Caldera security advisory CSSA-2002-041.0 - Versions of the pam_ldap module prior to 144 include a remote exploitable format string bug in the logging function. Caldera released fixed packages for OpenLinux 3.1.1 and 3.1 configurations.
c98cc4086624aa5d7ab9ed4caeeb7af1bae87e9ae7f7e2603f11c0243e0a66b1Caldera security advisory CSSA-2002-040.0 - The uudecode utility created output files without checking to see if it was about to write to a symlink or a pipe. If a user uses uudecode to extract data into open shared directories, such as /tmp, this vulnerability could be used by a local attacker to overwrite files.
17b624f9cfffccb177e0b88e25c290f97b79a5ad62cb2697c7da6dbe12278fd9Caldera security advisory CSSA-2002-SCO.35 - A format string vulnerability found in the crontab utility can allow local users to gain root level privileges. This issue affects Caldera OpenServer 5.0.5 and OpenServer 5.0.6 .
4b6d1da615ec1c788d6aa26337d81d1fef020b841d6c3833d41e806acfb24350Caldera Security Advisory CSSA-2002-SCO.23 - A vulnerability found in the Open UNIX and UnixWare FTP daemon can allow remote attackers to hijack passive FTP data connections.
2ba86861d069c9bc17521caaefcb7ca1c5ad9ae7377ab0c78f4293019c0c4363Caldera Security Advisory CSSA-2002-SCO.17 - A buffer overflow found in how the sar can be used to execute shellcode with elevated privileges on Caldera OpenServer 5.0.5 systems.
b2227264615ef07d201eb3e93c99b69dd64badf1fc46ac112f0c1c6cc2510596Caldera Advisory - There is a format bug in the LPRng printer daemon that could possibly be exploited to obtain root privilege. This problem is particulary severe because it can be exercised remotely.
ce5a6fb6fa064fe5353a6cbce23cc3f20fc3c1a670d00d8478d93f4ce3f4b9ecCaldera Security Advisory - There is a serious vulnerability in Linux kernel 2.2.x that allows local users to obtain root privilege by exploiting certain setuid root applications.
50bf47ab9f6222903d0dab17ef1fd0dcebe194c6bc4c9195b6080a9b053ece5dCaldera Advisory - Versions of pine prior to 4.21 had a security problem when viewing URLs. Sending an email with a specially formatted URL embedded in it, an attacker could cause arbitrary shell code to be executed under the account of the victim user.
236cb5d6ada3c83705571621e9792293e6fe09111cd3332b8b9f8247f4b27cdbCaldera Advisory - On Linux, most services do not log informational or error messages to their own files, but use the system log daemon, syslogd, for this. Unfortunately, the current syslogd has a problem by which any user on the local host can mount a denial of service attack that effectively stops all logging. Since all programs that want to send logging information to syslogd block until they're able to establish a connection to syslogd, this will make programs such as login, su, sendmail, telnetd, etc hang indefinitely.
75929757a539f9c77ec0d45380c414e5e913c577a894aafb8b777163e277b75bcaldera.1999-008.bash
6f8325f36d0eda0c7e70e1b4c8813a18b68b3b0c01a00d45c1b43574774ed4a5caldera.1999-009.coas
2bd7e0295c068d65db0c0b90d492c3559aa209cb2c6688d448a16c2c72a6ea9bcaldera.1999-010.rsync
e16637980789c4f96d52c85067ad4b833ea5618be57f1e694d2237027938b521SA-1996.01.txt
c6c4d1856682d5bf179248b26c5d60c9963b5bb4bfa36fab30f696ff23cdec66SA-1996.02.txt
194187561e4b812b40241ee73ba4ec2eaa18d2e6e2a13599d87dcd20a05e5274SA-1996.03.txt
41833f86da7589d94287daa5073319153d6587ce281c37b620f4bf7d050e21faSA-1996.04.txt
9739877ec433b66ca021347f39d2aa5aa4b63af913b48cff47c7b722e48b4dc2SA-1996.05.txt
9f54f002a77bd52b64227ee5e0fe85b5ff801e26d68f741fd34b9c114625e3f3SA-1996.06.txt
bd44f4cf29e01ef4bfb4b58df2c5adb139cf2f6a0972ce0a86ad71a57d200b5cSA-1997.01.txt
70896e634d4cce66fe8e7107611f0a3d0964bef89e029e20fd98aa9afd85b5a6SA-1997.02.txt
b27ad43d9aa61c89a1783c497b76f3073bef9eae8c980596b2cc8c3aa573ac01SA-1997.03.txt
fdb8dee4a0ff06cbaa4b529859e78219c239f2abaac0e0b89d442bb0059f5c4fSA-1997.04.txt
8f237646a4ddd57f845a00e30b999b9cedce1ca0b0f34403219b84b4dd6d7236SA-1997.05.txt
051e1c0b52402c30ab56f76d7da8b4e2d1b47c2d4cb38e75b59ed00332895b37SA-1997.06.txt
6e18cd23df0bc47daa3a5e25a119c18dee383364ed19210afa819b5c4784f2ccSA-1997.07.txt
c3f9b2439f13fd002b037a7c7b33414d9579c524e1e22594ceb2d4c15f59e9b6
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed