27 matches found
SUSE CVE-2011-1658
ld.so in the GNU C Library aka glibc or libc6 2.13 and earlier expands the $ORIGIN dynamic string token when RPATH is composed entirely of this token, which might allow local users to gain privileges by creating a hard link in an arbitrary directory to a 1 setuid or 2 setgid program with this RPA...
CVE-2017-17562
Embedthis GoAhead before 3.6.5 allows remote code execution if CGI is enabled and a CGI program is dynamically linked. This is a result of initializing the environment of forked CGI scripts using untrusted HTTP request parameters in the cgiHandler function in cgi.c. When combined with the glibc...
PT-2017-3348
Name of the Vulnerable Software and Affected Versions Embedthis GoAhead versions prior to 3.6.5 Description The issue is related to the initialization of the environment of forked CGI scripts using untrusted HTTP request parameters in the cgiHandler function. This can be abused for remote code...
UBUNTU-CVE-2015-8325
The dosetupenv function in session.c in sshd in OpenSSH through 7.2p2, when the UseLogin feature is enabled and PAM is configured to read .pamenvironment files in user home directories, allows local users to gain privileges by triggering a crafted environment for the /bin/login program, as...
PT-2016-3440
Name of the Vulnerable Software and Affected Versions OpenSSH versions through 7.2p2 Description The issue allows local users to gain privileges by triggering a crafted environment for the /bin/login program, as demonstrated by an LD PRELOAD environment variable. This is related to the do setup e...
DEBIAN-CVE-2009-0415
Untrusted search path vulnerability in trickle 1.07 allows local users to execute arbitrary code via a Trojan horse trickle-overload.so in the current working directory, which is referenced in the LDPRELOAD path...
PT-2001-1001 · Openssh +1 · Openssh-Askpass-Gnome +5
Name of the Vulnerable Software and Affected Versions: OpenSSH versions 3.0.1 and earlier openssh-server-2.9p2 openssh-clients-2.9p2 openssh-2.9p2 openssh-askpass-2.9p2 openssh-askpass-gnome-2.9p2 ssh-askpass-ptk Description: The issue concerns multiple vulnerabilities in OpenSSH and related...