CVE-2006-5215
https://notcve.org/view.php?id=CVE-2006-5215
The Xsession script, as used by X Display Manager (xdm) in NetBSD before 20060212, X.Org before 20060317, and Solaris 8 through 10 before 20061006, allows local users to overwrite arbitrary files, or read another user's Xsession errors file, via a symlink attack on a /tmp/xses-$USER file. La secuencia de comandos Xsession, tambien usado por X Display Manager (xdm) en NetBSD anterior a 12/02/2006, X.Org anterior a 17/03/2006, y Solaris 8 hasta la 10 anterior a 06/10/2006, permiten a un usuario local sobre escribir archivos de su elección, o leer otros ficheros de errores de usuarios de Xsession, a través de un ataque de enlaces simbólicos sobre un archivo/tmp/xses-$USER. • http://secunia.com/advisories/22992 http://securitytracker.com/id?1017015 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102652-1 http://support.avaya.com/elmodocs2/security/ASA-2006-250.htm http://www.netbsd.org/cgi-bin/query-pr-single.pl?number=32805 https://bugs.freedesktop.org/show_bug.cgi?id=5898 https://exchange.xforce.ibmcloud.com/vulnerabilities/29427 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2205 •
CVE-2005-4352
https://notcve.org/view.php?id=CVE-2005-4352
The securelevels implementation in NetBSD 2.1 and earlier, and Linux 2.6.15 and earlier, allows local users to bypass time setting restrictions and set the clock backwards by setting the clock ahead to the maximum unixtime value (19 Jan 2038), which then wraps around to the minimum value (13 Dec 1901), which can then be set ahead to the desired time, aka "settimeofday() time wrap." • http://lists.grok.org.uk/pipermail/full-disclosure/2006-January/041178.html http://secunia.com/advisories/25691 http://securitytracker.com/id?1015454 http://www.redteam-pentesting.de/advisories/rt-sa-2005-16.txt http://www.securityfocus.com/archive/1/421426/100/0/threaded http://www.securityfocus.com/archive/1/471457 http://www.securityfocus.com/bid/16170 https://exchange.xforce.ibmcloud.com/vulnerabilities/24036 •
CVE-2003-0914
https://notcve.org/view.php?id=CVE-2003-0914
ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote attackers to poison the cache via a malicious name server that returns negative responses with a large TTL (time-to-live) value. ISC BIND 8.3.x antes de 8.3.7, y 8.4.x antes de 8.4.3 permite a atacantes remotos envenenar la cache mediante un servidor de nombres malicioso que devuelve respuestas negativas con un valor TTL (time to live) largo. • ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2004-003.0/CSSA-2004-003.0.txt ftp://ftp.sco.com/pub/updates/UnixWare/CSSA-2003-SCO.33/CSSA-2003-SCO.33.txt http://secunia.com/advisories/10542 http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57434 http://www.debian.org/security/2004/dsa-409 http://www.kb.cert.org/vuls/id/734644 http://www.trustix.org/errata/misc/2003/TSL-2003-0044-bind.asc.txt https://oval.cisecurity.org/repository& •
CVE-1999-0009 – ISC BIND (Linux/BSD) - Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-1999-0009
Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases. • https://www.exploit-db.com/exploits/19111 https://www.exploit-db.com/exploits/19112 ftp://patches.sgi.com/support/free/security/advisories/19980603-01-PX http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/180 http://www.securityfocus.com/bid/134 http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9808-083 •