sudo: certain environment variables not sanitized when env_reset is disabled

Sudo 1.6.9 before 1.8.5, when envreset is disabled, does not properly check environment variables for the envdelete restriction, which allows local users with sudo permissions to bypass intended command restrictions via a crafted environment variable...

Moderate: Red Hat Security Advisory: sudo security update

An updated sudo package that fixes one security issue is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

sudo security update

1.7.2p1-29 - added patch for CVE-2014-0106: certain environment variables not sanitized when envreset is disabled Resolves: rhbz1072210...

Easytalk V2.5 SQL注入一枚

简要描述： 看官网上更新到了2.5。。 漏洞是少了不少。。 不好找了。。。找了很久都没找到什么。。 全局GET POST 转义。 详细说明： Indexaction中 public function checkreset parent::tologin; $uModel=D'Users'; $urldata=$REQUEST'urldata'; parsestrbase64decode$urldata; $userid=intval$userid; $username=strreplacearray"'",'"'," ","",$username;...

GLSA-201402-18 : GNU Midnight Commander: User-assisted execution of arbitrary code

The remote host is affected by the vulnerability described in GLSA-201402-18 GNU Midnight Commander: User-assisted execution of arbitrary code GNU Midnight Commander does not properly sanitize environment variables. Impact : A remote attacker could entice a user to open a specially crafted archiv...

GNU Midnight Commander: User-assisted execution of arbitrary code

Background GNU Midnight Commander is a text based file manager. Description GNU Midnight Commander does not properly sanitize environment variables. Impact A remote attacker could entice a user to open a specially crafted archive file using GNU Midnight Commander, possibly resulting in execution ...

jDisk (stickto) v2.0.3 iOS - Multiple Web Vulnerabilities

Document Title: =============== jDisk stickto v2.0.3 iOS - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1196 Release Date: ============= 2014-02-11 Vulnerability Laboratory ID VL-ID: ==================================== 11...

DSA-2853-1 horde3 - Remote code execution

Bulletin has no description...

Printer Environment Variables Scanner

This module scans for printer environment variables using the Printer Job Language PJL protocol. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require "rex/proto/pjl" class MetasploitModule "Printer Environment...

FreeBSD : nagios -- denial of service vulnerability (ba04a373-7d20-11e3-8992-00132034b086)

Eric Stanley reports : Most CGIs previously incremented the input variable counter twice when it encountered a long key value. This could cause the CGI to read past the end of the list of CGI variables. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks i...

PHP vulnerability discovery ideas+examples-vulnerability warning-the black bar safety net

Recent research PHP-vulnerability of the excavation, summed up some of my digging into the vulnerability, finishing some thoughts, seeking the path of the God-man complement, criticism, guidance This article all of the examples are from me the clouds on has been by the manufacturer to allow...

Fedora Update for php-symfony2-Routing FEDORA-2013-22422

Check for the Version of php-symfony2-Routing OpenVAS Vulnerability Test Fedora Update for php-symfony2-Routing FEDORA-2013-22422 Authors: System Generated Check Copyright: Copyright C 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it...

CVE-2013-4400

virt-login-shell in libvirt 1.1.2 through 1.1.3 allows local users to overwrite arbitrary files and possibly gain privileges via unspecified environment variables or command-line arguments...

CVE-2013-4400

virt-login-shell in libvirt 1.1.2 through 1.1.3 allows local users to overwrite arbitrary files and possibly gain privileges via unspecified environment variables or command-line arguments...

CVE-2013-4400

CVE-2013-4400 affects libvirt up to 1.1.3 (1.1.2–1.1.3). Local users can overwrite arbitrary files and possibly gain privileges via unspecified environment variables or command-line arguments in virt-login-shell. Public references in multiple advisories confirm affected versions and a need to upg...

CVE-2013-4400

virt-login-shell in libvirt 1.1.2 through 1.1.3 allows local users to overwrite arbitrary files and possibly gain privileges via unspecified environment variables or command-line arguments...

ThinkSNS getshell一枚

简要描述： ThinkSNS某处处理不当导致get shell 详细说明： \apps\public\Lib\Action\CommentAction.class.php reply函数 public function reply $var = $GET; $var'initNums' = model'Xdata'-getConfig'weibonums', 'feed'; $var'commentInfo' = model'Comment'-getCommentInfo$var'commentid', false; $var'canrepost' =...

Superuser unsanitized environment vulnerability on Android <= 4.2.x

Vulnerable releases of several common Android Superuser packages may allow malicious Android applications to execute arbitrary commands as root without notifying the device owner: - ChainsDD Superuser current releases, including v3.1.3 - CyanogenMod/ClockWorkMod/Koush Superuser current releases,...

Android su applications privilege escalation

Unsafe environment variables and file descriptors usage...

CVE-2013-3985

The Enterprise Meeting Server in IBM Lotus Sametime 8.5.2 and 8.5.2.1 does not properly restrict application cookies, which allows remote attackers to read session variables by leveraging a weak setting of the Domain variable...