PT-2012-5963 · Microsoft +1 · Windows 8 +4

Name of the Vulnerable Software and Affected Versions: PHP version 5.3.17 Description: The issue is related to an untrusted search path vulnerability in the installation functionality of PHP. This vulnerability might allow local users to gain privileges via a Trojan horse DLL in the C:PHP...

CVE-2011-3628

Untrusted search path vulnerability in pammotd aka the MOTD module in libpam-modules before 1.1.3-2ubuntu2.1 on Ubuntu 11.10, before 1.1.2-2ubuntu8.4 on Ubuntu 11.04, before 1.1.1-4ubuntu2.4 on Ubuntu 10.10, before 1.1.1-2ubuntu5.4 on Ubuntu 10.04 LTS, and before 0.99.7.1-5ubuntu6.5 on Ubuntu 8.0...

CVE-2010-4039

Google Chrome before 7.0.517.41 on Linux does not properly set the PATH environment variable, which has unspecified impact and attack vectors...

CVE-2010-4039

CVE-2010-4039 affects Google Chrome on Linux prior to 7.0.517.41 where the process fails to properly set the PATH environment variable. The description does not specify the exact impact or attack vectors; vulnerability details are limited to this PATH handling issue. Open-source/ANSI references i...

Design/Logic Flaw

Untrusted search path vulnerability in hsolinkcontrol in hsolink 1.0.118 allows local users to gain privileges via a modified PATH environment variable, which is used during execution of the 1 route, 2 mv, and 3 cp programs, a different vulnerability than CVE-2010-1671...

CVE-2010-2929

The CVE-2010-2929 entry identifies an untrusted search path vulnerability in hsolinkcontrol (part of hsolink 1.0.118). The underlying issue is a modified PATH environment variable that is used when executing the programs route, mv, and cp, enabling local users to gain privileges through PATH mani...

CVE-2010-2929

Untrusted search path vulnerability in hsolinkcontrol in hsolink 1.0.118 allows local users to gain privileges via a modified PATH environment variable, which is used during execution of the 1 route, 2 mv, and 3 cp programs, a different vulnerability than CVE-2010-1671...

sudo -- Privilege escalation with sudoedit

Todd Miller reports: Sudo's command matching routine expects actual commands to include one or more slash '/' characters. The flaw is that sudo's path resolution code did not add a "./" prefix to commands found in the current working directory. This creates an ambiguity between a "sudoedit" comma...

SAP MaxDB dbmsrv 进程PATH环境变量本地权限提升漏洞

BUGTRAQ ID: 30474 CVECAN ID: CVE-2008-1810 MaxDB是SAP应用中广泛使用的数据库管理系统。 当本地用户运行dbmcli程序时，MaxDB会代表用户执行dbmsrv进程。该进程负责执行用户命令，以sdba组的sdb用户权限运行。由于没有正确地过滤PATH环境变量，如果在变量前添加了攻击者所控制的路径的话，就可能导致以sdb:sdba权限执行任意指令。 SAP MaxDB 7.6.03.15 SAP --- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://www.sap.com/...

CVE-2008-1810

Untrusted search path vulnerability in dbmsrv in SAP MaxDB 7.6.03.15 on Linux allows local users to gain privileges via a modified PATH environment variable...

CVE-2008-1710

Untrusted search path vulnerability in chnfsmnt in IBM AIX 6.1 allows local users to gain privileges via a modified PATH environment variable...

CVE-2003-1452

Untrusted search path vulnerability in Qualcomm qpopper 4.0 through 4.05 allows local users to execute arbitrary code by modifying the PATH environment variable to reference a malicious smbpasswd program...

CVE-2003-1358

rs.F300 for HP-UX 10.0 through 11.22 uses the PATH environment variable to find and execute programs such as rm while operating at raised privileges, which allows local users to gain privileges by modifying the path to point to a malicious rm program...

Debian DSA-1287-1 : ldap-account-manager - multiple vulnerabilities

Two vulnerabilities have been identified in the version of ldap-account-manager shipped with Debian 3.1 sarge. - CVE-2006-7191 An untrusted PATH vulnerability could allow a local attacker to execute arbitrary code with elevated privileges by providing a malicious rm executable and specifying a PA...

MOAB-21-01-2007: System Preferences writeconfig Local Privilege Escalation Vulnerability

Summary Apple provides the following description in the The Preference Application documentation: System Preferences is the standard location for presenting system-level preferences on OSX. The preference panes shipped with Mac OS X include panes affecting hardware such as the Sound, Mouse, and...

CVE-2006-2183

Untrusted search path vulnerability in Truecrypt 4.1, when running suid root on Linux, allows local users to execute arbitrary commands and gain privileges via a modified PATH environment variable that references a malicious mount command...

CVE-2006-2183

CVE-2006-2183 affects TrueCrypt 4.1 on Linux when running as a set-user-ID root process. The vulnerability arises from an untrusted search path: a modified PATH environment variable referencing a malicious mount command could allow local users to execute arbitrary commands and gain privileges. Th...

18ZLZA.txt

Summary: 18 ways to escalate privileges in Zone Labs ZoneAlarm Security Suite build 6.1.744.000 http://www.zonelabs.com/ Details: During Windows startup the TrueVector service vsmon.exe - an integral piece of most Zone Labs products is set to startup automatically. The TrueVector service runs und...

CVE-2004-1391

The CVE-2004-1391 entry concerns the PPPoE daemon (PPPoEd) in QNX RTP 6.1, where an untrusted execution path allows local users to execute arbitrary programs by manipulating the PATH environment variable to reference a malicious mount program. This describes a local-privilege problem rooted in PA...

CVE-2004-1028

Untrusted execution path vulnerability in chcod on AIX IBM 5.1.0, 5.2.0, and 5.3.0 allows local users to execute arbitrary programs by modifying the PATH environment variable to point to a malicious "grep" program, which is executed from chcod...