4767 matches found
McAfee Email Gateway (formerly IronMail) - Local Privilege Escalation
McAfee Email Gateway formerly IronMail - Local Privilege Escalation Advisory Name: Local Privilege Escalation in McAfee Email Gateway formerly IronMail Vulnerability Class: Local Privilege Escalation Release Date: Tue Apr 6, 2010 Affected Applications: Secure Mail Ironmail ver.6.7.1 Affected...
FreeBSD privilege escalation
It's possible to bypass environment variables filtering on suid program execution...
CVE-2009-4147
The rtld function in the Run-Time Link-Editor rtld in libexec/rtld-elf/rtld.c in FreeBSD 7.1 and 8.0 does not clear the 1 LDLIBMAP, 2 LDLIBRARYPATH, 3 LDLIBMAPDISABLE, 4 LDDEBUG, and 5 LDELFHINTSPATH environment variables, which allows local users to gain privileges by executing a setuid or setgu...
CVE-2009-4147
CVE-2009-4147 affects FreeBSD rtld (libexec/rtld-elf/rtld.c) on FreeBSD 7.1, 7.2 and 8.0. The rtld function fails to clear LD * environment variables, allowing a local user to exploit a modified search path to load a Trojan library and escalate privileges (e.g., through setuid/setgid programs). R...
EUVD-2009-4117
The rtld function in the Run-Time Link-Editor rtld in libexec/rtld-elf/rtld.c in FreeBSD 7.1 and 8.0 does not clear the 1 LDLIBMAP, 2 LDLIBRARYPATH, 3 LDLIBMAPDISABLE, 4 LDDEBUG, and 5 LDELFHINTSPATH environment variables, which allows local users to gain privileges by executing a setuid or setgu...
PHP 5.3.x < 5.3.1 Multiple Vulnerabilities
Binary data 801090.prm...
SuSE9 Security Update : telnet (YOU Patch Number 10238)
The telnet client protocol can be abused by a malicious server to read the environment of the client site. The information can be used as preparation for further attacks. This bug can also be exploited by using the telnet:// URL on a web-site and letting the web-browser fork a telnet client. This...
IBM AIX 5.66.1 - _LIB_INIT_DBG Arbitrary File Overwrite via Libc Debug
IBM AIX 5.66.1 - LIBINITDBG Arbitrary File Overwrite via Libc Debug !/bin/sh $Id: raptorlibC,v 1.1 2009/09/10 15:08:04 raptor Exp $ raptorlibC - AIX arbitrary file overwrite via libC debug Copyright c 2009 Marco Ivaldi Property of @ Mediaservice.net Srl Data Security Division...
Explain how to provide the right to the use of environment variables-vulnerability and early warning-the black bar safety net
First, we first understand under what environment variables! Environment variable generally refers to in theoperating systemis used to specify theoperating systemthe operating environment of some parameters, such as the temporary folder location and system folder locations, and so on. This point ...
IBM AIX libc privilege escalation
It's possible to maniuplate files via LIBINITDBG and LIBINITDBGFILE environment variables for suid applications...
iDefense Security Advisory 08.06.09: IBM AIX libC _LIB_INIT_DBG Arbitrary File Creation Vulnerability
iDefense Security Advisory 08.04.09 http://labs.idefense.com/intelligence/vulnerabilities/ Aug 04, 2009 I. BACKGROUND IBM's AIX is a Unix operating system based on System V, which runs on the PowerPC PPC architecture. For more information, visit the product web site at the following URL...
IBM AIX 5.3 libc MALLOCDEBUG File Overwrite Vulnerability
No description provided by source. !/bin/bash \ / /| | | | \ | | | | | | \ | | | | | | \ \ | | \ | | | | \ | | \ \ | | | \ | |/ / |/ http://root-the.net + IBM AIX libc MALLOCDEBUG File Overwrite Vulnerability + Refer : securitytracker.com/id?1022261 + Exploit : Affix [email protected] + Tested on...
IBM AIX 5.3 libc MALLOCDEBUG File Overwrite Vulnerability
Exploit for aix platform in category local exploits ========================================================= IBM AIX 5.3 libc MALLOCDEBUG File Overwrite Vulnerability ========================================================= !/bin/bash + IBM AIX libc MALLOCDEBUG File Overwrite Vulnerability +...
IBM AIX 5.3 - 'libc' MALLOCDEBUG File Overwrite
!/bin/bash \ / /| | | | \ | | | | | | \ | | | | | | \ \ | | \ | | | | \ | | \ \ | | | \ | |/ / |/ http://root-the.net + IBM AIX libc MALLOCDEBUG File Overwrite Vulnerability + Refer : securitytracker.com/id?1022261 + Exploit : Affix + Tested on : IBM AIX + Greetz : Mad-Hatter, Atomiku, RTN,...
IBM AIX 5.3 - libc MALLOCDEBUG File Overwrite
IBM AIX 5.3 - libc MALLOCDEBUG File Overwrite !/bin/bash \ / /| | | | \ | | | | | | \ | | | | | | \ \ | | \ | | | | \ | | \ \ | | | \ | |/ / |/ http://root-the.net + IBM AIX libc MALLOCDEBUG File Overwrite Vulnerability + Refer : securitytracker.com/id?1022261 + Exploit : Affix + Tested on : IBM...
Hitachi Web Server Vulnerability in SSL Client Authentication
Overview Hitachi Web Server contains a vulnerability in handling SSL client certificates, which could allow an attacker to manipulate environment variables and/or spoof the client to access Web servers. Impact An attacker could manipulate environment variables and/or spoof the client to access We...
CVE-2003-1572
Sun Java Media Framework JMF 2.1.1 through 2.1.1c allows unsigned applets to cause a denial of service JVM crash and read or write unauthorized memory locations via the ReadEnv class, as demonstrated by reading environment variables using modified .data and .size fields...
[SECURITY] Fedora 10 Update: pam_ssh-1.92-10.fc10
This PAM module provides single sign-on behavior for UNIX using SSH keys. Users are authenticated by decrypting their SSH private keys with the password provided. In the first PAM login session phase, an ssh-agent process is started and keys are added. The same agent is used for the following PAM...
Ubuntu 8.04 LTS / 8.10 : libpam-krb5 vulnerabilities (USN-719-1)
It was discovered that pamkrb5 parsed environment variables when run with setuid applications. A local attacker could exploit this flaw to bypass authentication checks and gain root privileges. CVE-2009-0360 Derek Chan discovered that pamkrb5 incorrectly handled refreshing existing credentials wh...
Fedora Update for pam_ssh FEDORA-2007-1793
Check for the Version of pamssh OpenVAS Vulnerability Test Fedora Update for pamssh FEDORA-2007-1793 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...