815 matches found
[security bulletin] HPSBTU02211 SSRT071326 rev.1 - HP Tru64 UNIX Running the dop command, Local Execution of Arbitrary Code with Privilege Elevation
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c01036871 Version: 1 HPSBTU02211 SSRT071326 rev.1 - HP Tru64 UNIX Running the dop command, Local Execution of Arbitrary Code with Privilege Elevation NOTICE: The information in this Security...
[security bulletin] HPSBMA02197 SSRT061285 rev.1 - HP-UX Running HP Power Manager Remote Agent (RA), Local Execution of Arbitrary Code with Root Privileges
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c00819543 Version: 1 HPSBMA02197 SSRT061285 rev.1 - HP-UX Running HP Power Manager Remote Agent RA, Local Execution of Arbitrary Code with Root Privileges NOTICE: The information in this Security...
CVE-2007-1400
Plash permits sandboxed processes to open /dev/tty, which allows local users to escape sandbox restrictions and execute arbitrary commands by sending characters to a shell process on the same termimal via the TIOCSTI ioctl...
[security bulletin] HPSBMA02190 SSRT071300 rev.1 - HP OpenView Storage Data Protector, Local Execution of Arbitrary Code
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c00862204 Version: 1 HPSBMA02190 SSRT071300 rev.1 - HP OpenView Storage Data Protector, Local Execution of Arbitrary Code NOTICE: The information in this Security Bulletin should be acted upon as...
CVE-2006-6563
Stack-based buffer overflow in the prctrlsrecvrequest function in ctrls.c in the modctrls module in ProFTPD before 1.3.1rc1 allows local users to execute arbitrary code via a large reqarglen length value...
HP-UX PHSS_35434 : HP-UX Running dtmail, Local Execution of Arbitrary Code (HPSBUX02162 SSRT061223 rev.1)
s700800 11.11 CDE Applications Patch : A potential security vulnerability has been identified with HP-UX running dtmail. The vulnerability could be exploited by a local, authorized user to execute arbitrary code as a member of the 'mail' group. References: NETRAGARD-20060810. %NASLMINLEVEL 70300 ...
HP-UX PHSS_35433 : HP-UX Running dtmail, Local Execution of Arbitrary Code (HPSBUX02162 SSRT061223 rev.1)
s700800 11.00 CDE Runtime Patch : A potential security vulnerability has been identified with HP-UX running dtmail. The vulnerability could be exploited by a local, authorized user to execute arbitrary code as a member of the 'mail' group. References: NETRAGARD-20060810. %NASLMINLEVEL 70300 C...
HP-UX PHSS_35435 : HP-UX Running dtmail, Local Execution of Arbitrary Code (HPSBUX02162 SSRT061223 rev.1)
s700800 11.23 CDE Applications Patch : A potential security vulnerability has been identified with HP-UX running dtmail. The vulnerability could be exploited by a local, authorized user to execute arbitrary code as a member of the 'mail' group. References: NETRAGARD-20060810. %NASLMINLEVEL 70300 ...
CVE-2006-5005
Unspecified vulnerability in bos.net.tcp.client in IBM AIX 5.2.0 and 5.3.0 allows local users to execute arbitrary commands via unspecified vectors involving /etc/slip.login...
HP-UX PHSS_32966 : HP-UX Running Xserver Local Execution of Arbitrary Code, Privilege Elevation (HPSBUX02137 SSRT051024 rev.1)
s700800 11.11 Xserver cumulative patch : A potential security vulnerability has been identified in the Xserver running on HP-UX. The vulnerability could be exploited by a local user to execute arbitrary code with the privileges of the Xserver. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...
HP-UX PHSS_32960 : HP-UX Running Xserver Local Execution of Arbitrary Code, Privilege Elevation (HPSBUX02137 SSRT051024 rev.1)
s700800 11.23 Xserver cumulative patch : A potential security vulnerability has been identified in the Xserver running on HP-UX. The vulnerability could be exploited by a local user to execute arbitrary code with the privileges of the Xserver. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...
HP-UX PHSS_32965 : HP-UX Running Xserver Local Execution of Arbitrary Code, Privilege Elevation (HPSBUX02137 SSRT051024 rev.1)
s700800 11.00 Xserver cumulative patch : A potential security vulnerability has been identified in the Xserver running on HP-UX. The vulnerability could be exploited by a local user to execute arbitrary code with the privileges of the Xserver. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...
CVE-2006-0489
Buffer overflow in the font command of mIRC, probably 6.16, allows local users to execute arbitrary code via a long string. NOTE: the original researcher claims that issue has been disputed by the vendor, and that the vendor stated "as far as I can tell, this is neither an exploit nor a...
PT-2006-1554 · Mirc · Mirc
Name of the Vulnerable Software and Affected Versions: mIRC version 6.16 Description: A buffer overflow issue in the font command of mIRC allows local users to execute arbitrary code via a long string. The vendor has disputed this issue, stating it is a local bug in mIRC and not a vulnerability. ...
CVE-2004-2571
Multiple buffer overflows in EnderUNIX isoqlog 2.1.1 allow remote attackers to execute arbitrary code via the 1 parseQmailFromBytesLine, 2 parseQmailToRemoteLine, 3 parseQmailToLocalLine, 4 parseSendmailFromBytesLine, 5 parseSendmailToLine, 6 parseEximFromBytesLine, and 7 parseEximToLine function...
OpenSSH UseLogin Environment Variables
You are running a version of OpenSSH which is older than 3.0.2. Versions prior than 3.0.2 are vulnerable to an environment variables export that can allow a local user to execute command with root privileges. This problem affect only versions prior than 3.0.2, and when the UseLogin feature is...
Mantis Bug Tracker 0.19.2/1.0 - 'Bug_sponsorship_list_view_inc.php' File Inclusion
source: https://www.securityfocus.com/bid/15212/info Mantis is prone to a remote and local file include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to execute arbitrary remote and local PHP code on a...
PunBB < 1.2.8 Multiple Vulnerabilities
Binary data 3235.prm...
CVE-2005-2935
The CVE-2005-2935 entry covers an Unquoted Windows search path vulnerability in Microsoft AntiSpyware (AntispywareMain.exe) that could allow local code execution by placing a malicious c:\program.exe. The issue stems from an unquoted search path when AntiSpyware attempts to execute gsasDtServ.exe...
CVE-2005-2693
cvsbug in CVS 1.12.12 and earlier creates temporary files insecurely, which allows local users to overwrite arbitrary files and execute arbitrary code via a symlink attack...