6 matches found
MiracleLinux 3 : sudo-1.7.2p1-29.AXS3 (AXSA:2014-229:01)
The remote MiracleLinux 3 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2014-229:01 advisory. Sudo superuser do allows a system administrator to give certain users or groups of users the ability to run some or all commands as root while logging all...
CVE-2016-4748
Perl in Apple OS X before 10.12 allows local users to bypass the taint-mode protection mechanism via a crafted environment variable...
Code injection
Application Firewall in Apple OS X before 10.12 allows local users to cause a denial of service via vectors involving a crafted SOEXECPATH environment variable...
CVE-2016-4748
CVE-2016-4748 describes a localPrivilege bypass in Perl on macOS OS X before 10.12, where taint-mode protection can be bypassed via a crafted environment variable. The vulnerability affects Perl within macOS/OS X and is documented in Appleās security content for macOS Sierra 10.12. The connected ...
CVE-2011-1095
locale/programs/locale.c in locale in the GNU C Library aka glibc or libc6 before 2.13 does not quote its output, which might allow local users to gain privileges via a crafted localization environment variable, in conjunction with a program that executes a script that uses the eval function...
Design/Logic Flaw
systerm.c in telnetd in FreeBSD 7.0-RELEASE and other 7.x versions deletes dangerous environment variables with a method that was valid only in older FreeBSD distributions, which might allow remote attackers to execute arbitrary code by passing a crafted environment variable from a telnet client,...