Showing 1 - 3 of 3

Files from Janusz Niewiadomski

FreeBSD Security Advisory 2003.8: Posted Aug 5, 2003; Authored by The FreeBSD Project, Wojciech Purczynski, Janusz Niewiadomski | Site freebsd.org; FreeBSD Security Advisory FreeBSD-SA-03:08.realpath - An off-by-one error exists in a portion of realpath(3) that computes the length of a resolved pathname. As a result, applications making use of realpath(3) may be vulnerable to denial of service attacks, remote code execution, and privilege escalation. A staggering amount of applications make use of this functionality, including but not limited to, sftp-server and lukemftpd.; tags | advisory, remote, denial of service, code execution; systems | freebsd; SHA-256 | c39b1f231af3aa6eed22527f9da4ecb48a71fe2b9222d7e38045c619b9534d99; Download | Favorite | View

isec-0011-wu-ftpd.txt: Posted Aug 5, 2003; Authored by Wojciech Purczynski, Janusz Niewiadomski; wu-ftpd versions 2.5.0 to 2.6.2 have been found to be susceptible to an off-by-one bug in fb_realpath(). A local or remote attacker could exploit this vulnerability to gain root privileges on a vulnerable system.; tags | advisory, remote, local, root; advisories | CVE-2003-0466; SHA-256 | 26d10c27b7202a5cb1389a5a1f1668d76a81ead7b06f38bae80956501c6824ce; Download | Favorite | View

linuxNFSutils.txt: Posted Jul 15, 2003; Authored by Janusz Niewiadomski; nfs-utils version 1.0.3 and below for Linux has an off-by-one bug that allows a local or remote attacker to send an RPC request to mountd that could execute arbitrary code or cause a denial of service.; tags | advisory, remote, denial of service, arbitrary, local; systems | linux; advisories | CVE-2003-0252; SHA-256 | 3fe1bcb8239cc8b00c2dfcf354fa601b0b377cb56afd088883e8b2af3724d591; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days