Lucene search
K

292 matches found

securityvulns
securityvulns
added 2005/08/18 12:0 a.m.43 views

[Full-disclosure] Bluez hcid popen() explained.

kflistsatdigitalmunitiondotcom After the release of TheftOfLinkKey.txt I had several people mention that they did not quite understand why I consider the recently reported bluez vulnerability to be quite trivial. In this document I will attempt to outline an exploitable scenario for hcid using th...

7.1AI score
Exploits0
CVE
CVE
added 2005/04/21 4:0 a.m.51 views

CVE-1999-1580

CVE-1999-1580 affects SunOS sendmail 5.59–5.65. The bug arises from using popen to process a forwarding host argument, enabling local users to gain root privileges by manipulating the IFS variable and passing crafted values to the -oR option. This creates a local privilege escalation vector. Publ...

7.2CVSS6.8AI score0.01115EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2005/04/21 4:0 a.m.14 views

CVE-1999-1580

SunOS sendmail 5.59 through 5.65 uses popen to process a forwarding host argument, which allows local users to gain root privileges by modifying the IFS Internal Field Separator variable and passing crafted values to the -oR option...

6.6AI score0.01115EPSS
Exploits1References5
Debian CVE
Debian CVE
added 2005/04/21 4:0 a.m.27 views

CVE-1999-1580

SunOS sendmail 5.59 through 5.65 uses popen to process a forwarding host argument, which allows local users to gain root privileges by modifying the IFS Internal Field Separator variable and passing crafted values to the -oR option...

7.2CVSS4.8AI score0.01115EPSS
Exploits1
Ubuntu
Ubuntu
added 2005/03/18 11:22 p.m.71 views

USN-99-1: PHP4 vulnerabilities

Stefano Di Paola discovered integer overflows in PHP's pack and unpack functions. A malicious PHP script could exploit these to break out of safe mode and execute arbitrary code with the privileges of the PHP interpreter. CAN-2004-1018 Note: The second part of CAN-2004-1018 buffer overflow in the...

10CVSS6.4AI score0.1616EPSS
Exploits0
CVE
CVE
added 2003/04/02 5:0 a.m.66 views

CVE-1999-1468

CVE-1999-1468 affects rdist in various UNIX systems. The vulnerability arises when rdist uses popen to invoke sendmail, enabling local users to gain root privileges by modifying the IFS (Internal Field Separator) variable. The provided sources confirm the component and the privileged escalation v...

6.2CVSS7.7AI score0.00341EPSS
Exploits0References5Affected Software2
Cvelist
Cvelist
added 2002/07/01 4:0 a.m.30 views

CVE-2002-0652

xfsmd for IRIX 6.5 through 6.5.16 allows remote attackers to execute arbitrary code via shell metacharacters that are not properly filtered from several calls to the popen function, such as exportfs...

7.9AI score0.09148EPSS
Exploits0References3
Packet Storm
Packet Storm
added 2001/08/16 12:0 a.m.32 views

sendmail.php.txt

Sequoiasoft's sendmail php script dangerous - By jwilkins PHP-Nuke Written by Sequioa Software, this script allows execution of arbitrary code by a malicious user. Written by Sequioa Software, this script allows execution of arbitrary code by a malicious user. Essentially, popen executes a shell...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2000/06/26 12:0 a.m.22 views

2dopewars_exploits.txt

two security holes i found for local use in dopewars1.4.7-current. dopewars is setgid=games. by: [email protected]. LOCAL VULNERABILITY 1: insecure popen call, a shell script can handle this. -- dopewars.sh start -- !/bin/sh dopewars.sh1.4.7: shell script by [email protected]. gives...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2000/01/04 12:0 a.m.10 views

PHP 3.0.13 - Safe_mode Failure

PHP 3.0.13 - Safemode Failure source: https://www.securityfocus.com/bid/911/info PHP Version 3.0 is an HTML-embedded scripting language. Much of its syntax is borrowed from C, Java and Perl with a couple of unique PHP-specific features thrown in. The goal of the language is to allow web developer...

0.3AI score
Exploits0
Exploit DB
Exploit DB
added 2000/01/04 12:0 a.m.32 views

PHP 3.0.13 - 'Safe_mode' Failure

source: https://www.securityfocus.com/bid/911/info PHP Version 3.0 is an HTML-embedded scripting language. Much of its syntax is borrowed from C, Java and Perl with a couple of unique PHP-specific features thrown in. The goal of the language is to allow web developers to write dynamically generat...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 1994/04/02 12:0 a.m.29 views

IBM AIX 3.2.5 - 'IFS' Local Privilege Escalation

source: https://www.securityfocus.com/bid/454/info Under older versions of AIX By changing the IFS enviroment variable to / setuid root programs that use system or popen can be fooled into running user provided programs. !/bin/csh IFS hole in AIX3.2 rmail gives egid=mail. Apr. 1994 Setup needed...

7.4AI score
Exploits0
Rows per page
Query Builder