7710 matches found
AutomatedShops WebC 2.0/5.0 - Symbolic Link Following Configuration File
source: https://www.securityfocus.com/bid/7272/info It has been reported that WebC will execute in the directory of a symbolic link from which it is invoked. Because of this, it may be possible for a local user to load a configuration file that enabled dangerous variables. $ cd /tmp $ ln -s...
Platform Load Sharing Facility 45 - LSF_ENVDIR Local Command Execution
Platform Load Sharing Facility 45 - LSFENVDIR Local Command Execution source: https://www.securityfocus.com/bid/7655/info It has been reported that Load Sharing Facility LSF does not properly handle input in environment variables. Because of this, an attacker may be able to gain escalated...
Platform Load Sharing Facility 4/5 - 'LSF_ENVDIR' Local Command Execution
source: https://www.securityfocus.com/bid/7655/info It has been reported that Load Sharing Facility LSF does not properly handle input in environment variables. Because of this, an attacker may be able to gain escalated privileges on a vulnerable system. LSF 5.1 'lsadmin' local root exploit...
PHPPing 0.1 - Remote Command Execution
PHPPing 0.1 - Remote Command Execution source: https://www.securityfocus.com/bid/7030/info A vulnerability has been reported in PHPPing that may allow remote attackers to execute commands on vulnerable systems. The vulnerability exists in the index.php script file. Some variables are not properly...
PHPPing 0.1 - Remote Command Execution
source: https://www.securityfocus.com/bid/7030/info A vulnerability has been reported in PHPPing that may allow remote attackers to execute commands on vulnerable systems. The vulnerability exists in the index.php script file. Some variables are not properly sanitized of malicious shell...
GLIBC locale - Format Strings
/ su.c by xp, modified by logikal@efnet - tested on redhat 5 - 7 / include include include include include include include include char shellcode = "\x31\xc0\x83\xc0\x17\x31\xdb\xcd\x80\xeb" "\x30\x5f\x31\xc9\x88\x4f\x17\x88\x4f\x1a" "\x8d\x5f\x10\x89\x1f\x8d\x47\x18\x89\x47"...
Solaris 2.x/7.0/8 - Derived 'login' Remote Buffer Overflow
source: https://www.securityfocus.com/bid/3681/info The 'login' program is used in UNIX systems to authenticate users with a username and password. The utility is typically invoked at the console, by 'telnetd', 'rlogind', and if configured to do so, SSH. Versions of 'login' descended from System ...
multiple buffer overflows in xboing
Steve Kemp reports in a Debian bug submission: Due to improper bounds checking it is possible for a malicious user to gain a shell with membership group 'games'. The binary is installed setgid games. Environmental variables are used without being bounds-checked in any way, from the source code:...
CVE-2002-1632
Oracle 9i Application Server 9iAS installs multiple sample pages that allow remote attackers to obtain environment variables and other sensitive information via 1 info.jsp, 2 printenv, 3 echo, or 4 echo2...
CVE-2002-2278
Cross-site scripting XSS vulnerability in modsearch/index.php in PortailPHP 0.99 allows remote attackers to inject arbitrary web script or HTML via the 1 $AppTheme, 2 $RubSearch, 3 $RubNews, 4 $RubFile, 5 $RubLiens, or 6 $RubFaq variables...
CVE-2002-2277
SQL injection vulnerability in modsearch/index.php in PortailPHP 0.99 allows remote attackers to execute arbitrary SQL commands via the 1 $rech, 2 $BDTabdocs, 3 $BDTabfile, 4 $BDTabliens, 5 $BDTabfaq, or 6 $chemin variables...
CVE-2002-2002
Buffer overflow in libc in Compaq Tru64 4.0F, 5.0, 5.1 and 5.1A allows attackers to execute arbitrary code via long 1 LANG and 2 LOCPATH environment variables...
Emacs 2.1 - Local Variable Arbitrary Command Execution
source: https://www.securityfocus.com/bid/15375/info Emacs is susceptible to an arbitrary command execution vulnerability with local variables. This issue is due to insufficient sanitization of user-supplied input. By modifying a text file to include local variables containing containing shell...
MyMarket 1.71 - 'Form_Header.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/6035/info MyMarket is prone to cross-site scripting attacks. HTML tags and script code are not sanitized from CGI variables which may cause user-supplied input to be displayed. As a result, an attacker can create a link to a site running the vulnerable...
Information Disclosure with Invision Board installation (fwd)
Message Index Thread Index Reply prev Msg by Date next Msg by Date To: BugTraq Subject: Information Disclosure with Invision Board installation fwd Date: Sep 24 2002 10:11PM Author: Gossi The Dog [email protected] Message-ID: [email protected] Since the vendor...
Buffer overflow in qmailadmin
Buffer overflow on environment variables parsing...
CVE-2001-0872
Technical details for CVE-2001-0872 are not provided in the connected documents. The initial description notes OpenSSH 3.0.1 with UseLogin and LD_PRELOAD cleansing issue. Monitor for updates.
CVE-2002-0043
sudo 1.6.0 through 1.6.3p7 does not properly clear the environment before calling the mail program, which could allow local users to gain root privileges by modifying environment variables and changing how the mail program is invoked...
CVE-2001-1357
CVE-2001-1357 affects phpMyChat prior to 0.14.5. Vulnerabilities are in three PHP files: input.php3, handle_inputH.php3, and index.lib.php3. The description notes unknown consequences with possible user spoofing or improperly initialized variables; no concrete impact or exploit details are provid...
CVE-2001-1357
Multiple vulnerabilities in phpMyChat before 0.14.5 exist in 1 input.php3, 2 handleinputH.php3, or 3 index.lib.php3 with unknown consequences, possibly related to user spoofing or improperly initialized variables...