2626 matches found
Windows Path Variable over WMI - Windows
Read the Windows System Path Variables over WMI. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CUPS < 1.4.3 Multiple Vulnerabilities
According to its banner, the version of CUPS installed on the remote host is earlier than 1.4.3. Such versions are affected by several vulnerabilities : - A pointer use-after-free vulnerability exists in the abstract file descriptor handling code in the 'cupsdDoSelect' function in...
sudo -- Privilege escalation with sudoedit
Todd Miller reports: Sudo's command matching routine expects actual commands to include one or more slash '/' characters. The flaw is that sudo's path resolution code did not add a "./" prefix to commands found in the current working directory. This creates an ambiguity between a "sudoedit" comma...
MYSQL UDF - Can't open shared library studies-vulnerability and early warning-the black bar safety net
Ninty 's blog mysqlin support of the UDF extension, so that we can call the DLL inside the function to achieve some special features. But for the UDF specific limits, MYSQL versions are different. The following recording: I heard, just heard, didn't do testing on MYSQL 4.1 previously, can be all...
DEBIAN-CVE-2010-0393
The cupsGetlang function, as used by lppasswd.c in lppasswd in CUPS 1.2.2, 1.3.7, 1.3.9, and 1.4.1, relies on an environment variable to determine the file that provides localized message strings, which allows local users to gain privileges via a file that contains crafted localization data with...
Format string
The cupsGetlang function, as used by lppasswd.c in lppasswd in CUPS 1.2.2, 1.3.7, 1.3.9, and 1.4.1, relies on an environment variable to determine the file that provides localized message strings, which allows local users to gain privileges via a file that contains crafted localization data with...
Ubuntu Update for cups, cupsys vulnerabilities USN-906-1
Ubuntu Update for Linux kernel vulnerabilities USN-906-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN9061.nasl 7965 2017-12-01 07:38:25Z santu $ Ubuntu Update for cups, cupsys vulnerabilities USN-906-1 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH,...
PHP memory_limit 环境变量导致远程执行代码
No description provided by source...
CVE-2009-4018
The procopen function in ext/standard/procopen.c in PHP before 5.2.11 and 5.3.x before 5.3.1 does not enforce the 1 safemodeallowedenvvars and 2 safemodeprotectedenvvars directives, which allows context-dependent attackers to execute programs with an arbitrary environment via the env parameter, a...
Code injection
The procopen function in ext/standard/procopen.c in PHP before 5.2.11 and 5.3.x before 5.3.1 does not enforce the 1 safemodeallowedenvvars and 2 safemodeprotectedenvvars directives, which allows context-dependent attackers to execute programs with an arbitrary environment via the env parameter, a...
CVE-2009-1786
The malloc subsystem in libc in IBM AIX 5.3 and 6.1 allows local users to create or overwrite arbitrary files via a symlink attack on the log file associated with the MALLOCDEBUG environment variable...
CVE-2009-1786
The malloc subsystem in libc in IBM AIX 5.3 and 6.1 allows local users to create or overwrite arbitrary files via a symlink attack on the log file associated with the MALLOCDEBUG environment variable...
Apache Web Server Configuration File Environment Variable Local Buffer Overflow Vulnerability
According to its version number, the remote version of Apache Web Server is prone to a local buffer-overflow vulnerability that affects a configuration file environment variable. This occurs because the application fails to validate user-supplied string lengths before copying them into finite...
FreeBSD : lbreakout2 vulnerability in environment variable handling (ad4f6ca4-6720-11d8-9fb5-000a95bc6fae)
Ulf Harnhammar discovered an exploitable vulnerability in lbreakout2's environmental variable handling. In several instances, the contents of the HOME environmental variable are copied to a stack or global buffer without range checking. A local attacker may use this vulnerability to acquire...
pam-krb5 < 3.13 Local Privilege Escalation Exploit
No description provided by source. / cve-2009-0360.c pam-krb5 3.13 local privilege escalation Jon Oberheide [email protected] http://jon.oberheide.org Information: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0360 pam-krb5 before 3.13, when linked against MIT Kerberos, does not properly...
pam-krb5 < 3.13 - Local Privilege Escalation
/ cve-2009-0360.c pam-krb5 http://jon.oberheide.org Information: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0360 pam-krb5 before 3.13, when linked against MIT Kerberos, does not properly initialize the Kerberos libraries for setuid use, which allows local users to gain privileges by...
pam-krb5 < 3.13 Local Privilege Escalation Exploit
Exploit for linux platform in category local exploits ================================================== pam-krb5 3.13 Local Privilege Escalation Exploit ================================================== / cve-2009-0360.c pam-krb5 3.13 local privilege escalation Information:...
pam_krb5: Privilege escalation
Background pamkrb5 is a a Kerberos v5 PAM module. Description The following vulnerabilities were discovered: pamkrb5 does not properly initialize the Kerberos libraries for setuid use CVE-2009-0360. Derek Chan reported that calls to pamsetcred are not properly handled when running setuid...
Ubuntu Update for tomboy vulnerability USN-560-1
Ubuntu Update for Linux kernel vulnerabilities USN-560-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN5601.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for tomboy vulnerability USN-560-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...
Design/Logic Flaw
systerm.c in telnetd in FreeBSD 7.0-RELEASE and other 7.x versions deletes dangerous environment variables with a method that was valid only in older FreeBSD distributions, which might allow remote attackers to execute arbitrary code by passing a crafted environment variable from a telnet client,...