CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2438 matches found

Exploit DB•added 1998/11/13 12:0 a.m.•24 views

Wietse Venema Rpcbind Replacement 2.1 - Denial of Service

source: https://www.securityfocus.com/bid/1893/info A remote root vulnerability exists in certain versions of rpcbind portmapper. RPC Remote Procedure Call allows a program to request a service from a program located in another computer in a network without requiring detailed information on the...

7AI score

Exploits0

NVD•added 1998/10/02 4:0 a.m.•5 views

CVE-1999-0343

A malicious Palace server can force a client to execute arbitrary programs...

5.1CVSS0.00489EPSS

Exploits0References1

Positive Technologies•added 1998/10/02 12:0 a.m.•3 views

PT-1998-1082 · Palace · Palace

Name of the Vulnerable Software and Affected Versions: Palace affected versions not specified Description: A malicious server can force a client to execute arbitrary programs. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability...

5.1CVSS6.9AI score0.00489EPSS

Exploits0References2

Debian•added 1998/08/27 8:54 p.m.•17 views

[SECURITY] New versions of ncurses fixes security problem

We have received a report that using ncurses in setuid programs will give the user a way to open arbitrary files. We recommend you upgrade your ncurses3.4-dev package immediately. dpkg -i file.deb will install the referenced file. Debian GNU/Linux 2.0 alias hamm This version of Debian were releas...

5.9AI score

Exploits0

Debian•added 1998/08/27 12:0 a.m.•14 views

[SECURITY] New versions of ncurses fixes security problem

2.4AI score

Exploits0

NVD•added 1998/02/25 5:0 a.m.•9 views

CVE-1999-1486

sadc in IBM AIX 4.1 through 4.3, when called from programs such as timex that are setgid adm, allows local users to overwrite arbitrary files via a symlink attack...

1.2CVSS0.00104EPSS

Exploits0References6

Exploit DB•added 1998/01/19 12:0 a.m.•19 views

Linux libc 5.3.12 (RedHat Linux 4.0 / Slackware Linux 3.1) - libc NLSPATH

// source: https://www.securityfocus.com/bid/379/info There is a serious vulnerability in linux libc affecting all Linux distributions using libc 5.2.18 and below. The vulnerability is centered around the NLSPATH environment variable. Through exporting the oversized and shell-code including buffe...

7.4AI score

Exploits0

Exploit DB•added 1997/08/25 12:0 a.m.•26 views

BSD/OS 2.1 / Caldera UnixWare 7/7.1.0 / FreeBSD 1.1.5.1/2.0 / HP HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.3 / SunOS 4.1.4 - 'libXt Library' Local Overflow / Local Privilege Escalation (2)

/ source: https://www.securityfocus.com/bid/237/info The libXt library is part of the X Windows system. There are several buffer overflow conditions that may allow an unauthorized user to gain root privileges through setuid and setgid programs that are linked to libXt. These problems were openly...

7.4AI score

Exploits0

NVD•added 1997/07/25 4:0 a.m.•8 views

CVE-1999-1217

The PATH in Windows NT includes the current working directory ., which could allow local users to gain privileges by placing Trojan horse programs with the same name as commonly used system programs into certain directories...

4.6CVSS0.00959EPSS

Exploits0References3

NVD•added 1997/01/01 5:0 a.m.•9 views

CVE-1999-0236

ScriptAlias directory in NCSA and Apache httpd allowed attackers to read CGI programs...

7.5CVSS0.14067EPSS

Exploits0References1

Positive Technologies•added 1997/01/01 12:0 a.m.•20 views

PT-1997-1103 · Apache · Apache Httpd

Name of the Vulnerable Software and Affected Versions: Apache httpd affected versions not specified Description: The issue allows attackers to read CGI programs due to a problem with the ScriptAlias directory in NCSA and Apache httpd. Recommendations: At the moment, there is no information about ...

7.5CVSS7.5AI score0.14067EPSS

Exploits0References5

Exploit DB•added 1994/04/02 12:0 a.m.•27 views

IBM AIX 3.2.5 - 'IFS' Local Privilege Escalation

source: https://www.securityfocus.com/bid/454/info Under older versions of AIX By changing the IFS enviroment variable to / setuid root programs that use system or popen can be fooled into running user provided programs. !/bin/csh IFS hole in AIX3.2 rmail gives egid=mail. Apr. 1994 Setup needed...

7.4AI score

Exploits0

NVD•added 1993/09/17 4:0 a.m.•7 views

CVE-1999-1318

/usr/5bin/su in SunOS 4.1.3 and earlier uses a search path that includes the current working directory ., which allows local users to gain privileges via Trojan horse programs...

7.2CVSS0.00182EPSS

Exploits0References2

NVD•added 1992/05/27 4:0 a.m.•10 views

CVE-1999-1142

SunOS 4.1.2 and earlier allows local users to gain privileges via "LD" environmental variables to certain dynamically linked setuid or setgid programs such as 1 login, 2 su, or 3 sendmail, that change the real and effective user ids to the same user...

7.2CVSS0.00876EPSS

Exploits0References3

Exploit DB•added 1992/05/27 12:0 a.m.•28 views

SunOS 4.1.3 - LD_LIBRARY_PATH / LD_OPTIONS

source: https://www.securityfocus.com/bid/43/info There exists a vulnerability involving environment variables and setuid/setgid programs under SunOS 4.0 and higher. A dynamically-linked program that is invoked by a setuid/setgid program has access to the caller's LD environmental variables if th...

7.4AI score

Exploits0

NVD•added 1991/05/20 4:0 a.m.•6 views

CVE-1999-1123

The installation of Sun Source sunsrc tapes allows local users to gain root privileges via setuid root programs 1 makeinstall or 2 winstall...

7.2CVSS0.01101EPSS

Exploits0References5