2624 matches found
Oracle 89i - DBSNMP Oracle Home Environment Variable Buffer Overflow
Oracle 89i - DBSNMP Oracle Home Environment Variable Buffer Overflow // source: https://www.securityfocus.com/bid/3138/info Oracle is an Enterprise level SQL database, supporting numerous features and options. It is distributed and maintained by Oracle Corporation. When the ORACLEHOME environment...
Solaris 2.67.0 - DTMail Mail Environment Variable Buffer Overflow
Solaris 2.67.0 - DTMail Mail Environment Variable Buffer Overflow // source: https://www.securityfocus.com/bid/3081/info dtmail is an application included with the Common Desktop Environment, one of the X Window Managers included with Solaris. A buffer overflow in dtmail makes it possible for a...
Debian glibc 2 symlink issue could allow arbitrary file overwriting
Overview Some versions of ld.so, the loader for shared libraries in UNIX/LINUX, do not properly clear risky environment variables, allowing a symlink attack to overwrite arbitrary files. Description LDDEBUGOUTPUT specifies a directory in which ld.so creates a file with a predictable name based on...
FreeBSD TOP Format String Vulnerability
Exploit for bsd platform in category local exploits ======================================= FreeBSD TOP Format String Vulnerability ======================================= / freebsd x86 top exploit affected under top-3.5beta9 including this version 1. get the address of .dtors from /usr/bin/top...
CVE-2001-1178
Buffer overflow in xman allows local users to gain privileges via a long MANPATH environment variable...
Solaris 8 libsldap - Local Buffer Overflow (2)
// source: https://www.securityfocus.com/bid/2931/info Solaris 8 ships with a shared library that implements LDAP functionality called 'libsldap'. This library is linked to by a number of system utilities, many of them installed setuid or setgid. Libsldap contains a buffer overflow vulnerability ...
Solaris 8 libsldap - Local Buffer Overflow (1)
Solaris 8 libsldap - Local Buffer Overflow 1 // source: https://www.securityfocus.com/bid/2931/info Solaris 8 ships with a shared library that implements LDAP functionality called 'libsldap'. This library is linked to by a number of system utilities, many of them installed setuid or setgid...
XFree86 X11R6 3.3.2 XMan - ManPath Environment Variable Buffer Overflow
XFree86 X11R6 3.3.2 XMan - ManPath Environment Variable Buffer Overflow source: https://www.securityfocus.com/bid/3030/info xman is a component included with the XFree86 Window System. A buffer overflow in the handling of the MANPATH environment variable by xman makes it possible for a local user...
Solaris 8 mailtool - Local Buffer Overflow
// source: https://www.securityfocus.com/bid/2787/info The mailtool program included with OpenWindows in Solaris, contains a buffer overflow vulnerability which may allow local users to execute arbitrary code/commands with group 'mail' privileges. The overflow occurs when a string exceeding...
glibc unsetenv fails to properly handle environment variables passed more than once to a program
Overview The glibc implementation of unsetenv fails to properly remove one of two successive occurrences of the same environment variable if the variable is redundently passed to a program. Description The glibc implementation of unsetenv, if called to remove an environment variable that occurs t...
CVE-2001-0170
glibc 2.1.9x and earlier does not properly clear the RESOLVHOSTCONF, HOSTALIASES, or RESOPTIONS environmental variables when executing setuid/setgid programs, which could allow local users to read arbitrary files...
Дырки в различных утилитах под Solaris (buffer overflow)
Классическое переполнение буфера при разборе командной строки и переменных среды окружения...
Solaris ipcs vulnerability
Solaris ipcs vulnerability Release Date: April 11, 2001 Systems Affected: Solaris 7 x86 Other versions of Solaris are most likely affected also. Discovered by: Riley Hassell [email protected] Description: We have discovered a buffer overflow in the /usr/bin/i86/ipcs utility provided with Solaris 7...
Solaris 7.08 - IPCS Timezone Buffer Overflow
Solaris 7.08 - IPCS Timezone Buffer Overflow source: https://www.securityfocus.com/bid/2581/info Solaris is the variant of the UNIX Operating System distributed by Sun Microsystems. Solaris is designed as a scalable operating system for the Intel x86 and Sun Sparc platforms, and operates on...
SGI IRIX 6.5 / Solaris 7.0/8 CDE - '/usr/dt/bin/dtsession' Local Buffer Overflow
/ source: https://www.securityfocus.com/bid/2603/info The CDE Session Manager 'dtsession' is vulnerable to a buffer overflow that could yield root privileges to an attacker. The bug exists in dtsession's LANG environment variable parser. If an overly long LANG variable is set and dtsession is...
Solaris Xsun buffer overflow vulnerability
Solaris Xsun buffer overflow vulnerability Discovered and exploited by: Riley Hassell [email protected] Release Date: April 10, 2001 Systems Affected: Solaris 7/8 x86 and sparc Description: Yet some more Solaris spring cleaning... A buffer overflow was discovered in Xsun. Since Xsun is SUID root,...
Solaris 2.x7.08 - Xsun HOME Buffer Overflow
Solaris 2.x7.08 - Xsun HOME Buffer Overflow // source: https://www.securityfocus.com/bid/2561/info The X11 server that ships with Sun Microsystems' Solaris, Xsun, contains a locally exploitable buffer overflow vulnerability. The condition is present when the value of the HOME environment variable...
Solaris 2.x/7.0/8 - Xsun HOME Buffer Overflow
// source: https://www.securityfocus.com/bid/2561/info The X11 server that ships with Sun Microsystems' Solaris, Xsun, contains a locally exploitable buffer overflow vulnerability. The condition is present when the value of the HOME environment variable is of excessive length more than 1050 bytes...
Possible IE5.0 exposure of local environment variables
I ran across this today, anyone have any thoughts? I'm using a moderately patched IE 5.0 browser on NT 4.0 SP5 workstation. Couldn't find any reference to this in the archives, but maybe it's been covered before. I type in the url www.home.com/computername & press enter, then and IE actually...
FreeBSD 3.5.14.2 - Ports Package xklock Local Privilege Escalation
FreeBSD 3.5.14.2 - Ports Package xklock Local Privilege Escalation / xklock - FreeBSD 3.5.1 & 4.2 ports package local root exploit The X key lock program contain several exploitable buffer overflows in command line arguments aswell as the 'JNAME' environment variable. xklock is installed setuid...