Tower Toppler 0.96 HOME Environment Variable Local Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8132/info A problem with the software may make elevation of privileges possible. It has been reported that a buffer overflow exists in Tower Toppler. A local user may be able to exploit this issue to execute code with the...

Armidale Software Yapp Conferencing System 2.2 - Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/365/info Armidale Software's Yapp Conferencing System is vulnerable to an environment variable related buffer overflow vulnerability in at least the Linux version. The consequence of the vulnerability being exploited is a...

kpopup 0.9.x Privileged Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8915/info It has been alleged that it is possible for local attackers to gain root privileges through kpopup, which is is installed setuid root by default. According to the report, kpopup uses the system3 C-library functi...

Linuxconf 1.1.x/1.2.x Local Environment Variable Buffer Overflow Vulnerability (3)

No description provided by source. source: http://www.securityfocus.com/bid/5585/info Linuxconf is a Linux configuration utility from Solucorp. It is typically installed as a setuid root utility for the management and configuration of Linux operating systems. A buffer overflow vulnerability has...

BRU 15.1/16.0 BRUEXECLOG Environment Variable Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1321/info A vulnerability exists in BRU, the Backup and Restore Utility, from Enhanced Software Technologies. By setting the value of the BRUEXECLOG environment variable, it is possible to an attack to alter and create...

davfs2 1.4.6/1.4.7 - Local Privilege Escalation Exploit

No description provided by source. davfs2 1.4.6/1.4.7 local privilege escalation exploit Bug Description: davfs2 is a Linux utility which allows OS users to mount a remote webdav server as a local partition. The bug is well documented at http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=723034...

LGames LBreakout2 2.2.2 - Multiple Environment Variable Buffer Overflow Vulnerabilites

No description provided by source. source: http://www.securityfocus.com/bid/9712/info Multiple buffer overflow vulnerabilities exist in the environment variable handling of LBreakout2. The issue is due to an insufficient boundary checking of certain environment variables used by the affected...

Platform Load Sharing Facility 4/5/6 EAuth Privilege Escalation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9724/info Load Sharing Facility eauth component has been reported prone to privilege escalation vulnerability. The eauth component is responsible for controlling authentication procedures within Load Sharing Facility. An...

OpenBSD 3.9/4.0 LD.SO Local Environment Variable Clearing Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/21188/info OpenBSD is prone to a local vulnerability that may allow attackers to pass malicious environment variables to applications, bypassing expected security restrictions. Attackers may be able to exploit this issue ...

HP-UX 11 CDE DTPrintInfo Display Environment Variable Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8795/info It has been reported that dtprintinfo, installed setuid root by default, is susceptible to a locally exploitable buffer overflow vulnerability. The condition is triggered when the value of the DISPLAY environmen...

Solaris <= 7.0 chkperm Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/295/info Solaris 2.4, 2.5, and 2.5.1 possibly other versions have a package called FACE Framed Access Command Environment installed. Included in the package is a program called chkperm which checks a file to see if the us...

MTink 0.9.x Printer Status Monitor Environment Variable Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6656/info mtink is prone to a locally exploitable buffer overflow condition. This is due to insufficient bounds checking of the HOME environment variable. mtink is reportedly installed setgid 'sys' on Mandrake Linux, so i...

S.u.S.E. Linux 6.2 sscw HOME Environment Variable Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/656/info A buffer overflow vulnerability in sscw's handling of the HOME environment variable allows local users to gain root privileges. !/bin/bash Linux x86 exploit for /usr/bin/sccw on SuSE 6.2 -Brock Tellier...

Rational ClearCase 3.2/4.x DB Loader TERM Environment Variable Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3523/info ClearCase is a commercially available software change management package. It is maintained and distributed by Rational. A problem with the package could lead to a local user gaining elevated privileges. The...

qmailadmin 1.0.x Local Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5404/info The qmailadmin utility, developed by Inter7, is vulnerable to a buffer overflow condition. It is meant to run as a CGI program and is typically installed setuid owned by root on some systems, regular users on...

Halloween Linux 4.0,RedHat Linux 6.1/6.2 imwheel Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/1060/info A vulnerability exists in the 'imwheel' package for Linux. This package is known to be vulnerable to a buffer overrun in its handling of the HOME environment variable. By supplying a sufficiently long string...

Sudo Perl 1.6.x Environment Variable Handling Security Bypass Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/15394/info Sudo is prone to a security-bypass vulnerability that could lead to arbitrary code execution. This issue is due to an error in the application when handling the 'PERLLIB', 'PERL5LIB', and 'PERL5OPT' environment...

Progress Database 9.1 Environment Variable Local Privilege Escalation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7916/info It has been reported that Progress database does not properly handle untrusted input when opening shared libraries. Specifically, the dlopen function used by several Progress utilities checks the user's PATH...

RedHat restore 0.4 b15 Insecure Environment Variables Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1914/info restore is a program for backup and recovery procedures, distributed with the RedHat Linux Operating System. A vulnerability exists that could allow a user elevated permissions. The problem occurs in the RSH...

Sudo 1.6.x Environment Variable Handling Security Bypass Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/16184/info Sudo is prone to a security-bypass vulnerability that could lead to arbitrary code execution. This issue is due to an error in the application when handling environment variables. A local attacker with the...