10 matches found
SUSE CVE-2017-3226
Das U-Boot is a device bootloader that can read its configuration from an AES encrypted file. Devices that make use of Das U-Boot's AES-CBC encryption feature using environment encryption i.e., setting the configuration parameter CONFIGENVAES=y read environment variables from disk as the encrypte...
UBUNTU-CVE-2021-22898
curl 7.7 through 7.76.1 suffers from an information disclosure when the -t command line option, known as CURLOPTTELNETOPTIONS in libcurl, is used to send variable=content pairs to TELNET servers. Due to a flaw in the option parser for sending NEWENV variables, libcurl could be made to pass on...
UBUNTU-CVE-2017-3226
Das U-Boot is a device bootloader that can read its configuration from an AES encrypted file. Devices that make use of Das U-Boot's AES-CBC encryption feature using environment encryption i.e., setting the configuration parameter CONFIGENVAES=y read environment variables from disk as the encrypte...
FreeBSD : sudo -- Secure path vulnerability (d42e5b66-6ea0-11df-9c8d-00e0815b8da8)
Todd Miller reports : Most versions of the C library function getenv return the first instance of an environment variable to the caller. However, some programs, notably the GNU Bourne Again SHell bash, do their own environment parsing and may choose the last instance of a variable rather than the...
sudo -- Secure path vulnerability
Todd Miller reports: Most versions of the C library function getenv return the first instance of an environment variable to the caller. However, some programs, notably the GNU Bourne Again SHell bash, do their own environment parsing and may choose the last instance of a variable rather than the...
Multiple Cyrus-SASL bugs
Buffer overflow in digestmda5.c and during environment parsing. User supplied modules are loaded into suid application...
lbreakout2 buffer overflow
Buffer overflow on environment parsing...
libXcursor buffer overflow
Buffer overflow on HOME environment parsing...
AIX utilities multiple bugs
Buffer overflows in errpt -T option parsing, lsmcode environment parsing. Symbolic link bug in diagrpt...
Buffer overflow in Interbase
Heap overflow on environment parsing...