CVE-2008-1810

Untrusted search path vulnerability in dbmsrv in SAP MaxDB 7.6.03.15 on Linux allows local users to gain privileges via a modified PATH environment variable...

CVE-2008-1810

Untrusted search path vulnerability in dbmsrv in SAP MaxDB 7.6.03.15 on Linux allows local users to gain privileges via a modified PATH environment variable...

Stack overflow

Stack-based buffer overflow in op before Changeset 563, when xauth support is enabled, allows local users to gain privileges via a long XAUTHORITY environment variable...

Code injection

Unspecified vulnerability in iostat in IBM AIX 5.2, 5.3, and 6.1 allows local users to gain privileges via unknown vectors related to an "environment variable handling error."...

CVE-2008-2515

Unspecified vulnerability in iostat in IBM AIX 5.2, 5.3, and 6.1 allows local users to gain privileges via unknown vectors related to an "environment variable handling error."...

FreeBSD : spamdyke -- open relay (555ac165-2bee-11dd-bbdc-00e0815b8da8)

Spamdyke Team reports : Fixed smtpfilter to reject the DATA command if no valid recipients have been specified. Otherwise, a specific scenario could result in every spamdyke installation being used as an open relay. If the remote server connects and gives one or more recipients that are rejected...

Firebird: Data disclosure

Background Firebird is a multi-platform, open source relational database. Description Viesturs reported that the default configuration for Gentoo's init script "/etc/conf.d/firebird" sets the "ISCPASSWORD" environment variable when starting Firebird. It will be used when no password is supplied b...

Stack overflow

Multiple stack-based buffer overflows in a acon.c, b menu.c, and c child.c in Acon 1.0.5-5 through 1.0.5-7 allow local users to execute arbitrary code via 1 a long HOME environment variable or 2 a large number of terminal columns...

CVE-2008-1994

Multiple stack-based buffer overflows in a acon.c, b menu.c, and c child.c in Acon 1.0.5-5 through 1.0.5-7 allow local users to execute arbitrary code via 1 a long HOME environment variable or 2 a large number of terminal columns...

CVE-2008-1994

Multiple stack-based buffer overflows in a acon.c, b menu.c, and c child.c in Acon 1.0.5-5 through 1.0.5-7 allow local users to execute arbitrary code via 1 a long HOME environment variable or 2 a large number of terminal columns...

CVE-2008-1994

Multiple stack-based buffer overflows in a acon.c, b menu.c, and c child.c in Acon 1.0.5-5 through 1.0.5-7 allow local users to execute arbitrary code via 1 a long HOME environment variable or 2 a large number of terminal columns...

CVE-2007-5758

Stack-based buffer overflow in db2dasrrm in the DB2 Administration Server DAS in IBM DB2 Universal Database 9.5 before Fix Pack 1, 9.1 before Fix Pack 4a, and 8 before FixPak 16 allows local users to execute arbitrary code via a long DASPROF environment variable...

CVE-2008-1710

Untrusted search path vulnerability in chnfsmnt in IBM AIX 6.1 allows local users to gain privileges via a modified PATH environment variable...

Code injection

rxvt 2.6.4 opens a terminal window on :0 if the DISPLAY environment variable is not set, which might allow local users to hijack X11 connections. NOTE: it was later reported that rxvt-unicode, mrxvt, aterm, multi-aterm, and wterm are also affected. NOTE: realistic attack scenarios require that th...

CVE-2008-1142

rxvt 2.6.4 opens a terminal window on :0 if the DISPLAY environment variable is not set, which might allow local users to hijack X11 connections. NOTE: it was later reported that rxvt-unicode, mrxvt, aterm, multi-aterm, and wterm are also affected. NOTE: realistic attack scenarios require that th...

Apache-SSL multiple security vulnerabilities

Multiple vulnerabilities on environment variable initialization from client certificates data...

CVE-2008-0369

IBM Informix Dynamic Server (IDS) 10.x prior to 10.00.xC8 is affected by a local file-creation vulnerability involving the SQLIDEBUG environment variable. When set, several set-UID binaries log to the specified file and change the file’s ownership to the invoking user, enabling local privilege es...

Debian: Security Advisory (DSA-354)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian Security Advisory DSA 563-2 (cyrus-sasl)

The remote host is missing an update to cyrus-sasl announced via advisory DSA 563-2. OpenVAS Vulnerability Test $Id: deb5632.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 563-2 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

Directory traversal

Directory traversal vulnerability in IBM Informix Dynamic Server IDS before 10.00.xC7W1 allows local users to gain privileges by referencing modified NLS message files through directory traversal sequences in the DBLANG environment variable...