2626 matches found
CVE-2014-0475
Multiple directory traversal vulnerabilities in GNU C Library aka glibc or libc6 before 2.20 allow context-dependent attackers to bypass ForceCommand restrictions and possibly have other unspecified impact via a .. dot dot in a 1 LC, 2 LANG, or other locale environment variable...
CVE-2014-0475
Multiple directory traversal vulnerabilities in GNU C Library aka glibc or libc6 before 2.20 allow context-dependent attackers to bypass ForceCommand restrictions and possibly have other unspecified impact via a .. dot dot in a 1 LC, 2 LANG, or other locale environment variable...
DSA-2984-1 acpi-support - security update
Bulletin has no description...
Debian: Security Advisory (DSA-2984-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2014-3074
The runtime linker in IBM AIX 6.1 and 7.1 and VIOS 2.2.x allows local users to create a mode-666 root-owned file, and consequently gain privileges, by setting crafted MALLOCOPTIONS and MALLOCBUCKETS environment-variable values and then executing a setuid program...
Solaris 7/8/9 CDE LibDTHelp - Local Buffer Overflow Exploit (2)
No description provided by source. / $Id: raptorlibdthelp2.c,v 1.1 2004/12/04 14:44:38 raptor Exp $ raptorlibdthelp2.c - libDtHelp.so local, Solaris/SPARC 7/8/9 Copyright c 2003-2004 Marco Ivaldi [email protected] Buffer overflow in CDE libDtHelp library allows local users to execute arbitra...
Rational ClearCase 3.2/4.x DB Loader TERM Environment Variable Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/3523/info ClearCase is a commercially available software change management package. It is maintained and distributed by Rational. A problem with the package could lead to a local user gaining elevated privileges. The...
Solaris <= 7.0 chkperm Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/295/info Solaris 2.4, 2.5, and 2.5.1 possibly other versions have a package called FACE Framed Access Command Environment installed. Included in the package is a program called chkperm which checks a file to see if the us...
QNX PPPoEd 2.4/4.25/6.2 Path Environment Variable Local Command Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/11105/info QNX PPoEd is reported prone to a problem that exists in the handling of paths to external executables that are employed by PPPoEd. Because of this, an attacker may be able to gain elevated privileges on a host...
Halloween Linux 4.0,RedHat Linux 6.1/6.2 imwheel Vulnerability (2)
No description provided by source. source: http://www.securityfocus.com/bid/1060/info A vulnerability exists in the 'imwheel' package for Linux. This package is known to be vulnerable to a buffer overrun in its handling of the HOME environment variable. By supplying a sufficiently long string...
Caldera UnixWare 7.1.1 Message Catalog Environment Variable Format String Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/4060/info UnixWare is a commercially available Unix Operating System. It was originally developed by SCO, and is now distributed and maintained by Caldera. A format string vulnerability in the locale subsystem could lead ...
OpenBSD 3.9/4.0 LD.SO Local Environment Variable Clearing Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/21188/info OpenBSD is prone to a local vulnerability that may allow attackers to pass malicious environment variables to applications, bypassing expected security restrictions. Attackers may be able to exploit this issue ...
XFree86 4.2 XLOCALEDIR Local Buffer Overflow Vulnerability (2)
No description provided by source. source: http://www.securityfocus.com/bid/7002/info Several XFree86 utilities may be prone to a buffer overflow condition. The vulnerability exists due to insufficient boundary checks performed by these utilities when referencing the XLOCALEDIR environment...
Platform Load Sharing Facility 4/5/6 EAuth Privilege Escalation Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/9724/info Load Sharing Facility eauth component has been reported prone to privilege escalation vulnerability. The eauth component is responsible for controlling authentication procedures within Load Sharing Facility. An...
qmailadmin 1.0.x Local Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/5404/info The qmailadmin utility, developed by Inter7, is vulnerable to a buffer overflow condition. It is meant to run as a CGI program and is typically installed setuid owned by root on some systems, regular users on...
Elm 2.3/2.4 - Local TERM Environment Variable Buffer Overrun Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8030/info A buffer overrun has been discovered in Elm. The problem occurs due to insufficient bounds checking performed before copying user-supplied data into an internal memory buffer. Specifically, a TERM environment...
HP-UX 11 CDE DTPrintInfo Display Environment Variable Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8795/info It has been reported that dtprintinfo, installed setuid root by default, is susceptible to a locally exploitable buffer overflow vulnerability. The condition is triggered when the value of the DISPLAY environmen...
XBlast 2.6.1 HOME Environment Variable Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8296/info XBlast is contains a locally exploitable buffer overflow vulnerability due to insufficient bounds checking of data supplied via the HOME environment variable. Successful exploitation would allow a local user to...
Progress Database 9.1 Environment Variable Local Privilege Escalation Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/7916/info It has been reported that Progress database does not properly handle untrusted input when opening shared libraries. Specifically, the dlopen function used by several Progress utilities checks the user's PATH...
IMLib2 Home Environment Variable Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/3868/info Imlib2 is a freely available, open source graphics library available for the Linux and Unix operating systems. It is maintained by Michael Jennings. Imlib2 is installed on many operating systems and linked with...