RHEL 3 : initscripts (RHSA-2006:0015)

Updated initscripts packages that fix a privilege escalation issue and several bugs are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The initscripts package contains the basic system scripts used to boot your Red Hat system,...

initscripts security update

CentOS Errata and Security Advisory CESA-2006:0015 Updated initscripts packages that fix a privilege escalation issue and several bugs are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The initscripts package contains the basic...

security flaw

initscripts in Red Hat Enterprise Linux 4 does not properly handle certain environment variables when /sbin/service is executed, which allows local users with sudo permissions for /sbin/service to gain root privileges via unknown vectors...

Moderate: Red Hat Security Advisory: initscripts security update

Updated initscripts packages that fix a privilege escalation issue and several bugs are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The initscripts package contains the basic system scripts used to boot your Red Hat system,...

phparcadescriptxss.txt

——–summary software: phpArcadeScript vendors website: http://www.phparcadescript.com/ versions: this poor coding is repetative throughought the application, possibly having more vulnerabilities present in the coding. ——– exploits...

simplogsploit.txt

——–summary software: simplog vendors website: http://daverave.64digits.com/home.php?page=simplog versions: directory transversal: http://example.com/index.php?act=blog&blogid=../somefile http://example.com/index.php?act=../somefile ——– credit authors: retard and jim email: [email protected]...

CVE-2005-3629

CVE-2005-3629 affects initscripts in Red Hat Enterprise Linux 4. A bug in how environment variables are handled when /sbin/service is executed allows a local user with sudo access to /sbin/service to run commands with root privileges. Public advisories (RHSA-2006:0015, RHSA-2006:0016) and CentOS/...

security flaw

initscripts in Red Hat Enterprise Linux 4 does not properly handle certain environment variables when /sbin/service is executed, which allows local users with sudo permissions for /sbin/service to gain root privileges via unknown vectors...

phpArcadeScript XSS Injections

——–summary software: phpArcadeScript vendors website: http://www.phparcadescript.com/ versions: = 2.0 class: remote status: unpatched exploit: available solution: not available discovered by: retard and jim risk level: medium ——– description due to phpArcadeScript excessive use of global variable...

EV0082.txt

New eVuln Advisory: Leif M. Wright's Blog Multiple Vulnerabilities http://evuln.com/vulns/82/summary.html --------------------Summary---------------- eVuln ID: EV0082 CVE: CVE-2006-0843 CVE-2006-0844 CVE-2006-0845 CVE-2006 Software: Leif M. Wright's Blog Sowtware's Web Site:...

CVE-2006-0963

Multiple buffer overflows in STLport 5.0.2 might allow local users to execute arbitrary code via 1 long locale environment variables to a strcpy function call in clocaleglibc2.c and 2 long arguments to unspecified functions in numputfloat.cpp...

Buffer overflow

Multiple buffer overflows in STLport 5.0.2 might allow local users to execute arbitrary code via 1 long locale environment variables to a strcpy function call in clocaleglibc2.c and 2 long arguments to unspecified functions in numputfloat.cpp...

PmWiki < 2.1 beta 21 Multiple Vulnerabilities

The remote host is running PmWiki, an open source Wiki written in PHP. The version of PmWiki installed on the remote host allows attackers to overwrite global variables if run under PHP 5 with 'registerglobals' enabled. For example, an attacker can exploit this issue to overwrite the 'FarmD'...

Code injection

desktop.php in eyeOS 0.8.9 and earlier tests for the existence of the SESSION variable before calling the sessionstart function, which allows remote attackers to execute arbitrary PHP code and possibly conduct other attacks by modifying critical assumed-immutable variables, as demonstrated using...

Race condition

Race condition in phfont in QNX Neutrino RTOS 6.2.1 allows local users to execute arbitrary code via unspecified manipulations of the PHFONT and PHOTON2PATH environment variables...

CVE-2006-0620

Race condition in phfont in QNX Neutrino RTOS 6.2.1 allows local users to execute arbitrary code via unspecified manipulations of the PHFONT and PHOTON2PATH environment variables...

CVE-2006-0620

Race condition in phfont in QNX Neutrino RTOS 6.2.1 allows local users to execute arbitrary code via unspecified manipulations of the PHFONT and PHOTON2PATH environment variables...

CVE-2006-0619

Multiple stack-based buffer overflows in QNX Neutrino RTOS 6.3.0 allow local users to execute arbitrary code via long 1 ABLPATH or 2 ABLANG environment variables in the libAP library libAp.so.2 or 3 a long PHOTONPATH environment variable to the setitem function in the libph library...

kernel security update

CentOS Errata and Security Advisory CESA-2006:0191-01 Updated kernel packages that fix a number of security issues as well as other bugs are now available for Red Hat Enterprise Linux 2.1 32 bit architectures This security advisory has been rated as having important security impact by the Red Hat...

CVE-2003-1291

VMware ESX Server 1.5.2 before Patch 4 allows local users to execute arbitrary programs as root via certain modified VMware ESX Server environment variables...