4885 matches found
TEXONET-20030902.txt
----------------------------------------------------------------------- Texonet Security Advisory 20030902 ----------------------------------------------------------------------- Advisory ID : TEXONET-20030902 Authors : Joel Soderberg and Christer Oberg Issue date : Tuesday, September 02, 2003...
CVE-2003-0631
VMware GSX Server 2.5.1 build 4968 and earlier, and Workstation 4.0 and earlier, allows local users to gain root privileges via certain enivronment variables that are used when launching a virtual machine session...
DEBIAN-CVE-2003-0620
Multiple buffer overflows in man-db 2.4.1 and earlier, when installed setuid, allow local users to gain privileges via 1 MANDATORYMANPATH, MANPATHMAP, and MANDBMAP arguments to addtodirlist in manp.c, 2 a long pathname to ultsrc in ultsrc.c, 3 a long .so argument to testforinclude in ultsrc.c, 4 ...
CVE-2003-0574
Unknown vulnerability in SGI IRIX 6.5.x through 6.5.20, and possibly earlier versions, allows local users to cause a core dump in scheme and possibly gain privileges via certain environment variables, a different vulnerability than CVE-2001-0797 and CVE-1999-0028...
CVE-2003-0574
CVE-2003-0574 relates to a System V /bin/login vulnerability (CVE-2001-0797) manifested as a buffer overflow via a large number of environment variables/arguments, enabling potential privilege escalation. Connected entries describe Solaris/SPARC telnet/rlogin vectors and several exploits (e.g., T...
CVE-2003-0631
CVE-2003-0631 affects VMware GSX Server 2.5.1 build 4968 and earlier, and Workstation 4.0 and earlier. The root cause is the use of certain environment variables when launching a virtual machine session, allowing a local user to gain root privileges. The provided documents do not specify a patch,...
CVE-2003-0620
Multiple buffer overflows in man-db 2.4.1 and earlier, when installed setuid, allow local users to gain privileges via 1 MANDATORYMANPATH, MANPATHMAP, and MANDBMAP arguments to addtodirlist in manp.c, 2 a long pathname to ultsrc in ultsrc.c, 3 a long .so argument to testforinclude in ultsrc.c, 4 ...
WMVare privilege escalation
By manipulation environment variables it's possible to start application with root privileges then during virtual machine startup...
Top 1.x/2.0 - 'HOME Environment' Local Buffer Overflow
// source: https://www.securityfocus.com/bid/8239/info A buffer overflow condition has been reported in top when handling environment variables of excessive length. This may result in an attacker potentially executing arbitrary code. / UHAGr CONFIDENTIAL SOURCE - DO NOT DISTRIBUTE Local...
Login Vulnerabilities on IRIX
-----BEGIN PGP SIGNED MESSAGE----- SGI Security Advisory Title : Login Vulnerabilities Number : 20030702-01-P Date : July 16, 2003 Reference: CVE CAN-2003-0574 Reference: SGI BUGS 850587 889119 Fixed in : IRIX 6.5.21 or patch 5182 SGI provides this information freely to the SGI user community for...
XPCD 2.0.8 - HOME Environment Local Buffer Overflow
XPCD 2.0.8 - HOME Environment Local Buffer Overflow // source: https://www.securityfocus.com/bid/8370/info A problem in the handling of long strings in environment variables by xpcd may result in a buffer overflow condition. This may allow an attacker to gain unauthorized access to system...
XPCD 2.0.8 - 'HOME Environment' Local Buffer Overflow
// source: https://www.securityfocus.com/bid/8370/info A problem in the handling of long strings in environment variables by xpcd may result in a buffer overflow condition. This may allow an attacker to gain unauthorized access to system resources. / xpcd 2.0.8 latest exploit written by r-code...
TerminatorX buffer overflows
Buffer overflow during environment variables parsing...
Sambar Server Multiple CGI Environment Variable Disclosure
The remote web server appears to be Sambar Server and makes available the 'environ.pl' and/or 'testcgi.exe' CGI scripts. These are included by default and reveal the server's installation directory along with other information that could prove useful to an attacker. Note that this version is also...
CVE-2003-0452
The CVE-2003-0452 issue affects the Operator Shell (OSH) up to version 1.7-11. A buffer overflow in OSH can be triggered by long environment variables or lengthy file redirections, enabling a local attacker to execute arbitrary code and bypass the shell’s restrictions. Public sources (including D...
GNU GNATS 3.113 - Environment Variable Buffer Overflow
// source: https://www.securityfocus.com/bid/8005/info It has been reported that GNATS is prone to a buffer overflow condition when parsing certain environment variables. An attacker can exploit this vulnerability by setting an overly long environment variable and invoking one of several GNATS...
DSA-329 osh - buffer overflows
Bulletin has no description...
Переполнение буфера в eterm (buffer overflow)
Переполнение буфера при разборе переменных окружения...
MediaMail buffer overflow
Buffer overflow during environment variables parsing...
Platform Load Sharing Facility 4/5 - 'LSF_ENVDIR' Local Command Execution
source: https://www.securityfocus.com/bid/7655/info It has been reported that Load Sharing Facility LSF does not properly handle input in environment variables. Because of this, an attacker may be able to gain escalated privileges on a vulnerable system. LSF 5.1 'lsadmin' local root exploit...