2663 matches found
CVE-1999-0388
DataLynx suGuard (DataLynx) is affected: it trusts the PATH environment variable to execute the ps command, enabling a local user to run commands with root privileges. Root cause: use of PATH for command execution without proper validation. Impact: local privilege escalation to root as described ...
CVE-1999-0046
The CVE-1999-0046 entry documents a buffer overflow in the rlogin program triggered by the TERM environment variable. Red Hat/NVD entries confirm a buffer overflow affecting rlogin; no specific vulnerable versions or patches are provided in the supplied sources. Exploitation details, affected pro...
Knox Arkeia 4.0 Backup - Local Overflow
Knox Arkeia 4.0 Backup - Local Overflow / source: https://www.securityfocus.com/bid/661/info Knox Software Arkeia 4.0 Backup rnavc & nlserverd HOME Environment Variable Buffer Overflow A local buffer overflow in the handling of the HOME environment variable by the rlserver and rnavc binaries that...
Knox Arkeia 4.0 Backup - Local Overflow
/ source: https://www.securityfocus.com/bid/661/info Knox Software Arkeia 4.0 Backup rnavc & nlserverd HOME Environment Variable Buffer Overflow A local buffer overflow in the handling of the HOME environment variable by the rlserver and rnavc binaries that are part of the Knox Software Arkiea...
SuSE Linux 6.2 sscw - HOME Environment Variable Buffer Overflow
SuSE Linux 6.2 sscw - HOME Environment Variable Buffer Overflow source: https://www.securityfocus.com/bid/656/info A buffer overflow vulnerability in sscw's handling of the HOME environment variable allows local users to gain root privileges. !/bin/bash Linux x86 exploit for /usr/bin/sccw on SuSE...
dtsession_vuln.txt
Subject: Vulnerability in dtsession To: [email protected] Hello, I discovered the following security problem in dtsession actually in libtt.so, part of CDE: Description ----------- The session manager dtsession contains an overflow vulnerability when parsing the environment variable...
PT-1999-1338 · Oracle · Solaris
Name of the Vulnerable Software and Affected Versions: Solaris affected versions not specified Description: The issue is related to a buffer overflow in Solaris libc, ufsrestore, and rcp, which can be triggered via the LC MESSAGES environmental variable. Recommendations: At the moment, there is n...
CVE-1999-0872
Buffer overflow in Vixie cron allows local users to gain root access via a long MAILTO environment variable in a crontab file...
Caldera OpenLinux 2.2 Debian 2.12.2 RedHat 6.0 - Vixie Cron MAILTO Sendmail
Caldera OpenLinux 2.2 Debian 2.12.2 RedHat 6.0 - Vixie Cron MAILTO Sendmail Caldera OpenLinux 2.2 ,Debian Linux 2.1/2.2,RedHat Linux = 6.0 Vixie Cron MAILTO Sendmail Vulnerability source: https://www.securityfocus.com/bid/611/info Failure by the vixie cron daemon from validating the contents of a...
tcsh.6.07.bof.txt
Date: Mon, 17 May 1999 09:53:19 +0200 From: arkth To: [email protected] Subject: tcsh overflow While few days ago there was discussion about bash overflow on bugtraq i found another overflow in tcsh-6.07.09-1 rh 5.2 . The problem is in too long $HOME evironment variable very old thing - zgv...
dtap2.txt
http://www.rootshell.com/ From [email protected] Mon Nov 2 08:12:39 1998 Date: Mon, 2 Nov 1998 18:05:59 +0100 MET From: Andrea Costantino To: [email protected], [email protected] Subject: another /usr/dt/bin/dtappgather feature! There's attached the message related to this new feature...
solaris-mkcookie.txt
RSI.0012.12-03-98.SOLARIS.MKCOOKIE |:::. |::::: |::::. |::::: |::::: |::::. .. :: .. .. :: .. .. .. :: |:::: |:::: |:::: :::::: |::::: |:::: |: |: :: |: |: |:: |: |: :: |: :: |::::: |: |::::: |::::: |::::: Repent Security Incorporated, RSI http://www.repsec.com RSI ALERT ADVISORY --- CREDIT...
Oracle 8 8.1.5 - Intelligent Agent (2)
Oracle 8 8.1.5 - Intelligent Agent 2 // source: https://www.securityfocus.com/bid/585/info A vulnerability in the Oracle Intelligent Agent allows local malicious users to execute arbitrary commands and to create world writable files as the root user. The problem lies in the dbsnmp program located...
Oracle 8 8.1.5 - Intelligent Agent (1)
Oracle 8 8.1.5 - Intelligent Agent 1 source: https://www.securityfocus.com/bid/585/info A vulnerability in the Oracle Intelligent Agent allows local malicious users to execute arbitrary commands and to create world writable files as the root user. The problem lies in the dbsnmp program located in...
Oracle 8 8.1.5 - Intelligent Agent (1)
source: https://www.securityfocus.com/bid/585/info A vulnerability in the Oracle Intelligent Agent allows local malicious users to execute arbitrary commands and to create world writable files as the root user. The problem lies in the dbsnmp program located in $ORACLEHOME/bin . This setuid root a...
Xi Graphics Accelerated X 4.0.x/5.0 - Local Buffer Overflow
// source: https://www.securityfocus.com/bid/488/info Accelerated-X, also known as Accel-X, is a popular commercial X server available from Xi Graphics. The servers are normally installed setuid root, and contain multiple buffer overflow vulnerabilities. These vulnerabilities were found in the...
IBM AIX 4.2.1 / Sun Solaris 7.0 - LC_MESSAGES libc Buffer Overflow (4)
// source: https://www.securityfocus.com/bid/268/info A buffer overflow in libc's handling of the LCMESSAGES environment variable allows a malicious user to exploit any suid root program linked agains libc to obtain root privileges. This problem is found in both IBM's AIX and Sun Microsystem's...
Oracle 8 - File Access
source: https://www.securityfocus.com/bid/170/info A number of security file access security vulnerabilities in suid programs that are part of Oracle may be exploited to obtain the privileges of the 'oracle' user and full access to the database system. Only the Unix version of Oracle is vulnerabl...
CVE-1999-0388
DataLynx suGuard trusts the PATH environment variable to execute the ps command, allowing local users to execute commands as root...
textcounter.pl 1.2 - Arbitrary Command Execution
source: https://www.securityfocus.com/bid/2265/info textcounter.pl is distributed through Matt's Scripts archive, and provides added features to httpd servers such as counters, guestbooks, and http cookie management. Due to insufficient checking of entered characters, it is possible for a remote...