Lucene search
K

533 matches found

exploitpack
exploitpack
added 2004/09/03 12:0 a.m.16 views

QNX PPPoEd 2.44.256.2 - Path Environment Variable Local Command Execution

QNX PPPoEd 2.44.256.2 - Path Environment Variable Local Command Execution source: https://www.securityfocus.com/bid/11105/info QNX PPoEd is reported prone to a problem that exists in the handling of paths to external executables that are employed by PPPoEd. Because of this, an attacker may be abl...

0.9AI score
Exploits0
securityvulns
securityvulns
added 2004/08/17 12:0 a.m.30 views

rsync directory traversal

It's possible to bypass directory traversal protection by adding few slashes into path...

3.1AI score
Exploits0References2Affected Software1
OSV
OSV
added 2004/06/01 4:0 a.m.3 views

DEBIAN-CVE-2004-0157

x11.c in xonix 1.4 and earlier uses the current working directory to find and execute the rmail program, which allows local users to execute arbitrary code by modifying the path to point to a malicious rmail program...

4.6CVSS7.5AI score0.00422EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2003/04/03 12:0 a.m.37 views

safemode-adv-chitext.txt

================================================================== Safemode.org security advisory: CHITEX ================================================================== Introduction: ============= ChiTeX can be used to put Chinese Big5 codes in TeX/LaTeX documents. Operations with the ChiTeX...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2002/07/03 12:0 a.m.34 views

Directory content leakage in CommunigatePro

By adding . or .. to the path it's possible to obtain directory listing...

1.9AI score
Exploits0References1Affected Software1
CVE
CVE
added 2002/03/09 5:0 a.m.48 views

CVE-2001-0366

The CVE-2001-0366 issue affects saposcol in SAP R/3 Web Application Server Demo prior to 1.5, where the process trusts the PATH environment variable to locate and execute the expand program. This design allows local users to escalate to root by altering PATH to point to a Trojan horse expand prog...

7.2CVSS6.8AI score0.00557EPSS
Exploits1References4Affected Software2
Cvelist
Cvelist
added 2001/05/07 4:0 a.m.16 views

CVE-2000-0693

pgxconfig in the Raptor GFX configuration tool uses a relative path name for a system call to the "cp" program, which allows local users to execute arbitrary commands by modifying their path to point to an alternate "cp" program...

7.2AI score0.01017EPSS
Exploits1References3
Cvelist
Cvelist
added 2001/02/02 5:0 a.m.17 views

CVE-2001-0087

itetris/xitetris 1.6.2 and earlier trusts the PATH environmental variable to find and execute the gunzip program, which allows local users to gain root privileges by changing their PATH so that it points to a malicious gunzip program...

6.7AI score0.00895EPSS
Exploits1References3
exploitpack
exploitpack
added 2000/07/28 12:0 a.m.13 views

CVS Kit CVS Server 1.10.8 - Instructed File Create

CVS Kit CVS Server 1.10.8 - Instructed File Create source: https://www.securityfocus.com/bid/1523/info The cvs client blindly trust paths returned to it by the server. Therefore, a cvs client could be tricked into creating a file anywhere on the system by a malicious server. This problem can be...

7.4AI score
Exploits0
NVD
NVD
added 2000/01/02 5:0 a.m.20 views

CVE-2000-0077

The October 1998 version of the HP-UX aserver program allows local users to gain privileges by specifying an alternate PATH which aserver uses to find the ps and grep commands...

7.2CVSS6.6AI score0.00975EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 1999/05/12 12:0 a.m.5 views

PT-1999-1020 · Microsoft · Windows Nt Iis Server

Name of the Vulnerable Software and Affected Versions: Windows NT IIS server affected versions not specified Description: The issue concerns a denial of service in the Windows NT IIS server. It can be triggered using ...., which suggests a directory traversal or path manipulation technique. No...

5CVSS6.5AI score0.05873EPSS
Exploits0References2
exploitpack
exploitpack
added 1998/10/18 12:0 a.m.17 views

HP-UX 10.x11.x - Aserver PATH

HP-UX 10.x11.x - Aserver PATH source: https://www.securityfocus.com/bid/1929/info Aserver is a server program that ships with HP-UX versions 10.x and above that is used to interface client applications with the audio hardware. Because it talks to hardware, it is installed setuid root by default...

7.4AI score
Exploits0
0day.today
0day.today
added 1996/06/01 12:0 a.m.22 views

suid_perl 5.001 vulnerability

Exploit for linux platform in category local exploits ============================= suidperl 5.001 vulnerability ============================= !/usr/bin/suidperl -U $ENVPATH="/bin:/usr/bin"; $=0;$=0; exec"/bin/bash"; 0day.today 2018-04-09...

6.8AI score
Exploits0
Rows per page
Query Builder