2641 matches found
HP-UX 1011 - NLSPATH Environment Variable Format String (2)
HP-UX 1011 - NLSPATH Environment Variable Format String 2 // source: https://www.securityfocus.com/bid/8985/info HP-UX allows the NLSPATH to be set for setuid root programs, which use catopen3C and may be executed by other local users. This could result in privilege escalation as an attacker coul...
Sun Solaris dtsession buffer overflow
Heap overflow on HOME environment variable parsing...
HP-UX 10/11 - NLSPATH Environment Variable Format String (1)
// source: https://www.securityfocus.com/bid/8985/info HP-UX allows the NLSPATH to be set for setuid root programs, which use catopen3C and may be executed by other local users. This could result in privilege escalation as an attacker could specify an arbitrary path for a message catalogue, which...
CVE-2002-1503
Buffer overflow in Automatic File Distributor AFD 1.2.14 and earlier allows local users to gain privileges via a long MONWORKDIR environment variable or -w workdir argument to 1 afd, 2 afdcmd, 3 afdctrl, 4 initafd, 5 mafd, 6 monctrl, 7 showolog, or 8 udc...
CVE-2002-1472
Untrusted search path vulnerability in libX11.so in xfree86, when used in setuid or setgid programs, allows local users to gain root privileges via a modified LDPRELOAD environment variable that points to a malicious module...
XFree86 4.2 - XLOCALEDIR Local Buffer Overflow (2)
XFree86 4.2 - XLOCALEDIR Local Buffer Overflow 2 // source: https://www.securityfocus.com/bid/7002/info Several XFree86 utilities may be prone to a buffer overflow condition. The vulnerability exists due to insufficient boundary checks performed by these utilities when referencing the XLOCALEDIR...
XFree86 4.2 - XLOCALEDIR Local Buffer Overflow (1)
XFree86 4.2 - XLOCALEDIR Local Buffer Overflow 1 // source: https://www.securityfocus.com/bid/7002/info Several XFree86 utilities may be prone to a buffer overflow condition. The vulnerability exists due to insufficient boundary checks performed by these utilities when referencing the XLOCALEDIR...
XFree86 4.2 - 'XLOCALEDIR' Local Buffer Overflow (3)
// source: https://www.securityfocus.com/bid/7002/info Several XFree86 utilities may be prone to a buffer overflow condition. The vulnerability exists due to insufficient boundary checks performed by these utilities when referencing the XLOCALEDIR environment variable. A local attacker can exploi...
XFree86 4.2 - 'XLOCALEDIR' Local Buffer Overflow (2)
// source: https://www.securityfocus.com/bid/7002/info Several XFree86 utilities may be prone to a buffer overflow condition. The vulnerability exists due to insufficient boundary checks performed by these utilities when referencing the XLOCALEDIR environment variable. A local attacker can exploi...
Platform Load Sharing Facility 456 - EAuth Local Privilege Escalation
Platform Load Sharing Facility 456 - EAuth Local Privilege Escalation source: https://www.securityfocus.com/bid/9724/info Load Sharing Facility eauth component has been reported prone to privilege escalation vulnerability. The eauth component is responsible for controlling authentication procedur...
Platform Load Sharing Facility 4/5/6 - 'EAuth' Local Privilege Escalation
source: https://www.securityfocus.com/bid/9724/info Load Sharing Facility eauth component has been reported prone to privilege escalation vulnerability. The eauth component is responsible for controlling authentication procedures within Load Sharing Facility. An issue has been reported where an...
MTink 0.9.x - Printer Status Monitor Environment Variable Buffer Overflow
MTink 0.9.x - Printer Status Monitor Environment Variable Buffer Overflow source: https://www.securityfocus.com/bid/6656/info mtink is prone to a locally exploitable buffer overflow condition. This is due to insufficient bounds checking of the HOME environment variable. mtink is reportedly...
MTink 0.9.x - Printer Status Monitor Environment Variable Buffer Overflow
source: https://www.securityfocus.com/bid/6656/info mtink is prone to a locally exploitable buffer overflow condition. This is due to insufficient bounds checking of the HOME environment variable. mtink is reportedly installed setgid 'sys' on Mandrake Linux, so it is possible that this issue may ...
CVE-2002-2087
Buffer overflow in Borland InterBase 6.0 allows local users to execute arbitrary code via a long INTERBASE environment variable when calling 1 gdsdrop, 2 gdslockmgr, or 3 gdsinetserver...
CVE-2002-2099
Buffer overflow in the GNU DataDisplay Debugger DDD 3.3.1 allows local users to execute arbitrary code and possibly gain privileges via a long HOME environment variable. NOTE: since DDD is not installed setuid or setgid, perhaps this issue should not be included in CVE...
CVE-2002-2017
sastcpd in SAS/Base 8.0 allows local users to execute arbitrary code by setting the authprog environment variable to reference a malicious program, which is then executed by sastcpd...
CVE-2002-1687
Buffer overflow in the diagnostics library in AIX allows local users to "cause data and instructions to be overwritten" via a long DIAGNOSTICS environment variable...
CVE-2002-1617
Multiple buffer overflows in HP Tru64 UNIX 5.x allow local users to execute arbitrary code via 1 a long -contextDir argument to dtaction, 2 a long -p argument to dtprintinfo, 3 a long -customization argument to dxterm, or 4 a long DISPLAY environment variable to dtterm...
HP-UX 11.0/11.11 - 'swxxx' Privilege Escalation
/ Program : xhpux11isw.c Use : HP-UX 11.11/11.0 exploit swxxx to get local root shell. Complie : cc xhpux11isw.c -o xsw;./xsw not use gcc for some system Usage : ./xsw off Tested : HP-UX B11.11 & HP-UX B11.0 Author : watercloud @ xfocus.org Date : 2002-12-11 Note : Use as your own risk !! / inclu...
CVE-2002-1247
Buffer overflow in LISa/LISa-derived resLISa (KDE LAN browsing) allows local users to exploit through an overly long LOGNAME environment variable, enabling control of the resLISa process or related access. The vulnerability is triggered during parsing of LOGNAME, and exposed both in LISa and its ...