IRIX 6.5.x - '/usr/sbin/dmplay' Local Buffer Overflow

/ source: https://www.securityfocus.com/bid/1528/info Certain versions of IRIX ship with a version of dmplay which is vulnerable to a buffer overflow attack. The program, dmplay, is used to play movie files under IRIX. The problem at hand is the way the program handles the DISPLAY variable for th...

Tech-Source Raptor GFX PGX32 2.3.1 - Config Tool

Tech-Source Raptor GFX PGX32 2.3.1 - Config Tool source: https://www.securityfocus.com/bid/1563/info Raptor GFX cards are designed to handle 24-bit true color applications such as Netscape, seismic, geographical information systems GIS, satellite imaging, pre-press imaging and general desktop use...

IRIX 6.5.x - usrsbindmplay Local Buffer Overflow

IRIX 6.5.x - usrsbindmplay Local Buffer Overflow / source: https://www.securityfocus.com/bid/1528/info Certain versions of IRIX ship with a version of dmplay which is vulnerable to a buffer overflow attack. The program, dmplay, is used to play movie files under IRIX. The problem at hand is the wa...

Tech-Source Raptor GFX PGX32 2.3.1 - Config Tool

source: https://www.securityfocus.com/bid/1563/info Raptor GFX cards are designed to handle 24-bit true color applications such as Netscape, seismic, geographical information systems GIS, satellite imaging, pre-press imaging and general desktop use. They can also be used for high resolution 8-bit...

CVE-2000-0617

Buffer overflow in xconq and cconq game programs on Red Hat Linux allows local users to gain additional privileges via long USER environmental variable...

CVE-2000-0618

Buffer overflow in xconq and cconq game programs on Red Hat Linux allows local users to gain additional privileges via long DISPLAY environmental variable...

Nokia 7110 Wap Browser Hole

Ok, so this may be slighly off topic for this forum, but I though id post it anyway. The nokia 7110 wap browser will happily pass form varibles that were entered once to another site later on in the same session? Not sure how long it stores them for The problem is that the Nokia recognises forms...

CVE-2000-0393

The KDE kscd program does not drop privileges when executing a program specified in a user's SHELL environmental variable, which allows the user to gain privileges by specifying an alternate program to execute...

CVE-1999-0820

FreeBSD seyon allows users to gain privileges via a modified PATH variable for finding the xterm and seyon-emu commands...

CVE-2000-0388

Buffer overflow in FreeBSD libmytinfo library allows local users to execute commands via a long TERMCAP environmental variable...

CVE-1999-0820

The CVE-1999-0820 issue affects FreeBSD seyon, where a user can gain privileges by manipulating the PATH environment variable to influence the search order for the xterm and seyon-emu commands. Root cause is PATH-based command resolution allowing local privilege escalation. The available document...

CVE-2000-0331

CVE-2000-0331 affects Microsoft CMD.EXE on Windows NT and Windows 2000. The vulnerability is a buffer overflow caused by a long environment variable, enabling a local user to cause a denial of service. The available documents provide the root cause and impact but do not specify a remediation or p...

CVE-2000-0331

Buffer overflow in Microsoft command processor CMD.EXE for Windows NT and Windows 2000 allows a local user to cause a denial of service via a long environment variable, aka the "Malformed Environment Variable" vulnerability...

Еще дырки в Big Brother

С помощью переменной HOSTSVC можно получить доступ к любому файлу: http://www.bb4.com/cgi-bin/bb-hostsvc.sh?HOSTSVC=/../../../../../../../../etc/passwd...

CGI-World Poll It 2.0 - Internal Variable Override

CGI-World Poll It 2.0 - Internal Variable Override source: https://www.securityfocus.com/bid/1431/info Poll It is a Perl CGI application used to create and maintain opinion polls on websites. The program relies on a number of internal variables. These variables can be overwritten by any remote us...

CGI-World Poll It 2.0 - Internal Variable Override

source: https://www.securityfocus.com/bid/1431/info Poll It is a Perl CGI application used to create and maintain opinion polls on websites. The program relies on a number of internal variables. These variables can be overwritten by any remote user by specifying the new value as a variable in the...

IRIX 5.25.36.x - TelnetD Environment Variable Format String

IRIX 5.25.36.x - TelnetD Environment Variable Format String // source: https://www.securityfocus.com/bid/1572/info A vulnerability exists in the telnet daemon shipped with Irix versions 6.2 through 6.5.8, and in patched versions of the telnet daemon in Irix 5.2 through 6.1, from Silicon Graphics...

CVE-2000-0617

Buffer overflow in xconq and cconq game programs on Red Hat Linux allows local users to gain additional privileges via long USER environmental variable...

CVE-2000-0618

Buffer overflow in xconq and cconq game programs on Red Hat Linux allows local users to gain additional privileges via long DISPLAY environmental variable...

Дырка в BRU Backup

имя лог-файла определяется переменной среды окружения $ BRUEXECLOG=/etc/passwd, что позволяет переписать любой файл в системе, т.к. приложение suid root...