Slackware 8.1 / 9.0 / 9.1 / current : cvs (SSA:2004-140-01)

New cvs packages are available for Slackware 8.1, 9.0, 9.1, and -current to fix a buffer overflow vulnerability which could allow an attacker to run arbitrary programs on the CVS server. Sites running a CVS server should upgrade to the new CVS package right away. %NASLMINLEVEL 70300 C Tenable...

CVE-2004-2197

CVE-2004-2197 affects kdocker up to version 0.8. The binary kdocker.cpp fails to properly check file ownership, enabling local users to run arbitrary programs via ownership trust bypass. Affected component: kdocker.cpp in kdocker 0.1–0.8. Root cause: insufficient ownership verification. Impact: l...

CVE-2004-1885

Ipswitch WSFTP Server 4.0.2 allows remote authenticated users to execute arbitrary programs as SYSTEM by using the SITE command to modify certain iFtpSvc options that are handled by iftpmgr.exe...

CVE-2004-1885

WS_FTP Server 4.0.2 is affected by CVE-2004-1885. The vulnerability allows remote authenticated users to execute arbitrary programs as SYSTEM by using the SITE command to modify iFtpSvc options processed by iftpmgr.exe. This is a local/remote code-execution style impact described in the records, ...

CVE-2005-0627

Qt before 3.3.4 searches the BUILDPREFIX directory, which could be world-writable, to load shared libraries regardless of the LDLIBRARYPATH environment variable, which allows local users to execute arbitrary programs...

CVE-2005-0627

CVE-2005-0627 (Qt) : Qt before 3.3.4 searches the BUILD_PREFIX directory, which can be world-writable, to load shared libraries, effectively bypassing LD_LIBRARY_PATH and enabling a local user to execute arbitrary code. Affected product/versions: Qt up to 3.3.x prior to 3.3.4. Impact: local privi...

CVE-2005-0627

Qt before 3.3.4 searches the BUILDPREFIX directory, which could be world-writable, to load shared libraries regardless of the LDLIBRARYPATH environment variable, which allows local users to execute arbitrary programs...

CVE-2004-1175

fish.c in midnight commander allows remote attackers to execute arbitrary programs via "insecure filename quoting," possibly using shell metacharacters...

CVE-2004-1028

Untrusted execution path vulnerability in chcod on AIX IBM 5.1.0, 5.2.0, and 5.3.0 allows local users to execute arbitrary programs by modifying the PATH environment variable to point to a malicious "grep" program, which is executed from chcod...

CVE-2004-1329

The CVE describes an untrusted execution path vulnerability in IBM AIX 5.1–5.3: the diag commands (lsmcode, diag_exec, invscout, invscoutd) can be coerced into running arbitrary code when the DIAGNOSTICS environment variable is modified to reference a malicious Dctrl program. Affected components/...

CVE-2004-1028

CVE-2004-1028 describes a local privilege-escalation in IBM AIX chcod. The setuid root chcod on AIX 5.1.0/5.2.0/5.3.0 trusts PATH and invokes an external program named “grep.” If a local attacker can place a malicious grep in a directory in PATH and run chcod, arbitrary code could be executed wit...

CVE-2004-0841

The CVE-2004-0841 entry corresponds to Internet Explorer 6.x vulnerability commonly called Script in Image Tag File Download (also HijackClick 3). The connected advisories describe this as an IE vulnerability that allows a remote attacker to escalate privileges by abusing script execution in imag...

CVE-2003-1326

Microsoft Internet Explorer 5.5 and 6.0 are affected by CVE-2003-1326, which enables remote attackers to bypass cross-domain security and execute script or arbitrary code via dialog boxes. The issue centers on improper handling of dialog frames and the dialogArguments mechanism, enabling cross-do...

CVE-2004-0121

Argument injection vulnerability in Microsoft Outlook 2002 does not sufficiently filter parameters of mailto: URLs when using them as arguments when calling OUTLOOK.EXE, which allows remote attackers to use script code in the Local Machine zone and execute arbitrary programs...

CVE-2004-0648

Mozilla Suite before 1.7.1, Firefox before 0.9.2, and Thunderbird before 0.7.2 allow remote attackers to launch arbitrary programs via a URI referencing the shell: protocol...

CVE-2003-1041

Internet Explorer 5.x and 6.0 allows remote attackers to execute arbitrary programs via a modified directory traversal attack using a URL containing ".." dot dot sequences and a filename that ends in "::" which is treated as a .chm file even if it does not have a .chm extension. NOTE: this bug ma...

cvs

New cvs packages are available for Slackware 8.1, 9.0, 9.1, and -current to fix a buffer overflow vulnerability which could allow an attacker to run arbitrary programs on the CVS server. Sites running a CVS server should upgrade to the new CVS package right away. More details about this issue may...

CVE-2003-1291

VMware ESX Server 1.5.2 before Patch 4 allows local users to execute arbitrary programs as root via certain modified VMware ESX Server environment variables...

CVE-2003-0742

CVE-2003-0742 affects SCO Internet Manager (mana). Local users can trigger menu.mana to run in the context of ncsa_httpd by exporting REMOTE_ADDR and then modify PATH to point to a malicious hostname program, enabling arbitrary program execution with root privileges on OpenServer 5.0.5–5.0.7. The...

CVE-2002-0532

EMU Webmail allows local users to execute arbitrary programs via a .. dot dot in the HTTP Host header that points to a Trojan horse configuration file that contains a pageroot specifier that contains shell metacharacters...