2641 matches found
CVE-2001-1178
Buffer overflow in xman allows local users to gain privileges via a long MANPATH environment variable...
Solaris 8 libsldap - Local Buffer Overflow (2)
// source: https://www.securityfocus.com/bid/2931/info Solaris 8 ships with a shared library that implements LDAP functionality called 'libsldap'. This library is linked to by a number of system utilities, many of them installed setuid or setgid. Libsldap contains a buffer overflow vulnerability ...
Solaris 8 libsldap - Local Buffer Overflow (1)
Solaris 8 libsldap - Local Buffer Overflow 1 // source: https://www.securityfocus.com/bid/2931/info Solaris 8 ships with a shared library that implements LDAP functionality called 'libsldap'. This library is linked to by a number of system utilities, many of them installed setuid or setgid...
XFree86 X11R6 3.3.2 XMan - ManPath Environment Variable Buffer Overflow
XFree86 X11R6 3.3.2 XMan - ManPath Environment Variable Buffer Overflow source: https://www.securityfocus.com/bid/3030/info xman is a component included with the XFree86 Window System. A buffer overflow in the handling of the MANPATH environment variable by xman makes it possible for a local user...
Solaris 8 mailtool - Local Buffer Overflow
// source: https://www.securityfocus.com/bid/2787/info The mailtool program included with OpenWindows in Solaris, contains a buffer overflow vulnerability which may allow local users to execute arbitrary code/commands with group 'mail' privileges. The overflow occurs when a string exceeding...
glibc unsetenv fails to properly handle environment variables passed more than once to a program
Overview The glibc implementation of unsetenv fails to properly remove one of two successive occurrences of the same environment variable if the variable is redundently passed to a program. Description The glibc implementation of unsetenv, if called to remove an environment variable that occurs t...
CVE-2001-0170
glibc 2.1.9x and earlier does not properly clear the RESOLVHOSTCONF, HOSTALIASES, or RESOPTIONS environmental variables when executing setuid/setgid programs, which could allow local users to read arbitrary files...
Solaris ipcs vulnerability
Solaris ipcs vulnerability Release Date: April 11, 2001 Systems Affected: Solaris 7 x86 Other versions of Solaris are most likely affected also. Discovered by: Riley Hassell [email protected] Description: We have discovered a buffer overflow in the /usr/bin/i86/ipcs utility provided with Solaris 7...
Дырки в различных утилитах под Solaris (buffer overflow)
Классическое переполнение буфера при разборе командной строки и переменных среды окружения...
Solaris 7.08 - IPCS Timezone Buffer Overflow
Solaris 7.08 - IPCS Timezone Buffer Overflow source: https://www.securityfocus.com/bid/2581/info Solaris is the variant of the UNIX Operating System distributed by Sun Microsystems. Solaris is designed as a scalable operating system for the Intel x86 and Sun Sparc platforms, and operates on...
Solaris Xsun buffer overflow vulnerability
Solaris Xsun buffer overflow vulnerability Discovered and exploited by: Riley Hassell [email protected] Release Date: April 10, 2001 Systems Affected: Solaris 7/8 x86 and sparc Description: Yet some more Solaris spring cleaning... A buffer overflow was discovered in Xsun. Since Xsun is SUID root,...
SGI IRIX 6.5 / Solaris 7.0/8 CDE - '/usr/dt/bin/dtsession' Local Buffer Overflow
/ source: https://www.securityfocus.com/bid/2603/info The CDE Session Manager 'dtsession' is vulnerable to a buffer overflow that could yield root privileges to an attacker. The bug exists in dtsession's LANG environment variable parser. If an overly long LANG variable is set and dtsession is...
Solaris 2.x7.08 - Xsun HOME Buffer Overflow
Solaris 2.x7.08 - Xsun HOME Buffer Overflow // source: https://www.securityfocus.com/bid/2561/info The X11 server that ships with Sun Microsystems' Solaris, Xsun, contains a locally exploitable buffer overflow vulnerability. The condition is present when the value of the HOME environment variable...
Solaris 2.x/7.0/8 - Xsun HOME Buffer Overflow
// source: https://www.securityfocus.com/bid/2561/info The X11 server that ships with Sun Microsystems' Solaris, Xsun, contains a locally exploitable buffer overflow vulnerability. The condition is present when the value of the HOME environment variable is of excessive length more than 1050 bytes...
Possible IE5.0 exposure of local environment variables
I ran across this today, anyone have any thoughts? I'm using a moderately patched IE 5.0 browser on NT 4.0 SP5 workstation. Couldn't find any reference to this in the archives, but maybe it's been covered before. I type in the url www.home.com/computername & press enter, then and IE actually...
FreeBSD 3.5.14.2 - Ports Package xklock Local Privilege Escalation
FreeBSD 3.5.14.2 - Ports Package xklock Local Privilege Escalation / xklock - FreeBSD 3.5.1 & 4.2 ports package local root exploit The X key lock program contain several exploitable buffer overflows in command line arguments aswell as the 'JNAME' environment variable. xklock is installed setuid...
PT-2001-1319 · Gtk · Gtk+ Library
Name of the Vulnerable Software and Affected Versions: GTK+ library affected versions not specified Description: The issue allows local users to specify arbitrary modules via the GTK MODULES environmental variable. This could potentially allow local users to gain privileges if GTK+ is used by a...
SCO OpenServer 5.0.5 - Env Local Stack Overflow
SCO OpenServer 5.0.5 - Env Local Stack Overflow / Copyright c 2000 ADM / / All Rights Reserved / / THIS IS UNPUBLISHED PROPRIETARY SOURCE CODE OF ADM / / The copyright notice above does not evidence any / / actual or intended publication of such source code. / / / / Title: SCO OpenServer mscreen ...
GTK+ 1.2.8 - Arbitrary Loadable Module Execution
// source: https://www.securityfocus.com/bid/2165/info GTK+ is the Gimp Toolkit, freely available to the public and maintained by the GTK Development Team. A problem exists in the Gimp Toolkit that could allow a user elevated privileges. The problem occurs in the ability to load modules with the...
GLIBC (via /bin/su) Local Root Exploit
Exploit for linux platform in category local exploits ====================================== GLIBC via /bin/su Local Root Exploit ====================================== / Working exploit for glibc executing /bin/su To exploit this i have used a technique that overwrites the .dtors section of...