514 matches found
CVE-2001-1022
CVE-2001-1022 relates to a format-string vulnerability in the groff family: the pic component of groff (and jgroff before 1.15) could bypass the -S option and execute arbitrary commands via format-string specifiers in the plot command. Affected: groff 1.16.1 and other versions; jgroff before 1.15...
CVE-2001-0918
Vulnerabilities in CGI scripts in susehelp in SuSE 7.2 and 7.3 allow remote attackers to execute arbitrary commands by not opening files securely...
CVE-2001-0485
Unknown vulnerability in netprint in IRIX 6.2, and possibly other versions, allows local users with lp privileges attacker to execute arbitrary commands via the -n option...
CVE-2001-0216
PALS Library System pals-cgi program allows remote attackers to execute arbitrary commands via shell metacharacters in the documentName parameter...
CVE-2001-0029
Buffer overflow in oops WWW proxy server 1.4.6 and possibly other versions allows remote attackers to execute arbitrary commands via a long host or domain name that is obtained from a reverse DNS lookup...
CVE-2001-0045
CVE-2001-0045 affects Windows NT 4.0: the default permissions on the Registry key HKLM\Software\Microsoft\Windows\RAS (RAS Administration) let local users modify the value to point to a malicious DLL, enabling local privilege escalation. The issue is a “Registry Permissions” weakness leading to a...
CVE-2000-1061
CVE-2000-1061 involves the Microsoft Virtual Machine (VM) in Internet Explorer 4.x–5.x, where an unsigned applet can create and use ActiveX controls. This enables a remote attacker to bypass IE security settings and execute arbitrary commands via a malicious web page or email. The underlying issu...
CVE-2000-0947
Format string vulnerability in cfd daemon in GNU CFEngine before 1.6.0a11 allows attackers to execute arbitrary commands via format characters in the CAUTH command...
majordomo.txt
Hi, Majordomo is a perl script for managing mailing lists. The package comes with several scripts and a program written in C wrapper that runs setuid to ensure that majordomo performs all the work with proper permissions for further information you can check the FAQ that comes with the package...
Solaris 2.67.0 - lpset -r Local Buffer Overflow (3)
Solaris 2.67.0 - lpset -r Local Buffer Overflow 3 / source: https://www.securityfocus.com/bid/1138/info A vulnerability exists in the handling of the -r option to the lpset program, as included in Solaris 7 from Sun Microsystems. The -r option is undocumented. As such, its use in unknown. However...
Majordomo 1.94.4/1.94.5 - Local -C Parameter (2)
// source: https://www.securityfocus.com/bid/903/info It is possible for a local user to gain majordomo privileges through a vulnerability which allows privileged arbitrary commands to be executed. If the -C parameter is passed to majordomo or one of several other scripts when run with the setuid...
OmniHTTPd imagemap.exe CGI Remote Overflow
The 'imagemap.exe' cgi is installed. This CGI is vulnerable to a buffer overflow that will allow a remote user to execute arbitrary commands with the privileges of your httpd server either nobody or root. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc';...
CVE-1999-0766
The Microsoft Java Virtual Machine allows a malicious Java applet to execute arbitrary commands outside of the sandbox environment...
Oracle 8 8.1.5 - Intelligent Agent (1)
source: https://www.securityfocus.com/bid/585/info A vulnerability in the Oracle Intelligent Agent allows local malicious users to execute arbitrary commands and to create world writable files as the root user. The problem lies in the dbsnmp program located in $ORACLEHOME/bin . This setuid root a...