JLSEC-2026-453

ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable...

EUVD-2003-1350

Malware in sbrugna...

ncurses: Local users can trigger security-relevant memory corruption via malformed data

A vulnerability was found in ncurses and occurs when used by a setuid application. This flaw allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable...

OESA-2023-1426 ncurses security update

The ncurses new curses library is a free software emulation of curses in System V Release 4.0 SVr4, and more. It uses terminfo format, supports pads and color and multiple highlights and forms characters and function-key mapping, and has all the other SVr4-curses enhancements over BSD curses. SVr...

openssh security, bug fix, and enhancement update

6.6.1p1-22 - Use the correct constant for glob limits 1160377 6.6.1p1-21 - Extend memory limit for remote glob in sftp acc. to stat limit 1160377 6.6.1p1-20 - Fix vulnerabilities published with openssh-7.0 1265807 - Privilege separation weakness related to PAM support - Use-after-free bug related...

Elm 2.3/2.4 - Local TERM Environment Variable Buffer Overrun Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8030/info A buffer overrun has been discovered in Elm. The problem occurs due to insufficient bounds checking performed before copying user-supplied data into an internal memory buffer. Specifically, a TERM environment...

CVE-2001-1148

Multiple buffer overflows in programs used by scoadmin and sysadmsh in SCO OpenServer 5.0.6a and earlier allow local users to gain privileges via a long TERM environment variable to 1 atcronsh, 2 auditsh, 3 authsh, 4 backupsh, 5 lpsh, 6 sysadm.menu, or 7 termsh...

Переполнение буфера в ClearCase db_loader (buffer overflow)

Переполнение буфера при длинной переменной окружения TERM...

Rational ClearCase 3.2/4.x - DB Loader TERM Environment Variable Buffer Overflow

// source: https://www.securityfocus.com/bid/3523/info ClearCase is a commercially available software change management package. It is maintained and distributed by Rational. A problem with the package could lead to a local user gaining elevated privileges. The problem is in the handling of...

Elm 2.3/2.4 - TERM Environment Variable Local Buffer Overrun

source: https://www.securityfocus.com/bid/8030/info A buffer overrun has been discovered in Elm. The problem occurs due to insufficient bounds checking performed before copying user-supplied data into an internal memory buffer. Specifically, a TERM environment variable containing excessive data...

PT-1997-1026 · Rlogin · Rlogin

Name of the Vulnerable Software and Affected Versions: rlogin affected versions not specified Description: The issue concerns a buffer overflow in the rlogin program, which can be triggered using the TERM environmental variable. Recommendations: At the moment, there is no information about a newe...

BSD/OS 2.1 / DG/UX 4.0 / Debian 0.93 / Digital UNIX 4.0 B / FreeBSD 2.1.5 / HP-UX 10.34 / IBM AIX 4.1.5 / NetBSD 1.0/1.1 / NeXTstep 4.0 / SGI IRIX 6.3 / SunOS 4.1.4 - 'rlogin' Local Privilege Escalation

/ source: https://www.securityfocus.com/bid/242/info The SUID rlogin program is used to establish remote sessions. A buffer overflow condition has been found in the rlogin program that may allow an unauthorized user to gain root access. The overflow in particular is in the rlogin code that handle...