4892 matches found
CVE-2006-0619
Multiple stack-based buffer overflows in QNX Neutrino RTOS 6.3.0 allow local users to execute arbitrary code via long 1 ABLPATH or 2 ABLANG environment variables in the libAP library libAp.so.2 or 3 a long PHOTONPATH environment variable to the setitem function in the libph library...
kernel security update
CentOS Errata and Security Advisory CESA-2006:0191-01 Updated kernel packages that fix a number of security issues as well as other bugs are now available for Red Hat Enterprise Linux 2.1 32 bit architectures This security advisory has been rated as having important security impact by the Red Hat...
CVE-2003-1291
VMware ESX Server 1.5.2 before Patch 4 allows local users to execute arbitrary programs as root via certain modified VMware ESX Server environment variables...
Important: Red Hat Security Advisory: kernel security update
Updated kernel packages that fix a number of security issues as well as other bugs are now available for Red Hat Enterprise Linux 2.1 64 bit architectures. This security advisory has been rated as having important security impact by the Red Hat Security Response Team. The Linux kernel handles the...
Ubuntu 4.10 / 5.04 / 5.10 : sudo vulnerability (USN-235-1)
Charles Morris discovered a privilege escalation vulnerability in sudo. On executing Perl scripts with sudo, various environment variables that affect Perl's library search path were not cleaned properly. If sudo is set up to grant limited sudo execution of Perl scripts to normal users, this coul...
[SECURITY] [DSA 946-1] New sudo packages fix privilege escalation
-------------------------------------------------------------------------- Debian Security Advisory DSA 946-1 [email protected] http://www.debian.org/security/ Martin Schulze January 20th, 2006 http://www.debian.org/security/faq -...
[SECURITY] [DSA 946-1] New sudo packages fix privilege escalation
-------------------------------------------------------------------------- Debian Security Advisory DSA 946-1 [email protected] http://www.debian.org/security/ Martin Schulze January 20th, 2006 http://www.debian.org/security/faq -...
Mandrake Linux Security Advisory : sudo (MDKSA-2005:234)
Charles Morris discovered a vulnerability in sudo versions prior to 1.6.8p12 where, when the perl taint flag is off, sudo does not clear the PERLLIB, PERL5LIB, and PERL5OPT environment variables, which could allow limited local users to cause a perl script to include and execute arbitrary library...
Mandrake Linux Security Advisory : uim (MDKSA-2005:198)
Masanari Yamamoto discovered that Uim uses environment variables incorrectly. This bug causes a privilege escalation if setuid/setgid applications are linked to libuim. The updated packages have been patched to address this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descripti...
USN-235-2: sudo vulnerability
USN-235-1 fixed a vulnerability in sudo's handling of environment variables. Tavis Ormandy noticed that sudo did not filter out the PYTHONINSPECT environment variable, so that users with the limited privilege of calling a python script with sudo could still escalate their privileges. For referenc...
Sudo 1.6.x - Environment Variable Handling Security Bypass (2)
Sudo 1.6.x - Environment Variable Handling Security Bypass 2 source: https://www.securityfocus.com/bid/16184/info Sudo is prone to a security-bypass vulnerability that could lead to arbitrary code execution. This issue is due to an error in the application when handling environment variables. A...
sudo privilege escalation
few envoronment vaqriables used by bash perl and python are not cleaned...
Sudo 1.6.x - Environment Variable Handling Security Bypass (1)
Sudo 1.6.x - Environment Variable Handling Security Bypass 1 source: https://www.securityfocus.com/bid/16184/info Sudo is prone to a security-bypass vulnerability that could lead to arbitrary code execution. This issue is due to an error in the application when handling environment variables. A...
Sudo 1.6.x - Environment Variable Handling Security Bypass (1)
source: https://www.securityfocus.com/bid/16184/info Sudo is prone to a security-bypass vulnerability that could lead to arbitrary code execution. This issue is due to an error in the application when handling environment variables. A local attacker with the ability to run Python scripts can...
USN-235-1: sudo vulnerability
Charles Morris discovered a privilege escalation vulnerability in sudo. On executing Perl scripts with sudo, various environment variables that affect Perl's library search path were not cleaned properly. If sudo is set up to grant limited sudo execution of Perl scripts to normal users, this coul...
CVE-2005-4875
TYPO3 3.8.0 and earlier allows remote attackers to obtain sensitive information via a direct request to misc/phpcheck/, which invokes the phpinfo function and prints values of unspecified environment variables...
CVE-2005-3629
initscripts in Red Hat Enterprise Linux 4 does not properly handle certain environment variables when /sbin/service is executed, which allows local users with sudo permissions for /sbin/service to gain root privileges via unknown vectors...
CVE-2005-4158
Sudo before 1.6.8 p12, when the Perl taint flag is off, does not clear the 1 PERLLIB, 2 PERL5LIB, and 3 PERL5OPT environment variables, which allows limited local users to cause a Perl script to include and execute arbitrary library files that have the same name as library files that are included...
CVE-2005-4158
Sudo before 1.6.8 p12, when the Perl taint flag is off, does not clear the 1 PERLLIB, 2 PERL5LIB, and 3 PERL5OPT environment variables, which allows limited local users to cause a Perl script to include and execute arbitrary library files that have the same name as library files that are included...
CVE-2005-4158
Sudo before 1.6.8 p12, when the Perl taint flag is off, does not clear the 1 PERLLIB, 2 PERL5LIB, and 3 PERL5OPT environment variables, which allows limited local users to cause a Perl script to include and execute arbitrary library files that have the same name as library files that are included...