CVE-2002-1687

Buffer overflow in the diagnostics library in AIX allows local users to "cause data and instructions to be overwritten" via a long DIAGNOSTICS environment variable...

Low: Red Hat Security Advisory: glibc security update

Updated glibc packages that address several bugs are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. The GNU libc packages known as glibc contain the standard C libraries used by applications. It was discovered that the use of LDDEBUG...

CVE-2005-1336

Buffer overflow in the Foundation framework for Mac OS X 10.3.9 allows local users to execute arbitrary code via a long environment variable...

CVE-2005-1336

Buffer overflow in the Foundation framework for Mac OS X 10.3.9 allows local users to execute arbitrary code via a long environment variable...

CVE-2005-1394

Format string vulnerability in ArcGIS for ESRI ArcInfo Workstation 9.0 allows local users to gain privileges via format string specifiers in the ARCHOME environment variable to 1 wservice or 2 lockmgr...

CVE-2005-1394

Format string vulnerability in ArcGIS for ESRI ArcInfo Workstation 9.0 allows local users to gain privileges via format string specifiers in the ARCHOME environment variable to 1 wservice or 2 lockmgr...

CVE-2005-1395

Buffer overflow in Ce/Ceterm aka ARPUS/Ce 2.5.4 and earlier may allow local users to gain privileges via a long 1 XAPPLRESLANGPATH or 2 XAPPLRESDIR environment variable, or 3 command line argument...

CVE-2005-1395

CVE-2005-1395 affects Ce/Ceterm (aka ARPUS/Ce) 2.5.4 and earlier. The vulnerability is a buffer overflow that can allow local users to gain privileges when a long environment variable (XAPPLRESLANGPATH or XAPPLRESDIR) is set or via a long command line argument. The Red Hat and NVD entries confirm...

CVE-2005-0497

ADP Elite System Max 9000 allows remote authenticated users to gain privileges by uploading a .profile that sets the ADPROOT environment variable to the root directory...

CVE-2005-1019

Buffer overflow in the getConfig function in Aeon 0.2a and earlier allows local users to gain privileges via a long HOME environment variable...

PT-2005-2391 · Esri · Esri Arcinfo Workstation

Name of the Vulnerable Software and Affected Versions: ESRI ArcInfo Workstation version 9.0 Description: The issue allows local users to gain privileges via format string specifiers in the ARCHOME environment variable, affecting components such as wservice or lockmgr. Recommendations: For ESRI...

ARPUSCe - Local Overflow (setuid) (Perl)

ARPUSCe - Local Overflow setuid Perl !/usr/bin/perl -w Setuid ARPUS/ce exploit by KF - kflistsatdigitalmunitiondotcom - 4/21/05 Copyright Kevin Finisterre kfinisterre@threat:/tmp$ ./ceex.pl sh-2.05b id uid=0root gid=1000kfinisterre groups=20dialout,24cdrom,25floppy,29audio,44video,1000kfinisterre...

CVE-2001-1457

Buffer overflow in CrazyWWWBoard 2000p4 and 2000LEp5 allows remote attackers to execute arbitrary code via a long HTTPUSERAGENT CGI environment variable...

CVE-2003-0061

Buffer overflow in passwd for HP UX B.10.20 allows local users to execute arbitrary commands with root privileges via a long LANG environment variable...

portupgrade -- insecure temporary file handling vulnerability

Simon L. Nielsen discovered that portupgrade handles temporary files in an insecure manner. This could allow an unprivileged local attacker to execute arbitrary commands or overwrite arbitrary files with the permissions of the user running portupgrade, typically root, by way of a symlink attack...

CVE-2005-1019

Buffer overflow in the getConfig function in Aeon 0.2a and earlier allows local users to gain privileges via a long HOME environment variable...

CVE-2005-1019

CVE-2005-1019 affects Aeon 0.2a and earlier, where a buffer overflow in the getConfig function lets local users gain privileges via a long HOME environment variable. The CVSSv2 base score is 7.2 (HIGH) with Local attack vector and no authentication required; confidentiality, integrity, and availa...

CVE-2005-0351

Buffer overflow in 1 termsh, 2 atcronsh, and 3 auditsh in SCO OpenServer 5.0.6 and 5.0.7 might allow local users to execute arbitrary code via a long HOME environment variable...

CVE-2005-0351

Buffer overflow in 1 termsh, 2 atcronsh, and 3 auditsh in SCO OpenServer 5.0.6 and 5.0.7 might allow local users to execute arbitrary code via a long HOME environment variable...

CVE-2002-1604

Multiple buffer overflows in HP Tru64 UNIX allow local and possibly remote attackers to execute arbitrary code via a long NLSPATH environment variable to 1 csh, 2 dtsession, 3 dxsysinfo, 4 imapd, 5 inc, 6 uucp, 7 uux, 8 rdist, or 9 deliver...