Google Chrome multiple vulnerabilities - October 10(Linux)

The host is running Google Chrome and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbgooglechromemultvulnoct10lin.nasl 5306 2017-02-16 09:00:16Z teissa $ Google Chrome multiple vulnerabilities - October 10Linux Authors: Madhuri D Copyright: Copyright c 2010 Greenbone...

Path traversal

Google Chrome before 7.0.517.41 on Linux does not properly set the PATH environment variable, which has unspecified impact and attack vectors...

Sudo protection bypass

It's possible to bypass PATH variable sanitization be setting few PATH variables...

CVE-2010-1646

The secure path feature in env.c in sudo 1.3.1 through 1.6.9p22 and 1.7.0 through 1.7.2p6 does not properly handle an environment that contains multiple PATH variables, which might allow local users to gain privileges via a crafted value of the last PATH variable...

List executable and writable-executable Files, list path variable

List executable and writable-executable files, list path variable over an SSH Connection. Check for executable Files outside /usr/local/bin:/usr/bin:/bin:/usr/bin/X11: /usr/games:/sbin:/usr/sbin:/usr/local/sbin:, check for user write permission on valid executables. SPDX-FileCopyrightText: 2010...

List executable and writable-executable Files, list path variable

List executable and writable-executable Files, list path variable over an SSH Connection. Check for executable Files outside /usr/local/bin:/usr/bin:/bin:/usr/bin/X11: /usr/games:/sbin:/usr/sbin:/usr/local/sbin:, check for user write permission on valid executables. OpenVAS Vulnerability Test $Id...

Windows Path Variable over WMI - Windows

Read the Windows System Path Variables over WMI. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mandrake Security Advisory MDVSA-2009:039 (gedit)

The remote host is missing an update to gedit announced via advisory MDVSA-2009:039. OpenVAS Vulnerability Test $Id: mdksa2009039.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:039 gedit Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...

Talk about environment variables in the Hacking of use-vulnerability warning-the black bar safety net

This message has been sent to the Black hand of the tenth First, we first understand under what environment variables! Environment variable generally refers to in theoperating systemis used to specify theoperating systemthe operating environment of some parameters, such as the temporary folder...

ContentNow 1.30 (upload/xss) Multiple Remote Vulnerabilities

Exploit for unknown platform in category web applications ============================================================ ContentNow 1.30 upload/xss Multiple Remote Vulnerabilities ============================================================ ContentNow Directory Traversalupload.php...

News publication system remote File include

Software: News publication system -------------------------------- Description: News publication system provides a mechanism for news blocks publication on site in conformity with rules and templates set. Provides a mechanism for adding news to the system and news management. Provides a mechanism...

MODx CMS 0.9.2.1 (base_path) Remote File Include Vulnerability

+------------------------------------------------------------------------------------------- + MODx CMS 0.9.2.1 basepath Remote File Include Vulnerability +------------------------------------------------------------------------------------------- + Affected Software .: MODx CMS 0.9.2.1 + Vendor...

CVE-2006-4262

Multiple buffer overflows in cscope 15.5 and earlier allow user-assisted attackers to cause a denial of service crash and possibly execute arbitrary code via multiple vectors including 1 a long pathname that is not properly handled during file list parsing, 2 long pathnames that result from path...

CVE-2006-4262

Multiple buffer overflows in cscope 15.5 and earlier allow user-assisted attackers to cause a denial of service crash and possibly execute arbitrary code via multiple vectors including 1 a long pathname that is not properly handled during file list parsing, 2 long pathnames that result from path...

CVE-2006-0791

PHP remote file inclusion vulnerability in index.php in DreamCost HostAdmin allows remote attackers to include arbitrary files via the $path variable, which is not initialized before use...

CVE-2003-1167

KPopup 0.9.1 exposes two local-privilege/vulnerability issues. First, a format-string vulnerability in main.cpp (kpopup 0.9.1–0.9.5pre2) can allow local users to cause a denial of service (segmentation fault) and potentially execute arbitrary code via crafted format specifiers in command line arg...

CVE-2003-1167

misc.cpp in KPopup 0.9.1 trusts the PATH variable when executing killall, which allows local users to elevate their privileges by modifying the PATH variable to reference a malicious killall program...

CVE-2004-0965

stmkfont in HP-UX B.11.00 through B.11.23 relies on the user-specified PATH when executing certain commands, which allows local users to execute arbitrary code by modifying the PATH environment variable to point to malicious programs...

NSFOCUS SA2004-02 : HP-UX stmkfont Local Privilege Escalation Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 NSFOCUS Security AdvisorySA2004-02 Topic: HP-UX stmkfont Local Privilege Escalation Vulnerability Release Date: 2004-10-20 CVE CAN ID: CAN-2004-0965 http://www.nsfocus.com/english/homepage/research/0402.htm Affected system: =================== - - HP-...

CVE-2002-1469

scponly does not properly verify the path when finding the 1 scp or 2 sftp-server programs, which could allow remote authenticated users to bypass access controls by uploading malicious programs and modifying the PATH variable in $HOME/.ssh/environment to locate those programs...