X11R6 < 6.4 XKEYBOARD (Solaris/SPARC) - Local Buffer Overflow (2)

/ $Id: raptorxkb.c,v 1.1 2006/09/13 16:18:36 raptor Exp $ raptorxkb.c - XKEYBOARD Strcmp, Solaris/SPARC 8/9/10 Copyright c 2006 Marco Ivaldi Buffer overflow in the Strcmp function in the XKEYBOARD extension in X Window System X11R6.4 and earlier, as used in SCO UnixWare 7.1.3 and Sun Solaris 8...

X11R6 < 6.4 XKEYBOARD (Solaris/SPARC) - Local Buffer Overflow (1)

/ X11R6 XKEYBOARD extension Strcmp for Sun Solaris 8 9 10 SPARC Copyright 2006 RISE Security , Ramon de Carvalho Valle This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either...

CVE-2006-4124

The libXm library in LessTif 0.95.0 and earlier allows local users to gain privileges via the DEBUGFILE environment variable, which is used to create world-writable files when libXm is run from a setuid program...

CVE-2006-4124

The libXm library in LessTif 0.95.0 and earlier allows local users to gain privileges via the DEBUGFILE environment variable, which is used to create world-writable files when libXm is run from a setuid program...

CVE-2006-4124

The libXm library in LessTif 0.95.0 and earlier allows local users to gain privileges via the DEBUGFILE environment variable, which is used to create world-writable files when libXm is run from a setuid program...

CVE-2006-4124

The CVE-2006-4124 issue affects the libXm library in LessTif

CVE-2006-3862

Buffer overflow in IBM Informix Dynamic Server IDS 9.40.TC5 through 9.40.xC7 and 10.00.TC1 through 10.00.xC3 allows attackers to execute arbitrary code via the SQLIDEBUG environment variable envariable...

CVE-2006-3862

Buffer overflow in IBM Informix Dynamic Server IDS 9.40.TC5 through 9.40.xC7 and 10.00.TC1 through 10.00.xC3 allows attackers to execute arbitrary code via the SQLIDEBUG environment variable envariable...

Solaris 8/9 ps - Environment Variable Information leak

Solaris 8/9 ps - Environment Variable Information leak. CVE-1999-1587. Local exploit for Solaris platform !/bin/sh $Id: raptorucbps,v 1.1 2006/07/26 12:15:42 raptor Exp $ raptorucbps - information leak with Solaris /usr/ucb/ps Copyright c 2006 Marco Ivaldi A security vulnerability in the...

DEBIAN-CVE-2006-3848

Cross-site scripting XSS vulnerability in CGI wrapper for IP Calculator IPCalc 0.40 allows remote attackers to inject arbitrary web script or HTML via the URI REQUESTURI environment variable, which is used in the actionurl variable...

CVE-2006-3159

pipemaster in Sun ONE/iPlanet Messaging Server 5.2 HotFix 1.16 built May 14 2003 allows local users to read portions of restricted files via a symlink attack on msg.conf in a directory identified by the CONFIGROOT environment variable, which returns the first line of the file in an error message...

CVE-2006-3159

pipemaster in Sun ONE/iPlanet Messaging Server 5.2 HotFix 1.16 built May 14 2003 allows local users to read portions of restricted files via a symlink attack on msg.conf in a directory identified by the CONFIGROOT environment variable, which returns the first line of the file in an error message...

DSA-1075-1 awstats - programming error

Bulletin has no description...

Design/Logic Flaw

Unspecified vulnerability in the sapdba command in SAP with Informix before 700, and 700 up to patch 100, allows local users to execute arbitrary commands via unknown vectors related to "insecure environment variable" handling...

CVE-2006-2547

Unspecified vulnerability in the sapdba command in SAP with Informix before 700, and 700 up to patch 100, allows local users to execute arbitrary commands via unknown vectors related to "insecure environment variable" handling...

CVE-2006-2547

Unspecified vulnerability in the sapdba command in SAP with Informix before 700, and 700 up to patch 100, allows local users to execute arbitrary commands via unknown vectors related to "insecure environment variable" handling...

CVE-2006-2547

CVE-2006-2547 affects SAP with Informix, specifically the sapdba command. The vulnerability arises from insecure environment variable handling, enabling local users to run arbitrary commands via unknown vectors. Affected scope is SAP Informix deployments before version 700 and 700 up to patch 100...

FreeBSD : sudo -- arbitrary command execution (1b725079-9ef6-11da-b410-000e0c2e438a)

Tavis Ormandy reports : The bash shell uses the value of the PS4 environment variable after expansion as a prefix for commands run in execution trace mode. Execution trace mode xtrace is normally set via bash's -x command line option or interactively by running 'set -o xtrace'. However, it may al...

CVE-2006-2183

Untrusted search path vulnerability in Truecrypt 4.1, when running suid root on Linux, allows local users to execute arbitrary commands and gain privileges via a modified PATH environment variable that references a malicious mount command...

CVE-2006-2183

CVE-2006-2183 affects TrueCrypt 4.1 on Linux when running as a set-user-ID root process. The vulnerability arises from an untrusted search path: a modified PATH environment variable referencing a malicious mount command could allow local users to execute arbitrary commands and gain privileges. Th...