iSEC Security Research : : Vulnerabilities 2003

>Vulnerabilities>2003 2002 | 2003 | 2004 | 2005 | 2007 | 2008 | 2010 | ALL




	Release:	December 1, 2003
	Synopsis:	Linux kernel do_brk() lacks argument bound checking
	Product:	Linux kernel up to 2.4.23
	Author:	Paul Starzetz (paul@isec.pl)
		Wojciech Purczynski (cliph@isec.pl)

		A flaw in bounds checking in the do_brk() function can allow a local attacker to gain root privileges. READ FULL DETAILS


	Release:	July 31, 2003
	Synopsis:	Wu-ftpd remote vulnerability
	Product:	Wu-ftpd 2.5.0 <= 2.6.2 (http://www.wu-ftpd.org/)
	Author:	Wojciech Purczynski (cliph@isec.pl)
		Janusz Niewiadomski (funkysh@isec.pl)

		Wu-ftpd FTP server contains remotely exploitable off-by-one bug. A local or remote attacker could exploit this vulnerability to gain root privileges on a vulnerable system. READ FULL DETAILS


	Release:	July 14, 2003
	Synopsis:	Linux NFS utils package rpc.mountd remote vulnerability
	Product:	nfs-utils <= 1.0.3 (http://sourceforge.net/projects/nfs)
	Author:	Janusz Niewiadomski (funkysh@isec.pl)

		Linux NFS utils package contains remotely exploitable off-by-one bug. A local or remote attacker could exploit this vulnerability by sending specially crafted request to rpc.mountd daemon. READ FULL DETAILS


	Release:	Mar 24, 2003
	Synopsis:	3Com RAS 1500 remote vulnerabilities
	Product:	3C433279A-US (http://www.3com.com/ras1500)
	Author:	Piotr Chytla (pch@isec.pl)

		3com SuperStack II Remote Access System 1500 is telco device which provides access via BRI-ISDN/Analog to dialin users. It contains two remote vulnerabilities, first is Denial Of Service that leads to system crash, second can be used to read configuration files. READ FULL DETAILS


	Release:	Jan 27, 2003
	Synopsis:	at -r job name handling and race condition vulnerabilities
	Product:	Sun Microsystems Solaris
	Author:	Wojciech Purczynski (cliph@isec.pl)

		Race condition and argument handling vulnerabilities in the Sun Microsystems Solaris's /usr/bin/at setuid-root binary allows to remove any file on the filesystem. READ FULL DETAILS


	Release:	Jan 11, 2003
	Synopsis:	BitKeeper remote shell command execution vulnerability
	Product:	BitKeeper 3.0.x (http://www.bitkeeper.com)
	Author:	Maurycy Prodeus (z33d@isec.pl)

		BitKeeper is a source management software. It contains a shell argument parsing vulnerability that leads remote attacker to run arbitrary shell commands on system where BitKeeper listens to HTTP requests. READ FULL DETAILS