Linuxconf 1.1.x1.2.x - Local Environment Variable Buffer Overflow (3)

Linuxconf 1.1.x1.2.x - Local Environment Variable Buffer Overflow 3 source: https://www.securityfocus.com/bid/5585/info Linuxconf is a Linux configuration utility from Solucorp. It is typically installed as a setuid root utility for the management and configuration of Linux operating systems. A...

Linuxconf 1.1.x1.2.x - Local Environment Variable Buffer Overflow (1)

Linuxconf 1.1.x1.2.x - Local Environment Variable Buffer Overflow 1 // source: https://www.securityfocus.com/bid/5585/info Linuxconf is a Linux configuration utility from Solucorp. It is typically installed as a setuid root utility for the management and configuration of Linux operating systems. ...

Linuxconf 1.1.x/1.2.x - Local Environment Variable Buffer Overflow (3)

source: https://www.securityfocus.com/bid/5585/info Linuxconf is a Linux configuration utility from Solucorp. It is typically installed as a setuid root utility for the management and configuration of Linux operating systems. A buffer overflow vulnerability has been reported for Linuxconf. The...

Basilix Webmail basilix.php3 request_id[DUMMY] Variable Traversal Arbitrary File Access

The script 'basilix.php3' is installed on the remote web server. Some versions of this webmail software allow the users to read any file on the system with the permission of the webmail software, and execute any PHP. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. References: From: "karol "...

qmailadmin SUID buffer overflow

qmailadmin is not part of qmail. It's from http://inter7.com/qmailadmin/ and I guess you can download from there and play with it, although the versions I am using were built from the FreeBSD ports tree and also from a Linux RPM I grabbed from:...

qmailadmin 1.0.x - Local Buffer Overflow

/ source: https://www.securityfocus.com/bid/5404/info The qmailadmin utility, developed by Inter7, is vulnerable to a buffer overflow condition. It is meant to run as a CGI program and is typically installed setuid owned by root on some systems, regular users on others. qmailadmin fails to...

Novell GroupWise 6.0.1 Support Pack 1 Bufferoverflow

----------------------------------------------------------------------- Title: Novell GroupWise 6.0.1 Support Pack 1 Bufferoverflow Author: Marco van Berkum Classification: High risk Date: 25/07/2002 Email: [email protected] Company: OBIT Company site: http://www.obit.nl Personal website:...

HP Tru64 - NLSPATH Environment Variable Local Buffer Overflow (1)

source: https://www.securityfocus.com/bid/5647/info Tru64 is a commercially available UNIX operating system. Tru64 was originally developed by Digital and is now distributed and maintained by HP. A buffer overflow has been discovered in a number of Tru64 binaries. Attackers may exploit this via a...

HP Tru64 - NLSPATH Environment Variable Local Buffer Overflow (1)

HP Tru64 - NLSPATH Environment Variable Local Buffer Overflow 1 source: https://www.securityfocus.com/bid/5647/info Tru64 is a commercially available UNIX operating system. Tru64 was originally developed by Digital and is now distributed and maintained by HP. A buffer overflow has been discovered...

CVE-2002-0143

Buffer overflow in Eterm of Enlightenment Imlib2 1.0.4 and earlier allows local users to execute arbitrary code via a long HOME environment variable...

CVE-2000-0976

Buffer overflow in xlib in XFree 3.3.x possibly allows local users to execute arbitrary commands via a long DISPLAY environment variable or a -display command line parameter...

CVE-2001-1234

CVE-2001-1234 affects Bharat Mediratta’s Gallery PHP script (versions before 1.2.1). A remote file inclusion flaw in the includedir parameter allows an attacker to include arbitrary remote files, enabling remote code execution with the web server’s privileges. The issue is documented by a Nessus ...

CVE-2002-0043

This CVE affects sudo versions 1.6.0–1.6.3p7. The issue is that sudo does not properly clear the environment before calling the mail program, allowing a local user to gain root privileges by manipulating environment variables and how the mail program is invoked. Documented impact is local privile...

Another flaw in Apache?

Hello. While playing with the SetEnv directive with Apache, I noticed that httpd processes are dying with a signal 11 if the data stored in an environment variable was too long. I simply triggered the bug by creating a .htaccess file so a regular user can do it with : SetEnv DATELOCALE "..." The...

QNX RTOS 6.1 - usrphotonbinphlocale Environment Variable Buffer Overflow

QNX RTOS 6.1 - usrphotonbinphlocale Environment Variable Buffer Overflow / source: https://www.securityfocus.com/bid/4917/info The QNX phlocale utility is prone to an exploitable buffer overflow condition. This is due to insufficient bounds checking of the ABLANG environment variable. Exploitatio...

IBM Informix SE 7.25 sqlexec - Local Buffer Overflow (2)

IBM Informix SE 7.25 sqlexec - Local Buffer Overflow 2 source: https://www.securityfocus.com/bid/4891/info Informix is an enterprise database distributed and maintained by IBM. A buffer overflow vulnerability has been reported for Informix-SE for Linux. The overflow is due to an unbounded string...

MIT PGP Public Key Server 0.9.2/0.9.4 - Search String Remote Buffer Overflow

source: https://www.securityfocus.com/bid/4828/info The PGP Public Key Server is a freely available, open source software package distributed by MIT. It is designed for use on Linux and Unix operating systems. The PGP Public Key Server does not properly handle long search strings. Under some...

id Software Quake II Server 3.203.21 - Remote Information Disclosure

id Software Quake II Server 3.203.21 - Remote Information Disclosure source: https://www.securityfocus.com/bid/4744/info Quake II is a multiplayer game released by id Software. The source code has been made publically available, and versions are available for Windows and Linux. A vulnerability ha...

XMB Forum 1.6 - Magic Lantern Log File

XMB Forum 1.6 - Magic Lantern Log File source: https://www.securityfocus.com/bid/4722/info XMB Forum 1.6 Magic Lantern allows remote users to conduct activities in the forum while bypassing normal logging functions. This is accomplished by submitting an arbitrary string as the "analized" variable...

eSecurityOnline Security Advisory 2397 - Sun Solaris admintool -d and PRODVERS buffer overflow vulnerabilities

eSO Security Advisory: 2397 Discovery Date: March 28, 2000 ID: eSO:2397 Title: Sun Solaris admintool -d and PRODVERS buffer overflow vulnerabilities Impact: Local attackers can gain root privileges Affected Technology: Solaris 2.5, 2.5.1, 2.6, 7, 8 SPARC and x86 Vendor Status: Patches are availab...