Lucene search
+L

4884 matches found

openvas
openvas
added 2008/01/17 12:0 a.m.33 views

Debian Security Advisory DSA 946-1 (sudo)

The remote host is missing an update to sudo announced via advisory DSA 946-1. It has been discovered that sudo, a privileged program, that provides limited super user privileges to specific users, passes several environment variables to the program that runs with elevated privileges. In the case...

7.2CVSS8.4AI score0.01077EPSS
Exploits2
openvas
openvas
added 2008/01/17 12:0 a.m.33 views

Debian Security Advisory DSA 946-2 (sudo)

The remote host is missing an update to sudo announced via advisory DSA 946-2. The former correction to vulnerabilities in the sudo package worked fine but were too strict for some environments. Therefore we have reviewed the changes again and allowed some environment variables to go back into th...

7.2CVSS0.2AI score0.01077EPSS
Exploits2
openvas
openvas
added 2008/01/17 12:0 a.m.25 views

Debian Security Advisory DSA 1045-1 (openvpn)

The remote host is missing an update to openvpn announced via advisory DSA 1045-1. Hendrik Weimer discovered that OpenVPN, the Virtual Private Network daemon, allows to push environment variables to a client allowing a malicious VPN server to take over connected clients. the old stable distributi...

9CVSS0.3AI score0.03021EPSS
Exploits0
openvas
openvas
added 2008/01/17 12:0 a.m.19 views

Debian Security Advisory DSA 946-1 (sudo)

The remote host is missing an update to sudo announced via advisory DSA 946-1. It has been discovered that sudo, a privileged program, that provides limited super user privileges to specific users, passes several environment variables to the program that runs with elevated privileges. In the case...

8.5AI score
Exploits0References1
openvas
openvas
added 2008/01/17 12:0 a.m.29 views

Debian: Security Advisory (DSA-1045-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9CVSS6.7AI score0.03021EPSS
Exploits0References3
openvas
openvas
added 2008/01/17 12:0 a.m.10 views

Debian: Security Advisory (DSA-445)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.6CVSS6.8AI score0.0089EPSS
Exploits1References3
openvas
openvas
added 2008/01/17 12:0 a.m.7 views

Debian: Security Advisory (DSA-432)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.6CVSS7.2AI score0.00382EPSS
Exploits0References3
openvas
openvas
added 2008/01/17 12:0 a.m.22 views

Debian Security Advisory DSA 026-1 (bind)

The remote host is missing an update to bind announced via advisory DSA 026-1. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS6.5AI score0.31624EPSS
Exploits0References1
myhack58
myhack58
added 2007/11/19 12:0 a.m.43 views

Talk about environment variables in the Hacking of use-vulnerability warning-the black bar safety net

This message has been sent to the Black hand of the tenth First, we first understand under what environment variables! Environment variable generally refers to in theoperating systemis used to specify theoperating systemthe operating environment of some parameters, such as the temporary folder...

0.5AI score
Exploits0
nessus
nessus
added 2007/10/17 12:0 a.m.23 views

openSUSE 10 Security Update : apparmor (apparmor-1842)

This update fixes security problems in the AppArmor confinment technology. Since it adds new flags to the profile syntax, you likely should review and adapt your profiles. - If a profile allowed unconfined execution 'ux' of a child binary it was possible to inject code via LDPRELOAD or similar...

5.9AI score
Exploits0
nessus
nessus
added 2007/10/11 12:0 a.m.14 views

IBM DB2 < 8 Fix Pack 15 / 9.x < 9 Fix Pack 3 Multiple Vulnerabilities

Binary data 4239.prm...

10CVSS7.3AI score0.26989EPSS
Exploits8References21
fedora
fedora
added 2007/08/24 5:44 a.m.22 views

[SECURITY] Fedora 7 Update: pam_ssh-1.92-2.fc7

This PAM module provides single sign-on behavior for UNIX using SSH keys. Users are authenticated by decrypting their SSH private keys with the password provided. In the first PAM login session phase, an ssh-agent process is started and keys are added. The same agent is used for the following PAM...

6.4CVSS3.5AI score0.00833EPSS
Exploits0
prion
prion
added 2007/08/20 7:17 p.m.16 views

Design/Logic Flaw

Untrusted search path vulnerability in the wrapper scripts for the 1 rug, 2 zen-updater, 3 zen-installer, and 4 zen-remover programs on SUSE Linux 10.1 and Enterprise 10 allows local users to gain privileges via modified a LDLIBRARYPATH and b MONOGACPREFIX environment variables...

4.6CVSS7.1AI score0.00372EPSS
Exploits0References6Affected Software1
nvd
nvd
added 2007/08/20 7:17 p.m.16 views

CVE-2007-4432

Untrusted search path vulnerability in the wrapper scripts for the 1 rug, 2 zen-updater, 3 zen-installer, and 4 zen-remover programs on SUSE Linux 10.1 and Enterprise 10 allows local users to gain privileges via modified a LDLIBRARYPATH and b MONOGACPREFIX environment variables...

4.6CVSS6.6AI score0.00372EPSS
Exploits0References6
cve
cve
added 2007/08/20 7:0 p.m.54 views

CVE-2007-4432

CVE-2007-4432 affects the wrapper scripts for rug, zen-updater, zen-installer, and zen-remover on SUSE Linux 10.1 and SUSE Linux Enterprise 10. The issue is an untrusted search path vulnerability caused by environment variables LD_LIBRARY_PATH and MONO_GAC_PREFIX, allowing local privilege escalat...

4.6CVSS6.6AI score0.00372EPSS
Exploits0References6Affected Software2
prion
prion
added 2007/08/18 9:17 p.m.29 views

Stack overflow

Stack-based buffer overflow in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allows attackers to execute arbitrary code via a long DASPROF and possibly other environment variables, which are copied into the buildDasPaths buffer...

6.9CVSS8.1AI score0.00499EPSS
Exploits1References11Affected Software1
securityvulns
securityvulns
added 2007/08/18 12:0 a.m.70 views

iDefense Security Advisory 08.16.07: IBM DB2 Universal Database buildDasPaths Buffer Overflow Vulnerability

IBM DB2 Universal Database buildDasPaths Buffer Overflow Vulnerability iDefense Security Advisory 08.16.07 http://labs.idefense.com/intelligence/vulnerabilities/ Aug 16, 2007 I. BACKGROUND IBM Corp.'s DB2 Universal Database product is a large database server product commonly used for high end...

6.9CVSS1.1AI score0.00499EPSS
Exploits1
prion
prion
added 2007/04/24 5:19 p.m.23 views

Command injection

SMB in Apple Mac OS X 10.3.9 through 10.4.9 does not properly clean the environment when executing commands, which allows local users to gain privileges by setting unspecified environment variables...

7.2CVSS6.3AI score0.00379EPSS
Exploits0References7Affected Software2
nvd
nvd
added 2007/04/24 5:19 p.m.18 views

CVE-2007-0737

The Login Window in Apple Mac OS X 10.3.9 through 10.4.9 does not properly check certain environment variables, which allows local users to gain privileges via unspecified vectors...

4.6CVSS6AI score0.00334EPSS
Exploits0References8
prion
prion
added 2007/04/24 5:19 p.m.19 views

Code injection

loadwebdav in Apple Mac OS X 10.3.9 through 10.4.9 does not properly clean the environment when mounting a WebDAV filesystem, which allows local users to gain privileges by setting unspecified environment variables...

7.2CVSS6.2AI score0.00868EPSS
Exploits0References9Affected Software2
Rows per page
Query Builder