[Full-disclosure] Advisory 2006-03-11 Directory Transversal in
Tripwire Message-ID: [EMAIL PROTECTED] X-Priority: 3 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset=iso-8859-1 Advisory 2006-03-11 Directory Transversal in Tripwire I. BACKGROUND Advisory marked for immediate release. II. DESCRIPTION Remote exploitation of a directory traversal vulnerability in Tripwire could allow attackers to overwrite or view arbitrary files with user-supplied contents. III. HISTORY This advisory has no history. IV. WORKAROUND There are no known workarounds. V. VENDOR RESPONSE Tripwire has not commented on this issue. VI. CVE INFORMATION The Common Vulnerabilities and Exposures (CVE) project has assigned the name CVE-2006-891531 to this issue. APPENDIX A. - Vendor Information http://www.tripwire.com/ APPENDIX B. - References NONE CONTACT: * Suresec Advisories [EMAIL PROTECTED] *1-888-LOL-WHAT *CISSP GSAE CCE CEH CSFA GREM SSP-CNSA SSP-MPA GIPS GHTQ GWAS ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] [ Suresec Advisories ] - Mac OS X (xnu) multiple information leaks.
Suresec Security Advisory - #8 07/11/2005 Mac OS X (xnu) - Multiple information leaks. Advisory: http://www.suresec.org/advisories/adv8.pdf Description: The Mac OS X kernel has several information leaks. In certain cases this might be sensitive information, such as portions of the file cache or terminal buffers. This information might be directly useful, or it might be leveraged to obtain elevated privileges in some way. For example, a terminal buffer might include a user-entered password. These vulnerabilities were discovered by Ilja van Sprundel.___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Mac OS X - malloc() local privilege escalation vulnerability.
Suresec Security Advisory - #7 25/09/2005Mac OS X - malloc() insecure use of environment variable. Advisory: http://www.suresec.org/advisories/adv7.pdf Description: The malloc() function on Mac OS X insecurely trusts a debug variable, regardless of the fact that the calling application may be suid root.This can result in an arbitrary file being overwritten, which can be used to escalate privileges. This vulnerability was discovered by Ilja van Sprundel. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] [ Suresec Advisories ] - Kcheckpass file creation vulnerability
Suresec Security Advisory - #6 05/09/05 Kcheckpass file creation vulnerability Advisory: http://www.suresec.org/advisories/adv6.pdf Description: A lockfile handling error was found in kcheckpass which can, in certain configurations be used to create world writable files. Exploitation of this vulnerability may lead to elevated privileges . The vulnerability was discovered by Ilja van Sprundel. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] [ Suresec Advisories ] - Several MacOS X vulnerabilities
Suresec Security Advisory - #5 22/08/05 Several MacOS X vulnerabilities Advisory: http://www.suresec.org/advisories/adv5.pdf Description: 2 bufferoverflows in ping and traceroute were found. Additionaly a vulnerability was found in dsindentity that allows any user to remove useraccounts. Risk: Exploitation of these vulnerabilities may lead to elevated privileges or removal of accounts. Credit: The vulnerabilities were discovered by Ilja van Sprundel and Neil Archibald. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] [ Suresec Advisories ] - Linux kernel ia32 compatibility (ia64/x86-64) race condition
Suresec Security Advisory - #4 10/07/05 Linux kernel ia32 compatibility race condition Advisory: http://www.suresec.org/advisories/adv4.pdf http://www.suresec.org/advisories/adv3.pdf Description: A race condition vulnerability has been found in the ia32 compatibility execve() systemcall. The race condition may lead to heap corruption. Risk: Exploitation of this vulnerability may results in panics, oopses or in the worst case code exection at ring 0. Credit: The vulnerability was discovered by Ilja van Sprundel. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] [ Suresec Advisories ] - Mac OS X 10.4 - launchd local root vulnerability
Securesec Security Advisory - #3 09/06/05 Apple Mac OS X 10.4 launchd race condition vulnerability Advisory: http://www.suresec.org/advisories/adv3.pdf Description: A race condition vulnerability has been found in the temporary file creation done by the suid launchd program on Mac OSX 10.4. The for advisory for this can be downloaded from the Suresec website. Risk: Successful exploitation of this vulnerability results in stolen ownership of any file on the system. Using this it is trivial to get a root shell. Credit: The vulnerability was discovered by Neil Archibald and Ilja Van Sprundel ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/