8 matches found
GHSA-G6QQ-C9F9-2772 Keycloak on Quarkus CLI option for encrypted JGroups ignored
The env option KCCACHEEMBEDDEDMTLSENABLED does not work and the jgroups replication configuration is always used in plain. This option worked before in 24 and 22. More info in public issue https://github.com/keycloak/keycloak/issues/34644...
CVE-2014-9680
sudo before 1.8.12 does not ensure that the TZ environment variable is associated with a zoneinfo file, which allows local users to open arbitrary files for read access but not view file contents by running a program within an sudo session, as demonstrated by interfering with terminal output,...
MTink 0.9.x - Printer Status Monitor Environment Variable Buffer Overflow
source: https://www.securityfocus.com/bid/6656/info mtink is prone to a locally exploitable buffer overflow condition. This is due to insufficient bounds checking of the HOME environment variable. mtink is reportedly installed setgid 'sys' on Mandrake Linux, so it is possible that this issue may ...
Sudo 1.6.3 - Unclean Environment Variable Privilege Escalation
source: https://www.securityfocus.com/bid/3871/info Sudo is a freely available, open source permissions management software package available for the Linux and Unix operating systems. It is maintained by Todd C. Miller. Under some circumstances, sudo does not properly sanitize the environment it...
CVE-2001-0872
OpenSSH 3.0.1 and earlier with UseLogin enabled does not properly cleanse critical environment variables such as LDPRELOAD, which allows local users to gain root privileges...
Rational ClearCase 3.24.x - DB Loader TERM Environment Variable Buffer Overflow
Rational ClearCase 3.24.x - DB Loader TERM Environment Variable Buffer Overflow // source: https://www.securityfocus.com/bid/3523/info ClearCase is a commercially available software change management package. It is maintained and distributed by Rational. A problem with the package could lead to a...
KDE 1.1/1.1.1/1.1.2/1.2 - kdesud DISPLAY Environment Variable Overflow
// source: https://www.securityfocus.com/bid/1274/info /usr/bin/kdesud has a DISPLAY environment variable overflow which could allow for the execution of arbitrary code. / KDE: /usr/bin/kdesud exploit by noir x86/Linux [email protected] | [email protected] DISPLAY env overflow this script will...
Oracle 8 8.1.5 - Intelligent Agent (2)
Oracle 8 8.1.5 - Intelligent Agent 2 // source: https://www.securityfocus.com/bid/585/info A vulnerability in the Oracle Intelligent Agent allows local malicious users to execute arbitrary commands and to create world writable files as the root user. The problem lies in the dbsnmp program located...