Dixie Flatline

5 exploits Active since Jun 2000
CVE-2000-0494 EXPLOITDB text WORKING POC
Veritas Volume Manager - Command Injection
Veritas Volume Manager creates a world writable .server_pids file, which allows local users to add arbitrary commands into the file, which is then executed by the vmsa_server script.
CVE-2000-0880 EXPLOITDB text WORKING POC
LPPlus - Local Privilege Escalation
LPPlus creates the lpdprocess file with world-writeable permissions, which allows local users to kill arbitrary processes by specifying an alternate process ID and using the setuid dcclpdshut program to kill the process that was specified in the lpdprocess file.
CVE-2000-0881 EXPLOITDB text WORKING POC
LPPlus - Privilege Escalation
The dccscan setuid program in LPPlus does not properly check if the user has the permissions to print the file that is specified to dccscan, which allows local users to print arbitrary files.
CVE-2001-0208 EXPLOITDB text WORKING POC
MicroFocus Cobol 4.1 - Privilege Escalation
MicroFocus Cobol 4.1, with the AppTrack feature enabled, installs the mfaslmf directory and the nolicense file with insecure permissions, which allows local users to gain privileges by modifying files.
EIP-2026-102150 EXPLOITDB text WORKING POC
Shareplex 2.1.3.9/2.2.2 Beta - Arbitrary Local File Disclosure