CVE-2003-0694 – Sendmail SMTP Address prescan Memory Corruption
https://notcve.org/view.php?id=CVE-2003-0694
The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c. La función de prescan en Sendmail 8.12.9 permite a atacantes remotos ejecutar código arbitrario mediante ataques de desbordamiento de búfer, como se demostró usando la función parseaddr en parseaddr.c. • ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.11/SCOSA-2004.11.txt http://archives.neohapsis.com/archives/fulldisclosure/2003-q3/4119.html http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0113.html http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000742 http://marc.info/?l=bugtraq&m=106381604923204&w=2 http://marc.info/?l=bugtraq&m=106382859407683&w=2 http://marc.info/?l=bugtraq&m=106383437615742&w=2 http://marc.info/? •
CVE-2003-1081
https://notcve.org/view.php?id=CVE-2003-1081
Aspppls for Solaris 8 allows local users to overwrite arbitrary files via a symlink attack on the .asppp.fifo temporary file. Aspppls para Solaris 8 permite a usuarios locales sobrescribir archivos arbitrarios a través de un ataque de enlace simbólico sobre el archivo temporal .asppp.fifo. • http://sunsolve.sun.com/search/document.do?assetkey=1-26-46903-1 http://www.auscert.org.au/render.html?it=3411&cid=1 http://www.ciac.org/ciac/bulletins/o-001.shtml http://www.kb.cert.org/vuls/id/464817 http://www.securityfocus.com/bid/5698 https://exchange.xforce.ibmcloud.com/vulnerabilities/10105 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2003-1063
https://notcve.org/view.php?id=CVE-2003-1063
The patches (1) 105693-13, (2) 108800-02, (3) 105694-13, and (4) 108801-02 for cachefs on Solaris 2.6 and 7 overwrite the inetd.conf file, which may silently reenable services and allow remote attackers to bypass the intended security policy. • http://sunsolve.sun.com/search/document.do?assetkey=1-26-56300-1 http://www.ciac.org/ciac/bulletins/n-134.shtml http://www.securityfocus.com/bid/8461 https://exchange.xforce.ibmcloud.com/vulnerabilities/12942 •
CVE-2003-0669
https://notcve.org/view.php?id=CVE-2003-0669
Unknown vulnerability in Solaris 2.6 through 9 causes a denial of service (system panic) via "a rare race condition" or an attack by local users. Vulnerabilidad desconocida en Solaris 2.6 a 9 causa una denegación de servicio (pánico de sistema) mediante "una rara condición de carrera" o un ataque de usuarios locales. • http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F47353 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4561 •
CVE-2003-0609 – Solaris 2.6/7/8/9 (SPARC) - 'ld.so.1' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2003-0609
Stack-based buffer overflow in the runtime linker, ld.so.1, on Solaris 2.6 through 9 allows local users to gain root privileges via a long LD_PRELOAD environment variable. Desbordamiento basado en la pila en el enlazador de tiempo de ejecución, ld.so.1 en Solaris 2.6 a 9 permite a usuarios locales ganar privilegios de root mediante una variable de entorno LD_PRELOAD larga. • https://www.exploit-db.com/exploits/1182 https://www.exploit-db.com/exploits/114 http://marc.info/?l=bugtraq&m=105951760418667&w=2 http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/55680 http://www.idefense.com/advisory/07.29.03.txt http://www.osvdb.org/8722 https://exchange.xforce.ibmcloud.com/vulnerabilities/12755 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3601 •