Debian DSA-787-1 : backup-manager - insecure permissions and tempfile

Two bugs have been found in backup-manager, a command-line driven backup utility. The Common Vulnerabilities and Exposures project identifies the following problems : - CAN-2005-1855 Jeroen Vermeulen discovered that backup files are created with default permissions making them world readable, eve...

Adobe Version Cue 1.0/1.0.1 (OSX) - '-lib' Local Privilege Escalation

/ Adobe Version Cue VCNativeOSX: local root exploit. dyld by: vade79/v9 [email protected] fakehalo/realhalo Adobe Version Cue's VCNative program allows un-privileged local users to load arbitrary libraries"bundles" while running setuid root. this is done via the "-lib" command-line option. note:...

CVE-2005-2681

Unspecified vulnerability in the command line processing CLI logic in Cisco Intrusion Prevention System 5.01 and 5.02 allows local users with OPERATOR or VIEWER privileges to gain additional privileges via unknown vectors...

CVE-2005-2505

Buffer overflow in CoreFoundation in Mac OS X 10.3.9 allows attackers to execute arbitrary code via command line arguments to an application that uses CoreFoundation...

CVE-2005-2505

Buffer overflow in CoreFoundation in Mac OS X 10.3.9 allows attackers to execute arbitrary code via command line arguments to an application that uses CoreFoundation...

ifenslave / iwconfig network device management utilities buffer overflow

Buffer overflow on parsing command lines arguments...

CVE-2002-2089

Buffer overflow in rcp in Solaris 9.0 allows local users to execute arbitrary code via a long command line argument...

CVE-2004-2300

Buffer overflow in snmpd in ucd-snmp 4.2.6 and earlier, when installed setuid root, allows local users to execute arbitrary code via a long -p command line argument. NOTE: it is not clear whether there are any standard configurations in which snmpd is installed setuid or setgid. If not, then this...

PT-2005-3247 · Calogic · Calogic

Name of the Vulnerable Software and Affected Versions: CaLogic version 1.2.2 Description: The issue allows remote attackers to execute arbitrary code. This is achieved via the CLPATH parameter to several API endpoints: "/cl minical.php", "/clmcpreload.php", "/mcconfig.php", or "/mcpi-demo.php"...

CVE-2001-1508

Buffer overflow in lpstat in SCO OpenServer 5.0 through 5.0.6a allows local users to execute arbitrary code as group bin via a long command line argument...

FreeBSD : unace -- multiple vulnerabilities (1d3a2737-7eb7-11d9-acf7-000854d03344)

Ulf Harnhammar reports : - There are buffer overflows when extracting, testing or listing specially prepared ACE archives. - There are directory traversal bugs when extracting ACE archives. - There are also buffer overflows when dealing with long 17000 characters command line arguments. Secunia...

FreeBSD : golddig -- local buffer overflow vulnerabilities (949c470e-528f-11d9-ac20-00065be4b5b6)

Two buffer overflow vulnerabilities where detected. Both issues can be used by local users to gain group games privileges on affected systems. The first overflow exists in the map name handling and can be triggered when a very long name is given to the program during command-line execution The...

CVE-2005-2236

CVE-2005-2236 describes a format string vulnerability in the paginit command for IBM AIX 5.3 (and possibly other versions). The issue could allow local users to execute arbitrary code via format strings supplied in command line arguments. This is a local privilege concern with an impact described...

CVE-2005-2236

Format string vulnerability in the paginit command in IBM AIX 5.3, and possibly other versions, might allow local users to execute arbitrary code via format strings in command line arguments...

CVE-2005-2232

Buffer overflow in invscout in IBM AIX 5.1.0 through 5.3.0 might allow local users to execute arbitrary code via a long command line argument...

CVE-2004-2159

Multiple buffer overflows in XMLStarlet Command Line XML Toolkit 0.9.3 have unknown impact and attack vectors via 1 xmlelem.c and 2 xmlselect.c...

CVE-2004-2159

Technical details about CVE-2004-2159 are not publicly provided in the supplied documents; monitor for updates.

CVE-2004-2160

XMLStarlet Command Line XML Toolkit 0.9.3 is affected by a format string vulnerability in xml_elem.c, as described for CVE-2004-2160. The issue enables denial of service or arbitrary code execution and is exploitable via network access with low attack complexity, according to the NVD entry. Affec...

CVE-2004-2160

Format string vulnerability in xmlelem.c for XMLStarlet Command Line XML Toolkit 0.9.3 may allow attackers to cause a denial of service or execute arbitrary code...

CVE-2004-2159

Multiple buffer overflows in XMLStarlet Command Line XML Toolkit 0.9.3 have unknown impact and attack vectors via 1 xmlelem.c and 2 xmlselect.c...