CVE-2003-0061

Buffer overflow in passwd for HP UX B.10.20 allows local users to execute arbitrary commands with root privileges via a long LANG environment variable...

CVE-2001-0872

OpenSSH 3.0.1 and earlier with UseLogin enabled does not properly cleanse critical environment variables such as LDPRELOAD, which allows local users to gain root privileges...

ASI Oracle Security Alert: Oracle Home Environment Variable Validation Vulnerability

Oracle Home Environment Variable Validation Vulnerability For additional details, the official advisories from Oracle Corporation can be downloaded from: http://otn.oracle.com/deploy/security/pdf/dbsmpalert.pdf Summary: The dbsnmp executable can be manipulated to run programs from the wrong...

CVE-2001-0855

Buffer overflow in dbloader in ClearCase 4.2 and earlier allows local users to gain root privileges via a long TERM environment variable...

Rational ClearCase 3.24.x - DB Loader TERM Environment Variable Buffer Overflow

Rational ClearCase 3.24.x - DB Loader TERM Environment Variable Buffer Overflow // source: https://www.securityfocus.com/bid/3523/info ClearCase is a commercially available software change management package. It is maintained and distributed by Rational. A problem with the package could lead to a...

Переполнение буфера в ClearCase db_loader (buffer overflow)

Переполнение буфера при длинной переменной окружения TERM...

Rational ClearCase 3.2/4.x - DB Loader TERM Environment Variable Buffer Overflow

// source: https://www.securityfocus.com/bid/3523/info ClearCase is a commercially available software change management package. It is maintained and distributed by Rational. A problem with the package could lead to a local user gaining elevated privileges. The problem is in the handling of...

CVE-1999-1232

Untrusted search path vulnerability in day5datacopier in SGI IRIX 6.2 allows local users to execute arbitrary commands via a modified PATH environment variable that points to a malicious cp program...

CVE-1999-1422

The CVE-1999-1422 entry concerns Slackware 3.4 (and possibly other versions) where the PATH environment variable may include the current directory (.) by default. This enables local users to create Trojan horse programs that could be inadvertently executed by other users, due to execution precede...

CVE-1999-1483

Buffer overflow in zgv in svgalib 1.2.10 and earlier allows local users to execute arbitrary code via a long HOME environment variable...

CVE-2001-0943

dbsnmp in Oracle 8.0.5 and 8.1.5, under certain conditions, trusts the PATH environment variable to find and execute the 1 chown or 2 chgrp commands, which allows local users to execute arbitrary code by modifying the PATH to point to Trojan Horse programs...

CVE-2001-1091

The 1 dump and 2 dumplfs commands in NetBSD 1.4.x through 1.5.1 do not properly drop privileges, which could allow local users to gain privileges via the RCMDCMD environment variable...

Aladdin Ghostscript LD_RUN_PATH environment variable allows libraries to be loaded from current directory

Overview Alladin Ghostscript, a previewer for postscript files, uses an insecure value for the LDRUNPATH environment variable. This allows attackers to supply malicious libraries to be loaded from the current directory. Description Alladin Ghostscript is a previewer for postscript files. In...

Linux dump uses environment variables insecurely, allowing for root compromise

Overview Some implementations of the Linux backup utility, dump, call external programs on remote machines via the RSH environment variable. This may permit an attacker to compromise root if dump is setuid root. Description Some implementations of the Linux backup utility, dump, permit use of...

CVE-2001-0548

Buffer overflow in dtmail in Solaris 2.6 and 7 allows local users to gain privileges via the MAIL environment variable...

Oracle 89i - DBSNMP Oracle Home Environment Variable Buffer Overflow

Oracle 89i - DBSNMP Oracle Home Environment Variable Buffer Overflow // source: https://www.securityfocus.com/bid/3138/info Oracle is an Enterprise level SQL database, supporting numerous features and options. It is distributed and maintained by Oracle Corporation. When the ORACLEHOME environment...

Oracle 8/9i - DBSNMP Oracle Home Environment Variable Buffer Overflow

// source: https://www.securityfocus.com/bid/3138/info Oracle is an Enterprise level SQL database, supporting numerous features and options. It is distributed and maintained by Oracle Corporation. When the ORACLEHOME environment variable is filled with 750 bytes or more, a buffer overflow occurs...

Solaris 2.67.0 - DTMail Mail Environment Variable Buffer Overflow

Solaris 2.67.0 - DTMail Mail Environment Variable Buffer Overflow // source: https://www.securityfocus.com/bid/3081/info dtmail is an application included with the Common Desktop Environment, one of the X Window Managers included with Solaris. A buffer overflow in dtmail makes it possible for a...

Debian glibc 2 symlink issue could allow arbitrary file overwriting

Overview Some versions of ld.so, the loader for shared libraries in UNIX/LINUX, do not properly clear risky environment variables, allowing a symlink attack to overwrite arbitrary files. Description LDDEBUGOUTPUT specifies a directory in which ld.so creates a file with a predictable name based on...

FreeBSD TOP Format String Vulnerability

Exploit for bsd platform in category local exploits ======================================= FreeBSD TOP Format String Vulnerability ======================================= / freebsd x86 top exploit affected under top-3.5beta9 including this version 1. get the address of .dtors from /usr/bin/top...