[SNS Advisory No.51] Compaq Tru64 UNIX libc Buffer Overflow Vulnerability

---------------------------------------------------------------------- SNS Advisory No.51 Compaq Tru64 UNIX libc Buffer Overflow Vulnerability Problem first discovered: Sun, 18 Nov 2001 Published: Thu, 17 Apr 2002 ---------------------------------------------------------------------- Overview:...

CVE-2001-1159

SquirrelMail 1.0.4 and earlier are affected by CVE-2001-1159 due to improper initialization of PHP variables in load_prefs.php and related include files. This allows remote attackers to (1) view sensitive files via the config_php and data_dir options, and (2) execute arbitrary PHP code by uploadi...

CVE-2001-1159

loadprefs.php and supporting include files in SquirrelMail 1.0.4 and earlier do not properly initialize certain PHP variables, which allows remote attackers to 1 view sensitive files via the configphp and datadir options, and 2 execute arbitrary code by using optionsorder.php to upload a message...

CVE-2001-1128

The CVE-2001-1128 vulnerability affects Progress database versions 8.3D and 9.1C. A buffer overflow is triggered by long entries in files specified via the PROMSGS or PROTERMCAP environment variables, allowing local code execution. The available documents confirm the vulnerable component and the ...

CVE-2001-1128

Buffer overflow in Progress database 8.3D and 9.1C allows local users to execute arbitrary code via long entries in files that are specified by the 1 PROMSGS or 2 PROTERMCAP environment variables...

CVE-2000-0892

Some telnet clients allow remote telnet servers to request environment variables from the client that may contain sensitive information, or remote web servers to obtain the information via a telnet: URL...

CVE-2001-0652

Heap overflow in xlock in Solaris 2.6 through 8 allows local users to gain root privileges via a long 1 XFILESEARCHPATH or 2 XUSERFILESEARCHPATH environmental variable...

CVE-2000-0892

CVE-2000-0892 describes a vulnerability where some telnet clients may disclose environment variables to remote telnet servers or via telnet: URLs, due to RFC 1572 (NEW-ENVIRON). The underlying issue is the ability of a server to request environment variables before authentication, potentially exp...

CVE-1999-1142

SunOS 4.1.2 and earlier allows local users to gain privileges via LD_* environment variables affecting dynamically linked setuid/setgid programs (e.g., login, su, sendmail) by causing real and effective UIDs to the same user. This yields a local escalation with complete confidentiality and integr...

CVE-2001-0976

Vulnerability in HP Process Resource Manager PRM C.01.08.2 and earlier, as used by HP-UX Workload Manager WLM, allows local users to gain root privileges via modified libraries or environment variables...

CVE-2001-1076

Buffer overflow in whodo in Solaris SunOS 5.5.1 through 5.8 allows local users to execute arbitrary code via a long 1 SOR or 2 CFIME environment variable...

CVE-2001-0976

HP Process Resource Manager (PRM) C.01.08.2 and earlier, used by HP-UX Workload Manager (WLM), is vulnerable to local privilege escalation via manipulated libraries or environment variables. Root privileges can be gained by a local user due to the underlying insecure handling of library paths and...

CVE-2002-0043

sudo 1.6.0 through 1.6.3p7 does not properly clear the environment before calling the mail program, which could allow local users to gain root privileges by modifying environment variables and changing how the mail program is invoked...

Переполнение буфера в sastcpd (buffer overflow)

переполнение буфера, ошибка форматной строки, использование переменных пользователя для запуска внешних приложений...

sastcpd 8.0 'authprog' local root vulnerability

Hi, Several environment variable problems exist in the 'SAS Job Spawner for Open Systems version 8.00'. No other releases of the software were available to test. Sorry. authprog vulnerability ---------------------- The daemon passes a user-defined environment variable, 'authprog', to execve. This...

FastCGI Multiple Sample CGI XSS

Two sample CGI's supplied with FastCGI are vulnerable to cross-site scripting attacks. FastCGI is an 'open extension to CGI that provides high performance without the limitations of server specific APIs', and is included in the default installation of the 'Unbreakable' Oracle9i Application Server...

Переполнение буфера в clanlib (buffer overflow)

Переполнение буфера при разборе переменных окружения...

FreeBSD-SA-02:06.sudo

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-02:06 Security Advisory FreeBSD, Inc. Topic: sudo port may enable local privilege escalation Category: ports Module: sudo Announced: 2002-01-16 Credits: Sebastian Krahmer...

Sudo 1.6.3 - Unclean Environment Variable Privilege Escalation

Sudo 1.6.3 - Unclean Environment Variable Privilege Escalation source: https://www.securityfocus.com/bid/3871/info Sudo is a freely available, open source permissions management software package available for the Linux and Unix operating systems. It is maintained by Todd C. Miller. Under some...

[SECURITY] [DSA-094-1] mailman cross-site scripting problem

Package : mailman Problem type : cross-site scripting hole Debian-specific: no Barry A. Warsaw reported several cross-site scripting security holes in Mailman, due to non-existent escaping of CGI variables. These have been fixed upstream in version 2.0.8, and the relevant patches have been...