Lucene search
K

4808 matches found

securityvulns
securityvulns
added 2003/06/09 12:0 a.m.44 views

Переполнение буфера в eterm (buffer overflow)

Переполнение буфера при разборе переменных окружения...

2.5AI score
Exploits0References2Affected Software1
securityvulns
securityvulns
added 2003/05/24 12:0 a.m.36 views

MediaMail buffer overflow

Buffer overflow during environment variables parsing...

5.6AI score
Exploits0References1Affected Software1
exploitpack
exploitpack
added 2003/03/20 12:0 a.m.23 views

Platform Load Sharing Facility 45 - LSF_ENVDIR Local Command Execution

Platform Load Sharing Facility 45 - LSFENVDIR Local Command Execution source: https://www.securityfocus.com/bid/7655/info It has been reported that Load Sharing Facility LSF does not properly handle input in environment variables. Because of this, an attacker may be able to gain escalated...

7.6AI score
Exploits0
Exploit DB
Exploit DB
added 2003/03/20 12:0 a.m.44 views

Platform Load Sharing Facility 4/5 - 'LSF_ENVDIR' Local Command Execution

source: https://www.securityfocus.com/bid/7655/info It has been reported that Load Sharing Facility LSF does not properly handle input in environment variables. Because of this, an attacker may be able to gain escalated privileges on a vulnerable system. LSF 5.1 'lsadmin' local root exploit...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2003/01/15 12:0 a.m.43 views

GLIBC locale - Format Strings

/ su.c by xp, modified by logikal@efnet - tested on redhat 5 - 7 / include include include include include include include include char shellcode = "\x31\xc0\x83\xc0\x17\x31\xdb\xcd\x80\xeb" "\x30\x5f\x31\xc9\x88\x4f\x17\x88\x4f\x1a" "\x8d\x5f\x10\x89\x1f\x8d\x47\x18\x89\x47"...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2003/01/09 12:0 a.m.31 views

Solaris 2.x/7.0/8 - Derived 'login' Remote Buffer Overflow

source: https://www.securityfocus.com/bid/3681/info The 'login' program is used in UNIX systems to authenticate users with a username and password. The utility is typically invoked at the console, by 'telnetd', 'rlogind', and if configured to do so, SSH. Versions of 'login' descended from System ...

7.4AI score
Exploits0
FreeBSD
FreeBSD
added 2003/01/01 12:0 a.m.31 views

multiple buffer overflows in xboing

Steve Kemp reports in a Debian bug submission: Due to improper bounds checking it is possible for a malicious user to gain a shell with membership group 'games'. The binary is installed setgid games. Environmental variables are used without being bounds-checked in any way, from the source code:...

4.6CVSS6.8AI score0.00508EPSS
Exploits1References1
NVD
NVD
added 2002/12/31 5:0 a.m.18 views

CVE-2002-2002

Buffer overflow in libc in Compaq Tru64 4.0F, 5.0, 5.1 and 5.1A allows attackers to execute arbitrary code via long 1 LANG and 2 LOCPATH environment variables...

7.5CVSS7.8AI score0.02676EPSS
Exploits0References5
NVD
NVD
added 2002/12/31 5:0 a.m.19 views

CVE-2002-1632

Oracle 9i Application Server 9iAS installs multiple sample pages that allow remote attackers to obtain environment variables and other sensitive information via 1 info.jsp, 2 printenv, 3 echo, or 4 echo2...

6.4CVSS6AI score0.05448EPSS
Exploits0References6
securityvulns
securityvulns
added 2002/08/08 12:0 a.m.39 views

Buffer overflow in qmailadmin

Buffer overflow on environment variables parsing...

5.7AI score
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2002/06/25 4:0 a.m.22 views

CVE-2002-0043

sudo 1.6.0 through 1.6.3p7 does not properly clear the environment before calling the mail program, which could allow local users to gain root privileges by modifying environment variables and changing how the mail program is invoked...

6.5AI score0.00938EPSS
Exploits0References13
CVE
CVE
added 2002/06/25 4:0 a.m.131 views

CVE-2001-0872

Technical details for CVE-2001-0872 are not provided in the connected documents. The initial description notes OpenSSH 3.0.1 with UseLogin and LD_PRELOAD cleansing issue. Monitor for updates.

7.2CVSS9.1AI score0.00871EPSS
Exploits0References14Affected Software1
securityvulns
securityvulns
added 2002/06/01 12:0 a.m.45 views

Multiple buffer overflows in mnews

Buffer overflows on command line processing, environment variables and NNTP server response handling...

3.2AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2002/04/17 12:0 a.m.57 views

[SNS Advisory No.51] Compaq Tru64 UNIX libc Buffer Overflow Vulnerability

---------------------------------------------------------------------- SNS Advisory No.51 Compaq Tru64 UNIX libc Buffer Overflow Vulnerability Problem first discovered: Sun, 18 Nov 2001 Published: Thu, 17 Apr 2002 ---------------------------------------------------------------------- Overview:...

1.8AI score
Exploits0
CVE
CVE
added 2002/03/15 5:0 a.m.41 views

CVE-2001-1128

The CVE-2001-1128 vulnerability affects Progress database versions 8.3D and 9.1C. A buffer overflow is triggered by long entries in files specified via the PROMSGS or PROTERMCAP environment variables, allowing local code execution. The available documents confirm the vulnerable component and the ...

7.2CVSS7.9AI score0.00712EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2002/03/15 5:0 a.m.27 views

CVE-2001-1128

Buffer overflow in Progress database 8.3D and 9.1C allows local users to execute arbitrary code via long entries in files that are specified by the 1 PROMSGS or 2 PROTERMCAP environment variables...

7.5AI score0.00712EPSS
Exploits0References3
Cvelist
Cvelist
added 2002/03/09 5:0 a.m.25 views

CVE-2000-0892

Some telnet clients allow remote telnet servers to request environment variables from the client that may contain sensitive information, or remote web servers to obtain the information via a telnet: URL...

6.2AI score0.01166EPSS
Exploits1References2
CVE
CVE
added 2002/03/09 5:0 a.m.61 views

CVE-2000-0892

CVE-2000-0892 describes a vulnerability where some telnet clients may disclose environment variables to remote telnet servers or via telnet: URLs, due to RFC 1572 (NEW-ENVIRON). The underlying issue is the ability of a server to request environment variables before authentication, potentially exp...

2.6CVSS6.2AI score0.01166EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2002/02/02 5:0 a.m.21 views

CVE-2001-0976

Vulnerability in HP Process Resource Manager PRM C.01.08.2 and earlier, as used by HP-UX Workload Manager WLM, allows local users to gain root privileges via modified libraries or environment variables...

6.6AI score0.00529EPSS
Exploits0References1
Cvelist
Cvelist
added 2002/02/02 5:0 a.m.25 views

CVE-2001-1076

Buffer overflow in whodo in Solaris SunOS 5.5.1 through 5.8 allows local users to execute arbitrary code via a long 1 SOR or 2 CFIME environment variable...

7.5AI score0.01398EPSS
Exploits1References5
Rows per page
Query Builder