Lucene search
K

2665 matches found

Gentoo Linux
Gentoo Linux
added 2004/08/25 12:0 a.m.64 views

Linux Kernel: Multiple information leaks

Background The Linux kernel is responsible for managing the core aspects of a GNU/Linux system, providing an interface for core system applications as well as providing the essential structure and capability to access hardware that is needed for a running system. Description The Linux kernel allo...

4.6CVSS6.2AI score0.00766EPSS
Exploits5
Apache Httpd
Apache Httpd
added 2004/08/05 12:0 a.m.29 views

Apache Httpd < 2.0.51 : Environment variable expansion flaw

A buffer overflow was found in the expansion of environment variables during configuration file parsing. This issue could allow a local user to gain the privileges of a httpd child if a server can be forced to parse a carefully crafted .htaccess file written by a local user...

7.8CVSS3AI score0.01607EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2004/07/31 12:0 a.m.22 views

Mandrake Linux Security Advisory : webmin (MDKSA-2001:059)

Recently, Caldera found that when webmin starts a system daemon from the web frontend it does not clear its environment variables. Since these variables contain the authorization of the administrator, any daemon would also get these variables. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

7.2CVSS5.4AI score0.00514EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2004/07/06 12:0 a.m.23 views

FreeBSD : lbreakout2 vulnerability in environment variable handling (87)

The following package needs to be updated: lbreakout2 %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated by freebsdpkgad4f6ca4672011d89fb5000a95bc6fae.nasl. Disabled on 2011/10/02. C Tenable Network Security, Inc. This script contains information extracted from VuXML : Copyright...

6.4AI score0.0089EPSS
Exploits1References21
NVD
NVD
added 2004/05/03 4:0 a.m.21 views

CVE-2004-0428

Unknown vulnerability in CoreFoundation in Mac OS X 10.3.3 and Mac OS X 10.3.3 Server, related to "the handling of an environment variable," has unknown attack vectors and unknown impact...

5CVSS6.4AI score0.01472EPSS
Exploits0References6
NVD
NVD
added 2004/04/15 4:0 a.m.19 views

CVE-2003-1033

The 1 instdbmsrv and 2 instlserver programs in SAP DB Development Tools 7.x trust the user-provided INSTROOT environment variable as a path when assigning setuid permissions to the lserver program, which allows local users to gain root privileges via a modified INSTROOT that points to a malicious...

7.2CVSS6.6AI score0.00349EPSS
Exploits0References5
NVD
NVD
added 2004/03/29 5:0 a.m.23 views

CVE-2004-0158

Buffer overflow in lbreakout2 allows local users to gain 'games' group privileges via a large HOME environment variable to 1 editor.c, 2 theme.c, 3 manager.c, 4 config.c, 5 game.c, 6 levels.c, or 7 main.c...

4.6CVSS6.5AI score0.0089EPSS
Exploits1References5
Cvelist
Cvelist
added 2004/03/10 5:0 a.m.23 views

CVE-2004-0158

Buffer overflow in lbreakout2 allows local users to gain 'games' group privileges via a large HOME environment variable to 1 editor.c, 2 theme.c, 3 manager.c, 4 config.c, 5 game.c, 6 levels.c, or 7 main.c...

6.4AI score0.0089EPSS
Exploits1References5
Debian CVE
Debian CVE
added 2004/03/10 5:0 a.m.13 views

CVE-2004-0158

Buffer overflow in lbreakout2 allows local users to gain 'games' group privileges via a large HOME environment variable to 1 editor.c, 2 theme.c, 3 manager.c, 4 config.c, 5 game.c, 6 levels.c, or 7 main.c...

4.6CVSS6.6AI score0.0089EPSS
Exploits1
NVD
NVD
added 2004/03/03 5:0 a.m.11 views

CVE-2004-0103

crawl before 4.0.0 beta23 does not properly "apply a size check" when copying a certain environment variable, which may allow local users to gain privileges, possibly as a result of a buffer overflow...

4.6CVSS6.7AI score0.00382EPSS
Exploits0References4
OSV
OSV
added 2004/03/03 5:0 a.m.1 views

DEBIAN-CVE-2004-0103

crawl before 4.0.0 beta23 does not properly "apply a size check" when copying a certain environment variable, which may allow local users to gain privileges, possibly as a result of a buffer overflow...

4.6CVSS7.2AI score0.00382EPSS
Exploits0References1
Exploit DB
Exploit DB
added 2004/02/21 12:0 a.m.41 views

LGames LBreakout2 2.2.2 - Multiple Environment Variable Buffer Overflow Vulnerabilities

/ source: https://www.securityfocus.com/bid/9712/info Multiple buffer overflow vulnerabilities exist in the environment variable handling of LBreakout2. The issue is due to an insufficient boundary checking of certain environment variables used by the affected application. A malicious user may...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2004/02/21 12:0 a.m.18 views

LGames LBreakout2 2.2.2 - Multiple Environment Variable Buffer Overflow Vulnerabilities

LGames LBreakout2 2.2.2 - Multiple Environment Variable Buffer Overflow Vulnerabilities / source: https://www.securityfocus.com/bid/9712/info Multiple buffer overflow vulnerabilities exist in the environment variable handling of LBreakout2. The issue is due to an insufficient boundary checking of...

0.4AI score
Exploits0
NVD
NVD
added 2004/02/17 5:0 a.m.14 views

CVE-2004-0074

Multiple buffer overflows in xsok 1.02 allows local users to gain privileges via 1 a long LANG environment variable, or 2 a long -xsokdir command line argument, a different vulnerability than CVE-2003-0949...

4.6CVSS6.6AI score0.00993EPSS
Exploits1References6
Debian CVE
Debian CVE
added 2004/02/11 5:0 a.m.17 views

CVE-2004-0103

crawl before 4.0.0 beta23 does not properly "apply a size check" when copying a certain environment variable, which may allow local users to gain privileges, possibly as a result of a buffer overflow...

4.6CVSS6.6AI score0.00382EPSS
Exploits0
OSV
OSV
added 2004/02/09 5:0 a.m.2 views

DEBIAN-CVE-2004-2093

Buffer overflow in the opensocketout function in socket.c for rsync 2.5.7 and earlier allows local users to cause a denial of service crash and possibly execute arbitrary code via a long RSYNCPROXY environment variable. NOTE: since rsync is not setuid, this issue does not provide any additional...

4.6CVSS7.7AI score0.00998EPSS
Exploits0References1
NVD
NVD
added 2004/01/27 5:0 a.m.20 views

CVE-2004-2131

Stack-based buffer overflow in ontape for IBM Informix Dynamic Server IDS 9.40.xC3 and earlier allows local users, with DSA privileges, to execute arbitrary code via a long ONCONFIG environment variable...

7.2CVSS7.5AI score0.01425EPSS
Exploits1References6
Cvelist
Cvelist
added 2004/01/22 5:0 a.m.23 views

CVE-2004-0074

Multiple buffer overflows in xsok 1.02 allows local users to gain privileges via 1 a long LANG environment variable, or 2 a long -xsokdir command line argument, a different vulnerability than CVE-2003-0949...

6.5AI score0.00993EPSS
Exploits1References6
NVD
NVD
added 2003/12/31 5:0 a.m.20 views

CVE-2003-1446

Buffer overflow in the saveintofile function in save.c for Rogue 5.2-2 allows local users to execute arbitrary code with games group privileges by setting a long HOME environment variable and invoking the save game function with a tilde...

4.9CVSS7.5AI score0.00527EPSS
Exploits1References3
Exploit DB
Exploit DB
added 2003/12/30 12:0 a.m.29 views

XSOK 1.0 2 - &#039;LANG Environment&#039; Local Buffer Overrun

// source: https://www.securityfocus.com/bid/9341/info xsok is prone to a locally exploitable buffer overrun vulnerability due to insufficient bounds check of data supplied through the LANG environment variable. This could be exploited to execute arbitrary code with elevated privileges. The progr...

7.4AI score
Exploits0
Rows per page
Query Builder