2666 matches found
CVE-2007-0406
Multiple buffer overflows in the 1 main function in a client.c, and the 2 serversetup and 3 serverclientconnect functions in b server.c in gxine 0.5.9 and earlier allow local users to cause a denial of service daemon crash or gain privileges via a long HOME environment variable. NOTE: some of the...
CVE-2007-0406
Removed by vendor...
MOAB-21-01-2007: System Preferences writeconfig Local Privilege Escalation Vulnerability
Summary Apple provides the following description in the The Preference Application documentation: System Preferences is the standard location for presenting system-level preferences on OSX. The preference panes shipped with Mac OS X include panes affecting hardware such as the Sound, Mouse, and...
Stack overflow
Stack-based buffer overflow in mbse-bbs 0.70 and earlier allows local users to execute arbitrary code via a long string in the MBSEROOT environment variable...
CVE-2007-0368
Stack-based buffer overflow in mbse-bbs 0.70 and earlier allows local users to execute arbitrary code via a long string in the MBSEROOT environment variable...
CVE-2006-6418
Buffer overflow in the POSIX Threads library libpthread on HP Tru64 UNIX 4.0F PK8, 4.0G PK4, and 5.1A PK6 allows local users to gain root privileges via a long PTHREADCONFIG environment variable...
OpenBSD LD.SO本地环境变量清除漏洞
OpenBSD是一款开放源代码的操作系统。 OpenBSD ELF ld.so1不正确过滤环境变量,本地攻击者可以利用漏洞绕过安全设置或可能造成任意指令执行。 目前没有详细漏洞细节提供。 penBSD OpenBSD 4.0 OpenBSD OpenBSD 3.9 补丁下载: OpenBSD OpenBSD 4.0 OpenBSD 005ldso.patch ftp://ftp.openbsd.org/pub/OpenBSD/patches/4.0/common/005ldso.patch OpenBSD OpenBSD 3.9 OpenBSD 016ldso.patch...
GLSA-200611-15 : qmailAdmin: Buffer overflow
The remote host is affected by the vulnerability described in GLSA-200611-15 qmailAdmin: Buffer overflow qmailAdmin fails to properly handle the 'PATHINFO' variable in qmailadmin.c. The PATHINFO is a standard CGI environment variable filled with user-supplied data. Impact : A remote attacker coul...
HP Tru64 Unix libpthread buffer overflow
Buffer overflow on parsing PTHREADCONFIG environment variable...
Apple MacOS X Xcode OpenBase SQL privilege escalation
On executing tar from suid root application TAROPTIONS environment variable is not unset, making it possible to execute any application with root privileges. External application are executed with relative path. Dynamic libraries are loaded with relative path. Symbolic links problem...
CVE-2006-5466
Heap-based buffer overflow in the showQueryPackage function in librpm in RPM Package Manager 4.4.8, when the LANG environment variable is set to ruRU.UTF-8, might allow user-assisted attackers to execute arbitrary code via crafted RPM packages...
CVE-2006-5466
Heap-based buffer overflow in the showQueryPackage function in librpm in RPM Package Manager 4.4.8, when the LANG environment variable is set to ruRU.UTF-8, might allow user-assisted attackers to execute arbitrary code via crafted RPM packages...
CVE-2006-5397
The Xinput module modules/im/ximcp/imLcIm.c in X.Org libX11 1.0.2 and 1.0.3 opens a file for reading twice using the same file descriptor, which causes a file descriptor leak that allows local users to read files specified by the XCOMPOSEFILE environment variable via the duplicate file descriptor...
DEBIAN-CVE-2006-5397
The Xinput module modules/im/ximcp/imLcIm.c in X.Org libX11 1.0.2 and 1.0.3 opens a file for reading twice using the same file descriptor, which causes a file descriptor leak that allows local users to read files specified by the XCOMPOSEFILE environment variable via the duplicate file descriptor...
CVE-2006-5397
The Xinput module modules/im/ximcp/imLcIm.c in X.Org libX11 1.0.2 and 1.0.3 opens a file for reading twice using the same file descriptor, which causes a file descriptor leak that allows local users to read files specified by the XCOMPOSEFILE environment variable via the duplicate file descriptor...
CVE-2006-5397
The Xinput module modules/im/ximcp/imLcIm.c in X.Org libX11 1.0.2 and 1.0.3 opens a file for reading twice using the same file descriptor, which causes a file descriptor leak that allows local users to read files specified by the XCOMPOSEFILE environment variable via the duplicate file descriptor...
FreeBSD TOP Format String Vulnerability
No description provided by source. / freebsd x86 top exploit affected under top-3.5beta9 including this version 1. get the address of .dtors from /usr/bin/top using objdump , 'objdump -s -j .dtors /usr/bin/top' 2. divide it into four parts, and set it up into an environment variable like "XSEO=" ...
Resolv+ (RESOLV_HOST_CONF) Linux Library Local Exploit
No description provided by source. setenv RESOLVHOSTCONF /etc/shadow; ping adfas...
CVE-2006-5556
Buffer overflow in the localtimer function, and certain other functions, in libc in HP-UX B.11.11 and possibly other versions allows local users to execute arbitrary code via a long TZ environment variable...
HP-UX LIBC TZ环境变量本地溢出漏洞
HP-UX是一款HP公司开发的UNIX操作系统。 HP-UX的LIBC实现在处理TZ环境变量时存在缓冲区溢出漏洞,本地攻击者可能利用此漏洞提升权限。 由于没有在localtimer及相关函数中执行充分的边界检查,HP-UX的libc库在处理TZ环境变量时存在栈溢出漏洞。任何使用timezone函数的suid或sgid程序都受这个漏洞影响。成功攻击可能导致权限提升。 HP HP-UX B.11.11 HP HP-UX B.11.04 HP HP-UX B.11.00 HP已经为此发布了一个安全公告(HPSBUX02091)以及相应补丁: HPSBUX02091:SSRT061099 rev...