2625 matches found
CVE-2005-4864
Stack-based buffer overflow in libdb2.so in IBM DB2 7.x and 8.1 allows local users to execute arbitrary code via a long DB2LPORT environment variable...
CVE-2005-4604
Buffer overflow in MTink in the printer-filters-utils package allows local users to execute arbitrary code via a long HOME environment variable...
Linux printer drivers mtink buffer overflow
Buffer overflow on oversized HOME environment variable...
CVE-2005-4158
Sudo before 1.6.8 p12, when the Perl taint flag is off, does not clear the 1 PERLLIB, 2 PERL5LIB, and 3 PERL5OPT environment variables, which allows limited local users to cause a Perl script to include and execute arbitrary library files that have the same name as library files that are included...
CVE-2005-4076
Buffer overflow in Appfluent Technology Database IDS 2.0 allows local users to execute arbitrary code via a long APPFLUENTHOME environment variable...
CVE-2005-4076
Buffer overflow in Appfluent Technology Database IDS 2.0 allows local users to execute arbitrary code via a long APPFLUENTHOME environment variable...
Appfluent Database IDS < 2.1.0.103 (Env Variable) Local Exploit
No description provided by source. / $ An open security advisory 14 - Appfluent Database IDS Environment Variable Overflow 1: Bug Researcher: c0ntex - c0ntexbatgmail.com -+- www.open-security.org 2: Bug Released: December 07th 2005 3: Bug Impact Rate: Hi 4: Bug Scope Rate: Local root $ This...
Appfluent Database IDS < 2.1.0.103 - Environment Variable Local Overflow
/ $ An open security advisory 14 - Appfluent Database IDS Environment Variable Overflow 1: Bug Researcher: c0ntex - c0ntexbatgmail.com -+- www.open-security.org 2: Bug Released: December 07th 2005 3: Bug Impact Rate: Hi 4: Bug Scope Rate: Local root $ This advisory and/or proof of concept code mu...
Appfluent Database IDS < 2.1.0.103 (Env Variable) Local Exploit
Exploit for solaris platform in category local exploits =============================================================== Appfluent Database IDS 2.1.0.103 Env Variable Local Exploit =============================================================== / $ An open security advisory 14 - Appfluent Database...
CVE-2005-3346
Buffer overflow in the environment variable substitution code in main.c in OSH 1.7-14 allows local users to inject arbitrary environment variables, such as LDPRELOAD, via pathname arguments of the form "$VAR/EVAR=arg", which cause the EVAR portion to be appended to a buffer returned by a getenv...
CVE-2005-3346
Buffer overflow in the environment variable substitution code in main.c in OSH 1.7-14 allows local users to inject arbitrary environment variables, such as LDPRELOAD, via pathname arguments of the form "$VAR/EVAR=arg", which cause the EVAR portion to be appended to a buffer returned by a getenv...
CVE-2005-3346
Buffer overflow in the environment variable substitution code in main.c in OSH 1.7-14 allows local users to inject arbitrary environment variables, such as LDPRELOAD, via pathname arguments of the form "$VAR/EVAR=arg", which cause the EVAR portion to be appended to a buffer returned by a getenv...
CVE-2005-3346
CVE-2005-3346 affects osh (OSHevironment) 1.7-14, where a buffer overflow in the environment variable substitution code (main.c) can be triggered by pathname args like "$VAR/EVAR=arg". This allows a local attacker to inject arbitrary environment variables (e.g., LD_PRELOAD) and, per Debian's advi...
Sudo Perl 1.6.x - Environment Variable Handling Security Bypass
source: https://www.securityfocus.com/bid/15394/info Sudo is prone to a security-bypass vulnerability that could lead to arbitrary code execution. This issue is due to an error in the application when handling the 'PERLLIB', 'PERL5LIB', and 'PERL5OPT' environment variables when tainting is ignore...
Sudo <= 1.6.8p9 (SHELLOPTS/PS4 ENV variables) Local Root Exploit
No description provided by source. Sudo local root escalation privilege vuln versions : sudo 1.6.8p10 by breno You need sudo access execution for some bash script Use csh shell to change SHELLOPTS env ie: %cat x.sh !/bin/bash -x echo "Getting root!!" % cat /etc/sudoers ... breno ALL=ALL...
Sudo 1.6.8p9 - SHELLOPTSPS4 Environment Variables Privilege Escalation
Sudo 1.6.8p9 - SHELLOPTSPS4 Environment Variables Privilege Escalation Sudo local root escalation privilege vuln versions : sudo int main setuid0; system"/bin/sh"; % % gcc -o egg egg.c % setenv SHELLOPTS xtrace % setenv PS4 '$chown root:root egg' % sudo ./x.sh echo Getting root!! Getting root!! %...
CVE-2005-2748
The malloc function in the libSystem library in Apple Mac OS X 10.3.9 and 10.4.2 allows local users to overwrite arbitrary files by setting the MallocLogFile environment variable to the target file before running a setuid application...
CVE-2005-2926
Stack-based buffer overflow in 1 backupsh and 2 authsh in SCO Openserver 5.0.7 allows local users to execute arbitrary code via a long HOME environment variable...
CVE-2005-2926
Stack-based buffer overflow in 1 backupsh and 2 authsh in SCO Openserver 5.0.7 allows local users to execute arbitrary code via a long HOME environment variable...
CVE-2005-2748
The malloc function in the libSystem library in Apple Mac OS X 10.3.9 and 10.4.2 allows local users to overwrite arbitrary files by setting the MallocLogFile environment variable to the target file before running a setuid application...