Greg Matthews - 'Classifieds.cgi' 1.0 Hidden Variable

source: https://www.securityfocus.com/bid/2019/info Classifieds.cgi is a perl script part of the classifieds package by Greg Matthews which provides simple classified ads to web sites. Due to improper input validation it can be used to execute any command on the host machine, with the privileges ...

Greg Matthews - Classifieds.cgi 1.0 Hidden Variable

Greg Matthews - Classifieds.cgi 1.0 Hidden Variable source: https://www.securityfocus.com/bid/2019/info Classifieds.cgi is a perl script part of the classifieds package by Greg Matthews which provides simple classified ads to web sites. Due to improper input validation it can be used to execute a...

CVE-1999-1435

Buffer overflow in libsocks5 library of Socks 5 socks5 1.0r5 allows local users to gain privileges via long environmental variables...

NCSA httpd-campas 1.2 - sample script

NCSA httpd-campas 1.2 - sample script source: https://www.securityfocus.com/bid/1975/info Campas is a sample CGI script shipped with some older versions of NCSA HTTPd, an obsolete web server package. The versions that included the script could not be determined as the server is no longer...

Solaris 2.5.0/2.5.1 ps / chkey - Data Buffer

cat psexpl.po psexpl.c include include include define BUFLENGTH 632 define EXTRA 256 int mainint argc, char argv char bufBUFLENGTH + EXTRA; / ps will grok this file for the exploit code / char envp="NLSPATH=/tmp/foo",0; ulong longp; uchar charp; / This will vary depending on your libc / ulong...

CVE-1999-0073

Telnet allows a remote client to specify environment variables including LDLIBRARYPATH, allowing an attacker to bypass the normal system libraries and gain root access...

PT-1995-1001

Name of the Vulnerable Software and Affected Versions Telnet affected versions not specified Description The issue allows a remote client to specify environment variables, including LD LIBRARY PATH, which can be exploited by an attacker to bypass the normal system libraries and gain root access...

SunOS 4.1.3 - LD_LIBRARY_PATH / LD_OPTIONS

source: https://www.securityfocus.com/bid/43/info There exists a vulnerability involving environment variables and setuid/setgid programs under SunOS 4.0 and higher. A dynamically-linked program that is invoked by a setuid/setgid program has access to the caller's LD environmental variables if th...

SunOS 4.1.3 - LD_LIBRARY_PATH LD_OPTIONS

SunOS 4.1.3 - LDLIBRARYPATH LDOPTIONS source: https://www.securityfocus.com/bid/43/info There exists a vulnerability involving environment variables and setuid/setgid programs under SunOS 4.0 and higher. A dynamically-linked program that is invoked by a setuid/setgid program has access to the...

PT-2014-9085 · Openbsd +10 · Openssh Sshd +11

Name of the Vulnerable Software and Affected Versions: bash versions prior to 4.3 bash-3.0 bash-3.2 bash-4.1.2 bash-4.2.45 bash-debuginfo bash-debuginfo-3.2 bash-debuginfo-4.1.2 bash-debuginfo-4.2.45 bash-debugsource bash-devel bash-doc bash-doc-4.1.2 bash-doc-4.2.45 bash-loadables...