CVE-2004-0428

Unknown vulnerability in CoreFoundation in Mac OS X 10.3.3 and Mac OS X 10.3.3 Server, related to "the handling of an environment variable," has unknown attack vectors and unknown impact...

CVE-2004-0428

CVE-2004-0428 affects CoreFoundation on Mac OS X 10.3.3 and Mac OS X 10.3.3 Server, tied to the handling of an environment variable. Attack vectors and impact are unknown in the provided documents; no remediation details are present in the supplied sources.

CVE-2004-1033

Fcron 2.0.1, 2.9.4, and possibly earlier versions leak file descriptors of open files, which allows local users to bypass access restrictions and read fcron.allow and fcron.deny via the EDITOR environment variable...

uim: Privilege escalation vulnerability

Background uim is a simple, secure and flexible input method library. Description Takumi Asaki discovered that uim insufficiently checks environment variables. setuid/setgid applications linked against libuim could end up executing arbitrary code. This vulnerability only affects immodule-enabled ...

A variable injection vulnerability was found in phpMyAdmin, that may allow an attacker to conduct Cross-site scripting (XSS) attacks and / or perform remote file inclusion.

PMASA-2005-1 Announcement-ID: PMASA-2005-1 Date: 2005-02-25 Summary A variable injection vulnerability was found in phpMyAdmin, that may allow an attacker to conduct Cross-site scripting XSS attacks and / or perform remote file inclusion. Description We received two bug reports by Maksymilian...

[SA13981] uim Environment Variable Trust Privilege Escalation

TITLE: uim Environment Variable Trust Privilege Escalation SECUNIA ADVISORY ID: SA13981 VERIFY ADVISORY: http://secunia.com/advisories/13981/ CRITICAL: Less critical IMPACT: Privilege escalation WHERE: Local system SOFTWARE: uim 0.x http://secunia.com/product/4680/ DESCRIPTION: Takumi Asaki has...

CVE-2005-0497

ADP Elite System Max 9000 allows remote authenticated users to gain privileges by uploading a .profile that sets the ADPROOT environment variable to the root directory...

Moderate: Red Hat Security Advisory: squirrelmail security update

An updated Squirrelmail package that fixes several security issues is now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. SquirrelMail is a standards-based webmail package written in PHP4. Jimmy Conner...

GLSA-200502-13 : Perl: Vulnerabilities in perl-suid wrapper

The remote host is affected by the vulnerability described in GLSA-200502-13 Perl: Vulnerabilities in perl-suid wrapper perl-suid scripts honor the PERLIODEBUG environment variable and write to that file with elevated privileges CAN-2005-0155. Furthermore, calling a perl-suid script with a very...

GNU a2ps - Anything to PostScript Not SUID Local Overflow

/ Not added to Local Non Poc section /str0ke / include include include // by lizard / lizstyleatgmail.com // greets go to slider/trog for helpin me // not suid by default ; define VULNTHING "/usr/bin/a2ps" define DEFRET 0xbffffffa - strlensc - strlenVULNTHING define xnullbitch 1100 //im not a asm...

xpcd PhotoCD viewer buffer overflow

Buffer overflow in xpcd-svga on oversized HOME environment variable...

Low: Red Hat Security Advisory: squirrelmail security update

An updated Squirrelmail package that fixes several security issues is now available for Red Hat Enterprise Linux 3. SquirrelMail is a standards-based webmail package written in PHP4. Jimmy Conner discovered a missing variable initialization in Squirrelmail. This flaw could allow potential insecur...

RHEL 3 : squirrelmail (RHSA-2005:135)

An updated Squirrelmail package that fixes several security issues is now available for Red Hat Enterprise Linux 3. SquirrelMail is a standards-based webmail package written in PHP4. Jimmy Conner discovered a missing variable initialization in Squirrelmail. This flaw could allow potential insecur...

CVE-2004-0965

stmkfont in HP-UX B.11.00 through B.11.23 relies on the user-specified PATH when executing certain commands, which allows local users to execute arbitrary code by modifying the PATH environment variable to point to malicious programs...

Important: Red Hat Security Advisory: perl security update

Updated Perl packages that fix several security issues are now available for Red Hat Enterprise Linux 3. Perl is a high-level programming language commonly used for system administration utilities and Web programming. Kevin Finisterre discovered a stack based buffer overflow flaw in sperl, the Pe...

Exim <= 4.42 Local Root Exploit

No description provided by source. !/bin/sh Local Lame R00T sploit for exim = 4.42 by Dark Eagle My First Coding Release In bash Unl0ck Research Team More Effective than C-code. @env.c content: include stdio.h include string.h int mainint argc, char argv char addrptr; addrptr = getenvargv1;...

Exim 4.42 - Local Privilege Escalation

Exim 4.42 - Local Privilege Escalation !/bin/sh Local Lame R00T sploit for exim include int mainint argc, char argv char addrptr; addrptr = getenvargv1; printf"%s @ %p\n", argv1, addrptr; return 0; gcc @env.c -o @env cp @env /usr/bin cd /usr/exim/bin CODE=perl -e 'print...

Exim 4.42 - Local Privilege Escalation

!/bin/sh Local Lame R00T sploit for exim include int mainint argc, char argv char addrptr; addrptr = getenvargv1; printf"%s @ %p\n", argv1, addrptr; return 0; gcc @env.c -o @env cp @env /usr/bin cd /usr/exim/bin CODE=perl -e 'print...

CVE-2004-1391

The CVE-2004-1391 entry concerns the PPPoE daemon (PPPoEd) in QNX RTP 6.1, where an untrusted execution path allows local users to execute arbitrary programs by manipulating the PATH environment variable to reference a malicious mount program. This describes a local-privilege problem rooted in PA...

CVE-2003-1053

Multiple buffer overflows in XShisen allow attackers to execute arbitrary code via a long 1 -KCONV command line option or 2 XSHISENLIB environment variable...