XFree86 4.2 - XLOCALEDIR Local Buffer Overflow (1)

XFree86 4.2 - XLOCALEDIR Local Buffer Overflow 1 // source: https://www.securityfocus.com/bid/7002/info Several XFree86 utilities may be prone to a buffer overflow condition. The vulnerability exists due to insufficient boundary checks performed by these utilities when referencing the XLOCALEDIR...

XFree86 4.2 - 'XLOCALEDIR' Local Buffer Overflow (3)

// source: https://www.securityfocus.com/bid/7002/info Several XFree86 utilities may be prone to a buffer overflow condition. The vulnerability exists due to insufficient boundary checks performed by these utilities when referencing the XLOCALEDIR environment variable. A local attacker can exploi...

XFree86 4.2 - XLOCALEDIR Local Buffer Overflow (2)

XFree86 4.2 - XLOCALEDIR Local Buffer Overflow 2 // source: https://www.securityfocus.com/bid/7002/info Several XFree86 utilities may be prone to a buffer overflow condition. The vulnerability exists due to insufficient boundary checks performed by these utilities when referencing the XLOCALEDIR...

XFree86 4.2 - 'XLOCALEDIR' Local Buffer Overflow (2)

// source: https://www.securityfocus.com/bid/7002/info Several XFree86 utilities may be prone to a buffer overflow condition. The vulnerability exists due to insufficient boundary checks performed by these utilities when referencing the XLOCALEDIR environment variable. A local attacker can exploi...

Platform Load Sharing Facility 4/5/6 - 'EAuth' Local Privilege Escalation

source: https://www.securityfocus.com/bid/9724/info Load Sharing Facility eauth component has been reported prone to privilege escalation vulnerability. The eauth component is responsible for controlling authentication procedures within Load Sharing Facility. An issue has been reported where an...

Platform Load Sharing Facility 456 - EAuth Local Privilege Escalation

Platform Load Sharing Facility 456 - EAuth Local Privilege Escalation source: https://www.securityfocus.com/bid/9724/info Load Sharing Facility eauth component has been reported prone to privilege escalation vulnerability. The eauth component is responsible for controlling authentication procedur...

CVE-2003-0034

Buffer overflow in the mtink status monitor, as included in the printer-drivers package in Mandrake Linux, allows local users to execute arbitrary code via a long HOME environment variable...

MTink 0.9.x - Printer Status Monitor Environment Variable Buffer Overflow

MTink 0.9.x - Printer Status Monitor Environment Variable Buffer Overflow source: https://www.securityfocus.com/bid/6656/info mtink is prone to a locally exploitable buffer overflow condition. This is due to insufficient bounds checking of the HOME environment variable. mtink is reportedly...

MTink 0.9.x - Printer Status Monitor Environment Variable Buffer Overflow

source: https://www.securityfocus.com/bid/6656/info mtink is prone to a locally exploitable buffer overflow condition. This is due to insufficient bounds checking of the HOME environment variable. mtink is reportedly installed setgid 'sys' on Mandrake Linux, so it is possible that this issue may ...

CVE-2002-1617

Multiple buffer overflows in HP Tru64 UNIX 5.x allow local users to execute arbitrary code via 1 a long -contextDir argument to dtaction, 2 a long -p argument to dtprintinfo, 3 a long -customization argument to dxterm, or 4 a long DISPLAY environment variable to dtterm...

CVE-2002-1622

Buffer overflow in certain RPC routines in IBM AIX 4.3 may allow attackers to execute arbitrary code, related to a "variable data type."...

CVE-2002-1709

SQL injection vulnerability in BasiliX Webmail 1.10 allows remote attackers to obtain sensitive information or possibly modify data via the id variable...

CVE-2002-2017

sastcpd in SAS/Base 8.0 allows local users to execute arbitrary code by setting the authprog environment variable to reference a malicious program, which is then executed by sastcpd...

CVE-2002-2200

Benjamin Lefevre Dobermann FORUM 0.5 and earlier allows remote attackers to remotely include and execute malicious PHP files via the "subpath" variablein 1 entete.php, 2 enteteacceuil.php, 3 index.php, or 4 newtopic.php...

CVE-2002-2099

Buffer overflow in the GNU DataDisplay Debugger DDD 3.3.1 allows local users to execute arbitrary code and possibly gain privileges via a long HOME environment variable. NOTE: since DDD is not installed setuid or setgid, perhaps this issue should not be included in CVE...

CVE-2002-1687

Buffer overflow in the diagnostics library in AIX allows local users to "cause data and instructions to be overwritten" via a long DIAGNOSTICS environment variable...

CVE-2002-1757

PHProjekt 2.0 through 3.1 relies on the $PHPSELF variable for authentication, which allows remote attackers to bypass authentication for scripts via a request to a .php file with "sms" in the URL, which is included in the PATHINFO portion of the $PHPSELF variable, as demonstrated using...

CVE-2002-1988

Resin 2.1.1 allows remote attackers to cause a denial of service memory consumption and hang via a URL with long variables for non-existent resources...

CVE-2002-2087

Buffer overflow in Borland InterBase 6.0 allows local users to execute arbitrary code via a long INTERBASE environment variable when calling 1 gdsdrop, 2 gdslockmgr, or 3 gdsinetserver...

CVE-2002-2167

Directory traversal vulnerability in functionfoot1.inc.php for Thorsten Korner 123tkShop before 0.3.1 allows remote attackers to read arbitrary files via .. dot dot sequences terminated by a null character in the $designNo variable, which is part of an "include" function call...