Caldera security advisory CSSA-2002-041.0 - Versions of the pam_ldap module prior to 144 include a remote exploitable format string bug in the logging function. Caldera released fixed packages for OpenLinux 3.1.1 and 3.1 configurations.
d03efb188f70701feba1ffc923e5d39dCaldera security advisory CSSA-2002-040.0 - The uudecode utility created output files without checking to see if it was about to write to a symlink or a pipe. If a user uses uudecode to extract data into open shared directories, such as /tmp, this vulnerability could be used by a local attacker to overwrite files.
cd216723764ec227721effb6d82249b7Caldera security advisory CSSA-2002-SCO.35 - A format string vulnerability found in the crontab utility can allow local users to gain root level privileges. This issue affects Caldera OpenServer 5.0.5 and OpenServer 5.0.6 .
b2031d17f7de3571143dd7c364865f6eCaldera Security Advisory CSSA-2002-SCO.23 - A vulnerability found in the Open UNIX and UnixWare FTP daemon can allow remote attackers to hijack passive FTP data connections.
57d8580ce7d8a5097057cc5f1eef8d5aCaldera Security Advisory CSSA-2002-SCO.17 - A buffer overflow found in how the sar can be used to execute shellcode with elevated privileges on Caldera OpenServer 5.0.5 systems.
6d186fb897c7ff4c70fbad4f31ac7f8bCaldera Advisory - There is a format bug in the LPRng printer daemon that could possibly be exploited to obtain root privilege. This problem is particulary severe because it can be exercised remotely.
26cd8be0af17378747b6027a9f5f7674Caldera Security Advisory - There is a serious vulnerability in Linux kernel 2.2.x that allows local users to obtain root privilege by exploiting certain setuid root applications.
8e55ca888d0b13ed8aa77b17bb2e1515Caldera Advisory - Versions of pine prior to 4.21 had a security problem when viewing URLs. Sending an email with a specially formatted URL embedded in it, an attacker could cause arbitrary shell code to be executed under the account of the victim user.
1666f477435af01dd07c8f3f60c63caeCaldera Advisory - On Linux, most services do not log informational or error messages to their own files, but use the system log daemon, syslogd, for this. Unfortunately, the current syslogd has a problem by which any user on the local host can mount a denial of service attack that effectively stops all logging. Since all programs that want to send logging information to syslogd block until they're able to establish a connection to syslogd, this will make programs such as login, su, sendmail, telnetd, etc hang indefinitely.
056d78439a69bb409489c80e61c78e89caldera.1999-008.bash
825cca4e460e76557dc2a473bac4d71dcaldera.1999-009.coas
16a93e7c7e32bc8eddf4d2b5051cee0fcaldera.1999-010.rsync
3b76678ccab30f72902e3ef0e4fdb248SA-1996.01.txt
75b2c195aada47089b5b16337fe9060dSA-1996.02.txt
4617d595b407ff5abeaa6ad89f012802SA-1996.03.txt
fff8caec8f39ec4fdfe70d0652d5fe56SA-1996.04.txt
2fd27718a39138183562d59ff587fa42SA-1996.05.txt
334ccfa74736a8c0d1557c38edb02dc6SA-1996.06.txt
5eac316bcf36d02d17c9f2a6ba492affSA-1997.01.txt
591c0da5a1f4a103560ab5c3576a7454SA-1997.02.txt
560e697b201fd9e2f654332d3150b0baSA-1997.03.txt
dfb4cbf73f469ca3658050d3f8fc05a9SA-1997.04.txt
c4c8b50bc4b753a569f8a8367adac09dSA-1997.05.txt
4d34bfe80c78932eaa3456fd4d8b444aSA-1997.06.txt
249ec9cfd3b9e302205e55289211d4a9SA-1997.07.txt
c12e5218b7955faa8c8d1fa3c76fb312
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed