| OSVDB ID | Disclosure Date | Title |
|---|
|
10873
Description:
(Description Provided by CVE) : GNU fingerd 1.37 does not properly drop privileges before accessing user information, which could allow local users to (1) gain root privileges via a malicious program in the .fingerrc file, or (2) read arbitrary files via symbolic links from .plan, .forward, or .project files.
|
1995-03-17
|
GNU fingerd .fingerrc Arbitrary Command Execution Privilege Escalation
|
|
10874
Description:
(Description Provided by CVE) : GNU fingerd 1.37 does not properly drop privileges before accessing user information, which could allow local users to (1) gain root privileges via a malicious program in the .fingerrc file, or (2) read arbitrary files via symbolic links from .plan, .forward, or .project files.
|
1995-03-17
|
GNU fingerd Symlink Arbitrary Privileged File Access
|
|
257
Description:
Unknown / Incomplete
|
1995-03-16
|
Multiple Vendor FTPd -d Parameter Cleartext User Password Disclosure
|
|
293
Description:
IRIX contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when a malicious user disables xauthority and connects to the display using shm:0. This flaw may lead to a loss of integrity.
|
1995-03-14
|
IRIX Unprivileged xauthority Shared Memory Transport
|
|
256
Description:
Unknown / Incomplete
|
1995-03-11
|
Multiple Modem Vendor Rockwell Chipset Default Password
|
|
298
Description:
BSD contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when a malicious attacker adds an arbitrary command to his or her DNS hostfield before initiating talk with a user on a target system. This flaw may lead to a loss of integrity.
|
1995-03-11
|
BSD in.talkd+antiflash DNS Hostfield Arbitrary Command Execution
|
|
11523
Description:
in.rshd contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is due to a flaw in the rusersok function call. A remote attacker can potentially login to the system with a NULL username, resulting in a loss of integrity.
|
1995-03-11
|
Multiple Vendor in.rshd NULL Login Remote Privilege Escalation
|
|
8449
Description:
IRIX contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when a malicious user can use the /usr/lib/desktop/permissions tool to modify the permissions of any file on the system. This flaw may lead to a loss of integrity.
|
1995-03-03
|
IRIX Desktop Permissions Tool File Modification Privilege Escalation
|
|
17262
Description:
HPUX and OSF contain a flaw that may allow a remote attacker to gain unauthorized privileges to exported NFS shares. The issue occurs when the system is configured so that the nsswitch.conf or svc.conf resolves DNS from /etc/hosts first. The gethostbyaddr() function has a flaw that causes the h_aliases field of the hostent struct to get data from the last line of the /etc/hosts file. If the last line of the hosts file is a machine which you export file systems to, it may allow a remote machine to mount the file system without authorization.
|
1995-03-01
|
Multiple Unix gethostbyaddr() /etc/hosts Unauthorized File System Mount
|
