MTink 0.9.x Printer Status Monitor Environment Variable Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6656/info mtink is prone to a locally exploitable buffer overflow condition. This is due to insufficient bounds checking of the HOME environment variable. mtink is reportedly installed setgid 'sys' on Mandrake Linux, so i...

XFree86 4.2 XLOCALEDIR Local Buffer Overflow Vulnerability (4)

No description provided by source. source: http://www.securityfocus.com/bid/7002/info Several XFree86 utilities may be prone to a buffer overflow condition. The vulnerability exists due to insufficient boundary checks performed by these utilities when referencing the XLOCALEDIR environment...

HP Tru64 NLSPATH Environment Variable Local Buffer Overflow Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/5647/info Tru64 is a commercially available UNIX operating system. Tru64 was originally developed by Digital and is now distributed and maintained by HP. A buffer overflow has been discovered in a number of Tru64 binaries...

kpopup 0.9.x Privileged Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8915/info It has been alleged that it is possible for local attackers to gain root privileges through kpopup, which is is installed setuid root by default. According to the report, kpopup uses the system3 C-library functi...

Tower Toppler 0.96 HOME Environment Variable Local Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8132/info A problem with the software may make elevation of privileges possible. It has been reported that a buffer overflow exists in Tower Toppler. A local user may be able to exploit this issue to execute code with the...

Suidperl 5.00503 Mail Shell Escape Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/1547/info The interaction between some security checks performed by suidperl, the setuid version of perl, and the /bin/mail program creates a scenario that allows local malicious users to execute commands with root...

RedHat restore 0.4 b15 Insecure Environment Variables Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1914/info restore is a program for backup and recovery procedures, distributed with the RedHat Linux Operating System. A vulnerability exists that could allow a user elevated permissions. The problem occurs in the RSH...

Gallery 1.3.x/1.4 - Remote Global Variable Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9490/info It has been reported that Gallery is prone to a vulnerability that may allow a remote attacker to gain unauthorized access by overwriting various values for global variables. The issue occurs due to improper...

LGames LBreakout2 2.2.2 - Multiple Environment Variable Buffer Overflow Vulnerabilites

No description provided by source. source: http://www.securityfocus.com/bid/9712/info Multiple buffer overflow vulnerabilities exist in the environment variable handling of LBreakout2. The issue is due to an insufficient boundary checking of certain environment variables used by the affected...

nuseo php enterprise 1.6 - Remote File Inclusion Vulnerability

No description provided by source. Vulnerability Type: Remote File Inclusion Vulnerable file: /NuSEO PHP Enterprise.v1.6 Nulled by DGT/NuSEO.PHP.Enterprise.v1.6.PHP.NULL-DGT/nuseo/admin/nuseoadmind.php Exploit URL:...

BIGACE 2.4 - Multiple Remote File Inclusion Vulnerabilities

No description provided by source. / \ @ /|\ /|\ |-| / | \ /|/\ / | \ @ | |--------------------/--|-voV---|'/--Vov-|-----------------------|-| |-| '^ o o '^ | | | | \Y/' |-| |-| | | | | -=ShAd0w-CrEw=- |-| |-| | | | | |-| ||| | @ l /\ / \ /\ l |-| l / V \ \ V \ l @ l/ \I \ /'...

HP Tru64 NLSPATH Environment Variable Local Buffer Overflow Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/5647/info Tru64 is a commercially available UNIX operating system. Tru64 was originally developed by Digital and is now distributed and maintained by HP. A buffer overflow has been discovered in a number of Tru64 binaries...

php live helper <= 2.0.1 - Multiple Vulnerabilities

No description provided by source. GulfTech Security Research August 16, 2008 Vendor : Turnkey Web Tools, Inc URL : http://www.turnkeywebtools.com Version : PHP Live Helper = 2.0.1 Risk : Multiple Vulnerabilities Description: PHP Live Helper is an online support system written in php that allows...

Gitweb <= 1.7.3.3 - Cross Site Scripting

No description provided by source. -8 Description 8- Cross-site scripting XSS vulnerability in Gitweb 1.7.3.3 and previous versions allows remote attackers to inject arbitrary web script or HTML code via f and fp variables. -8 Proof Of Concept 8-...

PHPDocumentor 1.2/1.3 Forum Lib Variable Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/16101/info phpDocumentor is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary...

Joomla Component (com_restaurantguide) Multiple Vulnerabilities

No description provided by source. Exploit Title: Joomla Component comrestaurantguide Multiple Vulnerabilities Date: 18.09.2010 Author: Valentin Category: webapps/0day Version: 1.0.0 Tested on: Debian lenny, Apache2, MySQL 5, Joomla 1.5.x CVE : Code : :::::::::::::::::::::::::::::::::::::: 0x1...

SGI IRIX <= 6.4 rmail Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/460/info A vulnerability exists in the rmail utility, included by SGI with it's Irix operating system. By failing to sanity check the contents of an environment variable, arbitrary commands may be executed with gid mail...

Sudo Perl 1.6.x Environment Variable Handling Security Bypass Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/15394/info Sudo is prone to a security-bypass vulnerability that could lead to arbitrary code execution. This issue is due to an error in the application when handling the 'PERLLIB', 'PERL5LIB', and 'PERL5OPT' environment...

Sudo 1.6.x Environment Variable Handling Security Bypass Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/16184/info Sudo is prone to a security-bypass vulnerability that could lead to arbitrary code execution. This issue is due to an error in the application when handling environment variables. A local attacker with the...

phpix 1.0 - Directory Traversal vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1773/info PHPix is a web-based photo-album system written in PHP. It is vulnerable to an attack that allows a malicious remote user to view arbitrary files on the target webserver with the privileges of the webserver. The...