533 matches found
QNX PPPoEd 2.44.256.2 - Path Environment Variable Local Command Execution
QNX PPPoEd 2.44.256.2 - Path Environment Variable Local Command Execution source: https://www.securityfocus.com/bid/11105/info QNX PPoEd is reported prone to a problem that exists in the handling of paths to external executables that are employed by PPPoEd. Because of this, an attacker may be abl...
rsync directory traversal
It's possible to bypass directory traversal protection by adding few slashes into path...
DEBIAN-CVE-2004-0157
x11.c in xonix 1.4 and earlier uses the current working directory to find and execute the rmail program, which allows local users to execute arbitrary code by modifying the path to point to a malicious rmail program...
safemode-adv-chitext.txt
================================================================== Safemode.org security advisory: CHITEX ================================================================== Introduction: ============= ChiTeX can be used to put Chinese Big5 codes in TeX/LaTeX documents. Operations with the ChiTeX...
Directory content leakage in CommunigatePro
By adding . or .. to the path it's possible to obtain directory listing...
CVE-2001-0366
The CVE-2001-0366 issue affects saposcol in SAP R/3 Web Application Server Demo prior to 1.5, where the process trusts the PATH environment variable to locate and execute the expand program. This design allows local users to escalate to root by altering PATH to point to a Trojan horse expand prog...
CVE-2000-0693
pgxconfig in the Raptor GFX configuration tool uses a relative path name for a system call to the "cp" program, which allows local users to execute arbitrary commands by modifying their path to point to an alternate "cp" program...
CVE-2001-0087
itetris/xitetris 1.6.2 and earlier trusts the PATH environmental variable to find and execute the gunzip program, which allows local users to gain root privileges by changing their PATH so that it points to a malicious gunzip program...
CVS Kit CVS Server 1.10.8 - Instructed File Create
CVS Kit CVS Server 1.10.8 - Instructed File Create source: https://www.securityfocus.com/bid/1523/info The cvs client blindly trust paths returned to it by the server. Therefore, a cvs client could be tricked into creating a file anywhere on the system by a malicious server. This problem can be...
CVE-2000-0077
The October 1998 version of the HP-UX aserver program allows local users to gain privileges by specifying an alternate PATH which aserver uses to find the ps and grep commands...
PT-1999-1020 · Microsoft · Windows Nt Iis Server
Name of the Vulnerable Software and Affected Versions: Windows NT IIS server affected versions not specified Description: The issue concerns a denial of service in the Windows NT IIS server. It can be triggered using ...., which suggests a directory traversal or path manipulation technique. No...
HP-UX 10.x11.x - Aserver PATH
HP-UX 10.x11.x - Aserver PATH source: https://www.securityfocus.com/bid/1929/info Aserver is a server program that ships with HP-UX versions 10.x and above that is used to interface client applications with the audio hardware. Because it talks to hardware, it is installed setuid root by default...
suid_perl 5.001 vulnerability
Exploit for linux platform in category local exploits ============================= suidperl 5.001 vulnerability ============================= !/usr/bin/suidperl -U $ENVPATH="/bin:/usr/bin"; $=0;$=0; exec"/bin/bash"; 0day.today 2018-04-09...