CVE-2003-1167

misc.cpp in KPopup 0.9.1 trusts the PATH variable when executing killall, which allows local users to elevate their privileges by modifying the PATH variable to reference a malicious killall program...

CVE-2004-0965

stmkfont in HP-UX B.11.00 through B.11.23 relies on the user-specified PATH when executing certain commands, which allows local users to execute arbitrary code by modifying the PATH environment variable to point to malicious programs...

NSFOCUS SA2004-02 : HP-UX stmkfont Local Privilege Escalation Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 NSFOCUS Security AdvisorySA2004-02 Topic: HP-UX stmkfont Local Privilege Escalation Vulnerability Release Date: 2004-10-20 CVE CAN ID: CAN-2004-0965 http://www.nsfocus.com/english/homepage/research/0402.htm Affected system: =================== - - HP-...

CVE-2002-1239

QNX Neutrino RTOS 6.2.0 uses the PATH environment variable to find and execute the cp program while operating at raised privileges, which allows local users to gain privileges by modifying the PATH to point to a malicious cp program...

CVE-2002-1469

scponly does not properly verify the path when finding the 1 scp or 2 sftp-server programs, which could allow remote authenticated users to bypass access controls by uploading malicious programs and modifying the PATH variable in $HOME/.ssh/environment to locate those programs...

CVE-2003-1167

misc.cpp in KPopup 0.9.1 trusts the PATH variable when executing killall, which allows local users to elevate their privileges by modifying the PATH variable to reference a malicious killall program...

CVE-2003-1358

rs.F300 for HP-UX 10.0 through 11.22 uses the PATH environment variable to find and execute programs such as rm while operating at raised privileges, which allows local users to gain privileges by modifying the path to point to a malicious rm program...

kpopup -- local root exploit and local denial of service

Mitre CVE reports: Format string vulnerability in main.cpp in kpopup 0.9.1-0.9.5pre2 allows local users to cause a denial of service segmentation fault and possibly execute arbitrary code via format string specifiers in command line arguments. misc.cpp in KPopup 0.9.1 trusts the PATH variable whe...

CVE-2002-1469

scponly does not properly verify the path when finding the 1 scp or 2 sftp-server programs, which could allow remote authenticated users to bypass access controls by uploading malicious programs and modifying the PATH variable in $HOME/.ssh/environment to locate those programs...

CVE-2003-0171

DirectoryServices in MacOS X trusts the PATH environment variable to locate and execute the touch command, which allows local users to execute arbitrary commands by modifying the PATH to point to a directory containing a malicious touch program...

CVE-2001-0943

dbsnmp in Oracle 8.0.5 and 8.1.5, under certain conditions, trusts the PATH environment variable to find and execute the 1 chown or 2 chgrp commands, which allows local users to execute arbitrary code by modifying the PATH to point to Trojan Horse programs...

CVE-1999-1107

Buffer overflow in kppp in KDE allows local users to gain root access via a long PATH environmental variable...

CVE-2001-0087

itetris/xitetris 1.6.2 and earlier trusts the PATH environmental variable to find and execute the gunzip program, which allows local users to gain root privileges by changing their PATH so that it points to a malicious gunzip program...

Tech-Source Raptor GFX PGX32 2.3.1 - Config Tool

Tech-Source Raptor GFX PGX32 2.3.1 - Config Tool source: https://www.securityfocus.com/bid/1563/info Raptor GFX cards are designed to handle 24-bit true color applications such as Netscape, seismic, geographical information systems GIS, satellite imaging, pre-press imaging and general desktop use...

Tech-Source Raptor GFX PGX32 2.3.1 - Config Tool

source: https://www.securityfocus.com/bid/1563/info Raptor GFX cards are designed to handle 24-bit true color applications such as Netscape, seismic, geographical information systems GIS, satellite imaging, pre-press imaging and general desktop use. They can also be used for high resolution 8-bit...

CVE-1999-0820

FreeBSD seyon allows users to gain privileges via a modified PATH variable for finding the xterm and seyon-emu commands...

CVE-1999-0820

The CVE-1999-0820 issue affects FreeBSD seyon, where a user can gain privileges by manipulating the PATH environment variable to influence the search order for the xterm and seyon-emu commands. Root cause is PATH-based command resolution allowing local privilege escalation. The available document...

CVE-1999-0690

Technical details about CVE-1999-0690 are not publicly provided in the supplied documents; monitor for updates.

CVE-1999-0690

HP CDE program includes the current directory in root's PATH variable...

CVE-1999-0706

Linux xmonisdn package allows local users to gain root privileges by modifying the IFS or PATH environmental variables...