.19/1.1.20/1.1.21/1.22.8 - Symbolic Link Traversal
|
2 |
LOCAL
|
Stan Bubrouski
|
|
2000-08-22
|
|
HP-UX 11.0 - net.init RC Script
|
3 |
LOCAL
|
Kyong-won Cho
|
|
2000-08-19
|
|
Minicom 1.82/1.83 - Capture-file Group Ownership
|
3 |
LOCAL
|
Michal Zalewski
|
|
2000-08-10
|
|
Multisoft FlagShip 4.4 - Installation Permission
|
3 |
LOCAL
|
Narrow
|
|
2000-10-21
|
|
David Bagley xlock 4.16 - User Supplied Format String (2)
|
2 |
LOCAL
|
Ben Williams
|
|
2000-08-15
|
|
David Bagley xlock 4.16 - User Supplied Format String (1)
|
5 |
LOCAL
|
noir
|
|
2000-08-02
|
|
Tech-Source Raptor GFX PGX32 2.3.1 - Config Tool
|
3 |
LOCAL
|
suid
|
|
2000-08-07
|
|
SUIDPerl 5.00503 - Mail Shell Escape (2)
|
3 |
LOCAL
|
Michal Zalewski
|
|
2000-08-07
|
|
SUIDPerl 5.00503 - Mail Shell Escape (1)
|
3 |
LOCAL
|
Sebastian Krahmer
|
|
1997-09-01
|
|
IRIX 5.3/6.x - '/usr/bin/mail' Local Buffer Overflow
|
3 |
LOCAL
|
Last Stage of Delirium
|
|
1997-02-01
|
|
IRIX 6.2/6.3/6.4 - xfs truncate() Privilege Check
|
2 |
LOCAL
|
Last Stage of Delirium
|
|
2000-08-01
|
|
Microsoft Windows Server 2000 - Named Pipes Predictability
|
3 |
LOCAL
|
Maceo
|
|
2000-01-01
|
|
IRIX 6.5.x - '/usr/lib/InPerson/inpview' Race Condition
|
3 |
LOCAL
|
Last Stage of Delirium
|
|
1998-11-01
|
|
IRIX 6.2/6.3 - '/bin/lpstat' Local Buffer Overflow
|
3 |
LOCAL
|
Last Stage of Delirium
|
|
2000-08-02
|
|
IRIX 6.5.x - '/usr/sbin/dmplay' Local Buffer Overflow
|
2 |
LOCAL
|
Last Stage of Delirium
|
|
1997-09-01
|
|
SGI IRIX 6.2 - 'libgl.so' Local Buffer Overflow
|
3 |
LOCAL
|
Last Stage of Delirium
|
|
1997-01-01
|
|
IRIX 6.5.x - '/usr/sbin/gr_osview' Local Buffer Overflow
|
5 |
LOCAL
|
Last Stage of Delirium
|
|
2012-07-27
|
|
Mini-stream RM-MP3 Converter 3.1.2.1.2010.03.30 - Local Buffer Overflow (ASLR + DEP Bypass)
|
3 |
LOCAL
|
Ptrace Security
|
|
2012-07-27
|
|
Photodex ProShow Producer 5.0.3256 - load File Handling Buffer Overflow (Metasploit)
|
3 |
LOCAL
|
Metasploit
|
|
2000-06-28
|
|
CVS Kit CVS Server 1.10.8 - 'Checkin.prog' Binary Execution
|
3 |
LOCAL
|
Tanaka Akira
|
|
2000-07-28
|
|
CVS Kit CVS Server 1.10.8 - Instructed File Create
|
3 |
LOCAL
|
Tanaka Akira
|
|
2000-06-22
|
|
Stanley T. Shebs Xconq 7.2.2 - xconq Buffer Overflow
|
2 |
LOCAL
|
V9
|
|
2001-06-11
|
|
Sean MacGuire Big Brother 1.0/1.3/1.4 - CGI File Creation
|
3 |
LOCAL
|
xternal
|
|
2000-07-18
|
|
NetZero ZeroPort 3.0 - Weak Encryption Method
|
4 |
LOCAL
|
Brian Carrier
|
|
2000-07-12
|
|
CVSWeb Developer CVSWeb 1.80 - Insecure Perl 'open' Code Execution
|
3 |
LOCAL
|
Joey Hess
|
|
2000-06-15
|
|
Visible Systems Razor 4.1 - Password File (2)
|
3 |
LOCAL
|
Shawn A. Clifford
|
|
2000-06-16
|
|
Visible Systems Razor 4.1 - Password File (1)
|
2 |
LOCAL
|
pbw
|
|
2012-07-23
|
|
MyMp3 Player Stack - '.m3u' File DEP Bypass
|
3 |
LOCAL
|
Daniel Romero
|
|
2000-06-19
|
|
X 11.0/3.3.3/3.3.4/3.3.5/3.3.6/4.0 - libX11 '_XAsyncReply()' Stack Corruption
|
3 |
LOCAL
|
Chris Evans
|
|
2000-06-26
|
|
Flowerfire Sawmill 5.0.21 - Weak Password Encryption
|
3 |
LOCAL
|
Larry W. Cashdollar
|
|
2012-07-23
|
|
Photodex ProShow Producer 5.0.3256 - Local Buffer Overflow
|
3 |
LOCAL
|
mr.pr0n
|
|
2000-08-01
|
|
Mandrake 7.0/7.1 / RedHat Kon2 0.3.9 - '/usr/bin/fld' Input File Overflow
|
4 |
LOCAL
|
E-Ligth
|
|
2000-06-15
|
|
HM Software S to Infinity 3.0 - Multiple Vulnerabilities
|
1 |
LOCAL
|
Synapt1c
|
|
2000-06-09
|
|
RedHat 6.2 - Piranha Virtual Server Package Plaintext Password
|
3 |
LOCAL
|
arkth
|
|
2000-06-16
|
|
Veritas Software Volume Manager 3.0.2/3.0.3/3.0.4 - File Permission
|
2 |
LOCAL
|
Dixie Flatline
|
|
2000-06-14
|
|
Solaris 2.5/2.6/7.0/8 ufsrestore - Local Buffer Overflow
|
2 |
LOCAL
|
Job de Haas of ITSX
|
|
2000-06-01
|
|
Sam Lantinga splitvt 1.6.3 - Local Buffer Overflow
|
2 |
LOCAL
|
Syzop
|
|
2000-06-07
|
|
Computer Associates eTrust Intrusion Detection 1.4.1.13 - Weak Encryption
|
2 |
LOCAL
|
Phate.net
|
|
2000-06-07
|
|
Stelian Pop dump 0.4 - restore Buffer Overflow
|
2 |
LOCAL
|
Stan Bubrouski
|
|
2000-06-06
|
|
Intel Corporation Shiva Access Manager 5.0 - Solaris World Readable LDAP Password
|
2 |
LOCAL
|
Blaise St. Laurent
|
|
2000-06-07
|
|
HP-UX 10.20/11.0 - '.SNMPD' File Permission
|
2 |
LOCAL
|
loveyou
|
|
2000-06-07
|
|
Linux Kernel 2.2.x 2.4.0-test1 (SGI ProPack 1.2/1.3) - Sendmail 8.10.1 Capabilities Privilege Escala
|
3 |
LOCAL
|
Wojciech Purczynski
|
|
2000-06-07
|
|
Linux Kernel 2.2.x 2.4.0-test1 (SGI ProPack 1.2/1.3) - Sendmail Capabilities Privilege Escalation(1)
|
2 |
LOCAL
|
Florian Heinz
|
|
2000-06-05
|
|
BRU 15.1/16.0 - BRUEXECLOG Environment Variable
|
2 |
LOCAL
|
Riley Hassell
|
|
2000-06-06
|
|
Mirabilis ICQ 2000.0 A - Mailclient Temporary Link
|
3 |
LOCAL
|
Gert Fokkema
|
|
1999-07-03
|
|
mailx 8.1.1-10 (BSD/Slackware) - Local Buffer Overflow (2)
|
3 |
LOCAL
|
funkysh
|
|
2000-06-02
|
|
BSD 'mailx' 8.1.1-10 - Local Buffer Overflow (1)
|
3 |
LOCAL
|
Paulo Ribeiro
|
|
2000-06-02
|
|
HP-UX 10.20/11.0 - man '/tmp' Symlink
|
3 |
LOCAL
|
Jason Axley
|
|
2000-06-04
|
|
PassWD 1.2 - Weak Encryption
|
2 |
LOCAL
|
Daniel Roethlisberger
|
|
2000-05-31
|
|
KDE 1.1.2 KApplication configfile - Local Privilege Escalation (3)
|
3 |
LOCAL
|
IhaQueR
|
|
2000-05-31
|
|
KDE 1.1.2 KApplication configfile - Local Privilege Escalation (2)
|
3 |
LOCAL
|
kil3r
|
|
2000-05-31
|
|
KDE 1.1.2 KApplication configfile - Local Privilege Escalation (1)
|
3 |
LOCAL
|
kil3r
|
|
2000-05-27
|
|
Elm Development Group ELM 2.4/2.5.1 Mail for UNIX - ELM Buffer Overflow (2)
|
3 |
LOCAL
|
Buffer0verfl0w
|
|
2000-05-07
|
|
Elm Development Group ELM 2.4/2.5.1 Mail for UNIX - ELM Buffer Overflow (1)
|
3 |
LOCAL
|
Scrippie
|
|
2000-05-27
|
|
KDE 1.1/1.1.1/1.1.2/1.2 - kdesud DISPLAY Environment Variable Overflow
|
3 |
LOCAL
|
noir
|
|
2000-05-29
|
|
Mandriva Linux Mandrake 7.0 - Local Buffer Overflow
|
3 |
LOCAL
|
noir
|
|
2000-04-21
|
|
Microsoft Windows Server 2000/95/98/NT 4.0 - Long Filename Extension
|
3 |
LOCAL
|
Laurent Eschenauer
|
|
2000-05-25
|
|
Omnis Studio 2.4 - Weak Database Field Encryption
|
3 |
LOCAL
|
Eric.Stevens
|
|
2000-05-24
|
|
Cobalt RaQ 2.0/3.0 / qpopper 2.52/2.53 - 'EUIDL' Format String Input
|
3 |
LOCAL
|
Prizm
|
|
2000-05-22
|
|
S.u.S.E Linux 4.x/5.x/6.x/7.0 / Slackware 3.x/4.0 / Turbolinux 6 / OpenLinux 7.0 - 'fdmount' Local B
|
3 |
LOCAL
|
WaR
|
|
2000-05-22
|
|
S.u.S.E Linux 4.x/5.x/6.x/7.0 / Slackware 3.x/4.0 / Turbolinux 6 / OpenLinux 7.0 - 'fdmount' Local B
|
3 |
LOCAL
|
Scrippie
|
|
2000-05-22
|
|
S.u.S.E Linux 4.x/5.x/6.x/7.0 / Slackware 3.x/4.0 / Turbolinux 6 / OpenLinux 7.0 - 'fdmount' Local B
|
2 |
LOCAL
|
Paulo Ribeiro
|
|
2000-04-21
|
|
OpenLDAP 1.2.7/1.2.8/1.2.9/1.2.10 - '/usr/tmp/' Symlink
|
3 |
LOCAL
|
anonymous
|
|
2012-07-19
|
|
Linux Kernel 2.4.4 < 2.4.37.4 / 2.6.0 < 2.6.30.4 - 'Sendpage' Local Privilege Escalation (Metasploit
|
3 |
LOCAL
|
Metasploit
|
|
2012-07-19
|
|
Microsoft Windows - Task Scheduler '.XML' Local Privilege Escalation (MS10-092) (Metasploit)
|
3 |
LOCAL
|
Metasploit
|
|
2000-05-26
|
|
Cygnus Network Security 4.0/KerbNet 5.0 / MIT Kerberos 4/5 / RedHat 6.2 - Compatibility 'krb_rd_req(
|
3 |
LOCAL
|
Jim Paris
|
|
2000-05-16
|
|
KDE 1.1/1.1.1/1.2/2.0 kscd - SHELL Environmental Variable
|
3 |
LOCAL
|
Sebastian
|
|
2000-05-10
|
|
Netscape Communicator 4.5/4.51/4.6/4.61/4.7/4.72/4.73 - '/tmp' Symlink
|
2 |
LOCAL
|
foo
|
|
1999-03-04
|
|
Solaris 2.6/7.0/8 - 'netpr' Local Buffer Overflow (2)
|
3 |
LOCAL
|
ADM
|
|
1999-05-23
|
|
Solaris 2.6/7.0/8 - 'netpr' Local Buffer Overflow (1)
|
2 |
LOCAL
|
ADM
|
|
2000-05-08
|
|
Intel Corporation NetStructure 7110 - Undocumented Password
|
1 |
LOCAL
|
Stake Inc
|
|
2000-05-03
|
|
RedHat Linux 6.0/6.1/6.2 - 'pam_console' Monitor Activity After Logout
|
4 |
LOCAL
|
Michal Zalewski
|
|
2000-05-04
|
|
Aladdin Knowledge Systems eToken 3.3.3 - eToken PIN Extraction
|
3 |
LOCAL
|
kingpin
|
|
2000-04-29
|
|
SuSE Linux 6.3/6.4 Gnomelib - Local Buffer Overflow
|
3 |
LOCAL
|
bladi
|
|
2000-04-24
|
|
Solaris 2.6/7.0 - lp -d Option Buffer Overflow
|
3 |
LOCAL
|
DiGiT
|
|
2000-04-24
|
|
Solaris 7.0/8 - Xsun Buffer Overrun
|
3 |
LOCAL
|
DiGiT
|
|
2000-04-23
|
|
PostgreSQL 6.3.2/6.5.3 - Cleartext Passwords
|
3 |
LOCAL
|
Robert van der Meulen
|
|
2000-04-24
|
|
Solaris 2.6/7.0 - 'lpset -r' Local Buffer Overflow (3)
|
3 |
LOCAL
|
Theodor Ragnar Gislason
|
|
2000-04-24
|
|
Solaris 2.6/7.0 - 'lpset -r' Local Buffer Overflow (2)
|
3 |
LOCAL
|
Theodor Ragnar Gislason
|
|
2000-04-24
|
|
Solaris 2.6/7.0 - 'lpset -r' Local Buffer Overflow (1)
|
2 |
LOCAL
|
DiGiT
|
|
2000-04-21
|
|
SuSE Linux 6.x - Arbitrary File Deletion
|
3 |
LOCAL
|
Peter_M
|
|
2000-04-17
|
|
Panda Security 3.0 - Multiple Vulnerabilities
|
3 |
LOCAL
|
Zan
|
|
2000-04-15
|
|
QSSL QNX 4.25 A - 'crypt()' Local Privilege Escalation
|
3 |
LOCAL
|
Sean
|
|
2000-04-07
|
|
Be BeOS 4.0/4.5/5.0 - IP Packet Length Field
|
3 |
LOCAL
|
Tim Newsham
|
|
2000-04-10
|
|
Be BeOS 4.5/5.0 - Invalid System Call
|
2 |
LOCAL
|
Konstantin Boldyshev
|
|
2000-04-10
|
|
CRYPTOCard CRYPTOAdmin 4.1 - Weak Encryption (2)
|
3 |
LOCAL
|
kingpin
|
|
2000-04-10
|
|
CRYPTOCard CRYPTOAdmin 4.1 - Weak Encryption (1)
|
3 |
LOCAL
|
kingpin
|
|
2000-04-10
|
|
Bray Systems Linux Trustees 1.5 - Long Pathname
|
3 |
LOCAL
|
Andrey E. Lerman
|
