/bin/ksh creates insecure tmp files

Recently I reported that, similarly to the recently discussed tcsh vulnerability, the Bourne shell /bin/sh creates temporary files in an insecure way: http://www.securityfocus.com/templates/archive.pike?list=1&[email protected] At the time I also tested the Korn...

b0f5-Qpopper.txt

b u f f e r 0 v e r f l 0 w s e c u r i t y a d v i s o r y 5 Advisory Name: Remote shell via Qpopper2.53 Date: 5/23/00 Application: Qpopper 2.53 for NIX Vendor: Qualcomm Incorporated WWW: www.qualcomm.com Severity: can give users remote shell with gid=mail. Author: prizm [email protected]...

CVE-2000-0325

The CVE-2000-0325 entry concerns the Microsoft Jet database engine, where an attacker can execute commands through a database query via the VBA Shell vulnerability. The available sources (NVD/CVE listing) describe command execution as the impact, but do not provide details on affected product ver...

Apple Mac OSX 10 HP-UX 91011 Mandriva 67 RedHat 56 SCO 5 IRIX 6 - Shell Redirection Race Condition

Apple Mac OSX 10 HP-UX 91011 Mandriva 67 RedHat 56 SCO 5 IRIX 6 - Shell Redirection Race Condition source: https://www.securityfocus.com/bid/2006/info bash, tcsh, cash, ksh and sh are all variations of the Unix shell distributed with many Unix and Unix clone operating systems. A vulnerability...

CVE-2000-0325

The Microsoft Jet database engine allows an attacker to execute commands via a database query, aka the "VBA Shell" vulnerability...

CVE-1999-1115

Vulnerability in the /etc/suidexec program in HP Apollo Domain/OS sr10.2 and sr10.3 beta, related to the Korn Shell ksh...

CVE-2024-36472

In GNOME Shell through 45.7, a portal helper can be launched automatically without user confirmation based on network responses provided by an adversary e.g., an adversary who controls the local Wi-Fi network, and subsequently loads untrusted JavaScript code, which may lead to resource consumptio...