2641 matches found
CVE-2002-1247
Buffer overflow in LISa allows local users to gain access to a raw socket via a long LOGNAME environment variable for the resLISa daemon...
KDE resLISa buffer overflow
Buffer overflow on oversized LOGNAME environment variable...
Solaris 2.678 - TTYPROMPT in.telnet Remote Authentication Bypass
Solaris 2.678 - TTYPROMPT in.telnet Remote Authentication Bypass Solaris TTYPROMPT Security Vulnerability Telnet This vulnerability is very simple to exploit, since it does not require any code to be compiled by an attacker. The vulnerability only requires the attacker to simply define the...
Solaris 2.6/7/8 - 'TTYPROMPT in.telnet' Remote Authentication Bypass
Solaris TTYPROMPT Security Vulnerability Telnet This vulnerability is very simple to exploit, since it does not require any code to be compiled by an attacker. The vulnerability only requires the attacker to simply define the environment variable TTYPROMPT to a 6-character string, inside telnet...
CVE-2002-0905
Buffer overflow in sqlexec for Informix SE-7.25 allows local users to gain root privileges via a long INFORMIXDIR environment variable...
solaris.login.txt
Hello, Solaris 2.6, 7, and 8 /bin/login has a vulnerability involving the environment variable TTYPROMPT. This vulnerability has already been reported to BugTraq and a patch has been released by Sun. However, a very simple exploit, which does not require any code to be compiled by an attacker,...
CVE-2002-1128
Buffer overflow in inc mail utility for Compaq Tru64/OSF1 3.x allows local users to execute arbitrary code via a long MH environment variable...
HP Tru64 - NLSPATH Environment Variable Local Buffer Overflow (2)
source: https://www.securityfocus.com/bid/5647/info Tru64 is a commercially available UNIX operating system. Tru64 was originally developed by Digital and is now distributed and maintained by HP. A buffer overflow has been discovered in a number of Tru64 binaries. Attackers may exploit this via a...
Buffer overflow in linuxconf
Buffer overflow in environment variable parsing...
Linuxconf 1.1.x1.2.x - Local Environment Variable Buffer Overflow (1)
Linuxconf 1.1.x1.2.x - Local Environment Variable Buffer Overflow 1 // source: https://www.securityfocus.com/bid/5585/info Linuxconf is a Linux configuration utility from Solucorp. It is typically installed as a setuid root utility for the management and configuration of Linux operating systems. ...
Linuxconf 1.1.x1.2.x - Local Environment Variable Buffer Overflow (2)
Linuxconf 1.1.x1.2.x - Local Environment Variable Buffer Overflow 2 // source: https://www.securityfocus.com/bid/5585/info Linuxconf is a Linux configuration utility from Solucorp. It is typically installed as a setuid root utility for the management and configuration of Linux operating systems. ...
Linuxconf 1.1.x1.2.x - Local Environment Variable Buffer Overflow (3)
Linuxconf 1.1.x1.2.x - Local Environment Variable Buffer Overflow 3 source: https://www.securityfocus.com/bid/5585/info Linuxconf is a Linux configuration utility from Solucorp. It is typically installed as a setuid root utility for the management and configuration of Linux operating systems. A...
Linuxconf 1.1.x/1.2.x - Local Environment Variable Buffer Overflow (3)
source: https://www.securityfocus.com/bid/5585/info Linuxconf is a Linux configuration utility from Solucorp. It is typically installed as a setuid root utility for the management and configuration of Linux operating systems. A buffer overflow vulnerability has been reported for Linuxconf. The...
qmailadmin SUID buffer overflow
qmailadmin is not part of qmail. It's from http://inter7.com/qmailadmin/ and I guess you can download from there and play with it, although the versions I am using were built from the FreeBSD ports tree and also from a Linux RPM I grabbed from:...
qmailadmin 1.0.x - Local Buffer Overflow
/ source: https://www.securityfocus.com/bid/5404/info The qmailadmin utility, developed by Inter7, is vulnerable to a buffer overflow condition. It is meant to run as a CGI program and is typically installed setuid owned by root on some systems, regular users on others. qmailadmin fails to...
HP Tru64 - NLSPATH Environment Variable Local Buffer Overflow (1)
source: https://www.securityfocus.com/bid/5647/info Tru64 is a commercially available UNIX operating system. Tru64 was originally developed by Digital and is now distributed and maintained by HP. A buffer overflow has been discovered in a number of Tru64 binaries. Attackers may exploit this via a...
CVE-2002-0143
Buffer overflow in Eterm of Enlightenment Imlib2 1.0.4 and earlier allows local users to execute arbitrary code via a long HOME environment variable...
CVE-2002-0043
This CVE affects sudo versions 1.6.0–1.6.3p7. The issue is that sudo does not properly clear the environment before calling the mail program, allowing a local user to gain root privileges by manipulating environment variables and how the mail program is invoked. Documented impact is local privile...
Another flaw in Apache?
Hello. While playing with the SetEnv directive with Apache, I noticed that httpd processes are dying with a signal 11 if the data stored in an environment variable was too long. I simply triggered the bug by creating a .htaccess file so a regular user can do it with : SetEnv DATELOCALE "..." The...
QNX RTOS 6.1 - usrphotonbinphlocale Environment Variable Buffer Overflow
QNX RTOS 6.1 - usrphotonbinphlocale Environment Variable Buffer Overflow / source: https://www.securityfocus.com/bid/4917/info The QNX phlocale utility is prone to an exploitable buffer overflow condition. This is due to insufficient bounds checking of the ABLANG environment variable. Exploitatio...