CVE-2000-1145
Recourse ManTrap 1.6 allows attackers who have gained root access to use utilities such as crash or fsdb to read /dev/mem and raw disk devices to identify ManTrap processes or modify arbitrary data files....
Recourse ManTrap 1.6 allows attackers who have gained root access to use utilities such as crash or fsdb to read /dev/mem and raw disk devices to identify ManTrap processes or modify arbitrary data files....
Recourse ManTrap 1.6 sets up a chroot environment to hide the fact that it is running, but the inode number for the resulting "/" file system is higher than normal, which allows attackers to...
Recourse ManTrap 1.6 hides the first 4 processes that run on a Solaris system, which allows attackers to determine that they are in a honeypot system. Date published : 2001-01-22 http://archives.neohapsis.com/archives/bugtraq/2000-11/0041.html http://marc.info/?l=bugtraq&m=97349791405580&w=2
Recourse ManTrap 1.6 generates an error when an attacker cd’s to /proc/self/cwd and executes the pwd command, which allows attackers to determine that they are in a honeypot system. Date published : 2001-01-22 http://archives.neohapsis.com/archives/bugtraq/2000-11/0041.html...
Recourse ManTrap 1.6 modifies the kernel so that ".." does not appear in the /proc listing, which allows attackers to determine that they are in a honeypot system. Date published : 2001-01-22 http://archives.neohapsis.com/archives/bugtraq/2000-11/0041.html http://marc.info/?l=bugtraq&m=97349791405580&w=2
Recourse ManTrap 1.6 does not properly hide processes from attackers, which could allow attackers to determine that they are in a honeypot system by comparing the results from kill commands with the process listing...
The installation of Microsoft Exchange 2000 before Rev. A creates a user account with a known password, which could allow attackers to gain privileges, aka the "Exchange User Account" vulnerability. Date published : 2001-01-22...
GNU ed before 0.2-18.1 allows local users to overwrite the files of other users via a symlink attack. Date published : 2001-01-22 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000359
elvis-tiny before 1.4-10 in Debian GNU/Linux, and possibly other Linux operating systems, allows local users to overwrite files of other users via a symlink attack. Date published : 2001-01-22 http://www.securityfocus.com/bid/1984 http://marc.info/?l=bugtraq&m=97502995616099&w=2
fshd (fsh daemon) in Debian GNU/Linux allows local users to overwrite files of other users via a symlink attack. Date published : 2001-01-22 http://www.debian.org/security/2000/20001130 http://www.osvdb.org/7208
DCForum cgforum.cgi CGI script allows remote attackers to read arbitrary files, and delete the program itself, via a malformed "forum" variable. Date published : 2001-01-22 http://www.securityfocus.com/bid/1951 http://archives.neohapsis.com/archives/bugtraq/2000-11/0218.html
Bill Kendrick web site guestbook (GBook) allows remote attackers to execute arbitrary commands via shell metacharacters in the _MAILTO form variable. Date published : 2001-01-22 http://www.securityfocus.com/bid/1940 http://archives.neohapsis.com/archives/bugtraq/2000-11/0144.html
Buffer overflow in digest command in IBM AIX 4.3.x and earlier allows local users to execute arbitrary commands. Date published : 2001-01-22 http://www-1.ibm.com/support/search.wss?rs=0&q=IY08143&apar=only http://www-1.ibm.com/support/search.wss?rs=0&q=IY08287&apar=only
Buffer overflow in remote web administration component (webprox.dll) of 602Pro LAN SUITE before 2000.0.1.33 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long GET request. Date...