CVE-1999-1580

SunOS sendmail 5.59 through 5.65 uses popen to process a forwarding host argument, which allows local users to gain root privileges by modifying the IFS Internal Field Separator variable and passing crafted values to the -oR option...

CVE-2001-1457

Buffer overflow in CrazyWWWBoard 2000p4 and 2000LEp5 allows remote attackers to execute arbitrary code via a long HTTPUSERAGENT CGI environment variable...

CVE-1999-1580

SunOS sendmail 5.59 through 5.65 uses popen to process a forwarding host argument, which allows local users to gain root privileges by modifying the IFS Internal Field Separator variable and passing crafted values to the -oR option...

jportal231.txt

Hello BugTraq, I've found possibility to inject sql code in jPortal version 2.3.1, in module "banner" module/banner.inc.php. Bug is in these lines of code: code $query = "SELECT FROM $bannatbl WHERE title='$haslo' ORDER BY id DESC"; /code - line 192. There is unfiltered variable $haslo. In order ...

waraxe-2005-SA041.txt

================================================================================ waraxe-2005-SA041 ================================================================================ Critical Sql Injection in PhpNuke 6.x-7.6 Top module...

dlmanphpBB.txt

SQL Injection was found in the Variable $fileid in : DLMan Pro' Mod vulnerable system : phpBB 2.0.x exploit : dlman.php?func=fileinfo&fileid='SQL Injection Bug Found by : LovER BOY SecurityGurus Team www.securitygurusd0tNet...

CVE-2003-0061

Buffer overflow in passwd for HP UX B.10.20 allows local users to execute arbitrary commands with root privileges via a long LANG environment variable...

junkbuster -- heap corruption vulnerability and configuration modification vulnerability

A Debian advisory reports: James Ranson discovered that an attacker can modify the referrer setting with a carefully crafted URL by accidently overwriting a global variable. Tavis Ormandy from the Gentoo Security Team discovered several heap corruptions due to inconsistent use of an internal...

portupgrade -- insecure temporary file handling vulnerability

Simon L. Nielsen discovered that portupgrade handles temporary files in an insecure manner. This could allow an unprivileged local attacker to execute arbitrary commands or overwrite arbitrary files with the permissions of the user running portupgrade, typically root, by way of a symlink attack...

CVE-2005-1019

CVE-2005-1019 affects Aeon 0.2a and earlier, where a buffer overflow in the getConfig function lets local users gain privileges via a long HOME environment variable. The CVSSv2 base score is 7.2 (HIGH) with Local attack vector and no authentication required; confidentiality, integrity, and availa...

CVE-2005-1019

Buffer overflow in the getConfig function in Aeon 0.2a and earlier allows local users to gain privileges via a long HOME environment variable...

CVE-2005-0351

Buffer overflow in 1 termsh, 2 atcronsh, and 3 auditsh in SCO OpenServer 5.0.6 and 5.0.7 might allow local users to execute arbitrary code via a long HOME environment variable...

CVE-2005-0351

Buffer overflow in 1 termsh, 2 atcronsh, and 3 auditsh in SCO OpenServer 5.0.6 and 5.0.7 might allow local users to execute arbitrary code via a long HOME environment variable...

CVE-2002-1604

Multiple buffer overflows in HP Tru64 UNIX allow local and possibly remote attackers to execute arbitrary code via a long NLSPATH environment variable to 1 csh, 2 dtsession, 3 dxsysinfo, 4 imapd, 5 inc, 6 uucp, 7 uux, 8 rdist, or 9 deliver...

CVE-2002-1605

Buffer overflow in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows attackers to execute arbitrary code via a long XKBCHARSET environment variable to 1 dxpause, 2 dxconsole, or 3 dtsession...

phpMyDirectory1013.txt

Talte Security Advisory 3 Product: phpMyDirectory 10.1.3-rel Homepage: http://www.phpmydirectory.com/ Risk: low Type: Cross Site Scripting Bug Found by: "Talte Security - mircia" phpMyDirectory is a multi-purpose script, this script can be successfully implemented for Proffesional Yellow pages,...

Apple MacOS X environment variable buffer overflow

Buffer overflow on oversized CFCHARSETPATH variable...

CVE-2005-0716

Stack-based buffer overflow in the Core Foundation Library in Mac OS X 10.3.5 and 10.3.6, and possibly earlier versions, allows local users to execute arbitrary code via a long CFCHARSETPATH environment variable...

GLSA-200503-07 : phpMyAdmin: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200503-07 phpMyAdmin: Multiple vulnerabilities phpMyAdmin contains several security issues: Maksymilian Arciemowicz has discovered multiple variable injection vulnerabilities that can be exploited through '$cfg' and 'GLOBALS'...

phpMyAdmin: Multiple vulnerabilities

Background phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL databases from a web-browser. Description phpMyAdmin contains several security issues: Maksymilian Arciemowicz has discovered multiple variable injection vulnerabilities that can be exploited through...