CVE-2002-0132

Buffer overflow in Chinput 3.0 allows local users to execute arbitrary code via a long HOME environment variable...

CVE-2002-0143

Buffer overflow in Eterm of Enlightenment Imlib2 1.0.4 and earlier allows local users to execute arbitrary code via a long HOME environment variable...

CVE-2001-1129

The CVE-2001-1129 entry covers multiple components of Progress database 9.1C (probuild, dbutil, mprosrv, mprshut, proapsv, progres, proutil, rfutil, and prolib). The vulnerability is a local format-string flaw in the PROMSGS environment file that allows a local user to execute arbitrary code. The...

CVE-2001-1091

The CVE-2001-1091 entry concerns NetBSD 1.4.x–1.5.1 where the dump and dump_lfs commands do not drop privileges properly, allowing local users to gain privileges via the RCMD_CMD environment variable. This is the stated root cause and impact. The available documents do not provide remediation det...

CVE-2002-0125

Buffer overflow in ClanLib library 0.5 may allow local users to execute arbitrary code in games that use the library, such as 1 Super Methane Brothers, 2 Star War, 3 Kwirk, 4 Clankanoid, and others, via a long HOME environment variable...

CVE-2001-1148

Multiple buffer overflows in programs used by scoadmin and sysadmsh in SCO OpenServer 5.0.6a and earlier allow local users to gain privileges via a long TERM environment variable to 1 atcronsh, 2 auditsh, 3 authsh, 4 backupsh, 5 lpsh, 6 sysadm.menu, or 7 termsh...

CVE-2001-1178

Buffer overflow in xman allows local users to gain privileges via a long MANPATH environment variable...

CVE-2001-0739

Guardian Digital WebTool in EnGarde Secure Linux 1.0.1 allows restarted services to inherit some environmental variables, which could allow local users to gain root privileges...

CVE-2001-0833

Buffer overflow in otrcrep in Oracle 8.0.x through 9.0.1 allows local users to execute arbitrary code via a long ORACLEHOME environment variable, aka the "Oracle Trace Collection Security Vulnerability."...

CVE-1999-1385

Buffer overflow in ppp program in FreeBSD 2.1 and earlier allows local users to gain privileges via a long HOME environment variable...

CVE-2002-1601

The Connectables feature in Adobe PhotoDeluxe 3.1 prepends the Adobe directory to the CLASSPATH environment variable, which allows applets to run with higher privileges and remote attackers to gain privileges via an HTML e-mail message or a web page...

Caldera UnixWare 7.1.1 - Message Catalog Environment Variable Format String

// source: https://www.securityfocus.com/bid/4060/info UnixWare is a commercially available Unix Operating System. It was originally developed by SCO, and is now distributed and maintained by Caldera. A format string vulnerability in the locale subsystem could lead to a user gaining elevated...

CVE-2001-1041

oracle program in Oracle 8.0.x, 8.1.x and 9.0.1 allows local users to overwrite arbitrary files via a symlink attack on an Oracle log trace .trc file that is created in an alternate home directory identified by the ORACLEHOME environment variable...

Переполнение буфера в ddd (buffer overflow)

Переполнение буфера при разборе переменной окружения HOME...

Chinput 3.0 - Environment Variable Buffer Overflow

Chinput 3.0 - Environment Variable Buffer Overflow // source: https://www.securityfocus.com/bid/3896/info Chinput is an input server designed for Chinese characters. It is available on Linux and other Unix based systems. Chinput appears to be installed suid root by default. A vulnerability exists...

Chinput 3.0 - Environment Variable Buffer Overflow

// source: https://www.securityfocus.com/bid/3896/info Chinput is an input server designed for Chinese characters. It is available on Linux and other Unix based systems. Chinput appears to be installed suid root by default. A vulnerability exists in Chinput. A local user with an extremely long HO...

Sudo 1.6.3 - Unclean Environment Variable Privilege Escalation

source: https://www.securityfocus.com/bid/3871/info Sudo is a freely available, open source permissions management software package available for the Linux and Unix operating systems. It is maintained by Todd C. Miller. Under some circumstances, sudo does not properly sanitize the environment it...

IMLib2 - Home Environment Variable Buffer Overflow

// source: https://www.securityfocus.com/bid/3868/info Imlib2 is a freely available, open source graphics library available for the Linux and Unix operating systems. It is maintained by Michael Jennings. Imlib2 is installed on many operating systems and linked with graphical programs such as Eter...

CVE-2003-0061

Buffer overflow in passwd for HP UX B.10.20 allows local users to execute arbitrary commands with root privileges via a long LANG environment variable...

CVE-2001-0872

OpenSSH 3.0.1 and earlier with UseLogin enabled does not properly cleanse critical environment variables such as LDPRELOAD, which allows local users to gain root privileges...