Monthly Archive: September 1999

The AIX FTP client can be forced to execute commands from a malicious server through shell metacharacters (e.g. a pipe character). Date published : 1999-09-29

Sendmail decode alias can be used to overwrite sensitive files. Date published : 1999-09-29

The debug command in Sendmail is enabled, allowing attackers to execute commands as root. Date published : 1999-09-29 http://www.securityfocus.com/bid/1

AIX piodmgrsu command allows local users to gain additional group privileges. Date published : 1999-09-29

AIX nslookup command allows local users to obtain root access by not dropping privileges correctly. Date published : 1999-09-29

Buffer overflow in AIX writesrv command allows local users to obtain root access. Date published : 1999-09-29

Buffer overflow in AIX rcp command allows local users to obtain root access. Date published : 1999-09-29

Denial of service in AIX telnet can freeze a system and prevent users from accessing the server. Date published : 1999-09-29 http://www.osvdb.org/7992

Buffer overflow in rwhod on AIX and other operating systems allows remote attackers to execute arbitrary code via a UDP packet with a long hostname. Date published : 1999-09-29 https://exchange.xforce.ibmcloud.com/vulnerabilities/119

Certain NFS servers allow users to use mknod to gain privileges by creating a writable kmem device and setting the UID to 0. Date published : 1999-09-29 https://exchange.xforce.ibmcloud.com/vulnerabilities/78

getcwd() file descriptor leak in FTP. Date published : 1999-09-29

CWD ~root command in ftpd allows root access. Date published : 1999-09-29 http://www.alw.nih.gov/Security/Docs/admin-guide-to-cracking.101.html

wu-ftp allows files to be overwritten via the rnfr command. Date published : 1999-09-29

Certain configurations of wu-ftp FTP server 2.4 use a _PATH_EXECPATH setting to a directory with dangerous commands, such as /bin, which allows remote authenticated users to gain root access via the "site exec" command....