CVE-1999-0781

KDE allows local users to execute arbitrary commands by setting the KDEDIR environmental variable to modify the search path that KDE uses to locate its executables...

CVE-1999-0782

KDE kppp is affected by CVE-1999-0782. Local users can create a directory in an arbitrary location by manipulating the HOME environment variable. The core issue is the use of HOME to determine user directories, enabling an attacker with local access to create files/directories outside their inten...

CVE-1999-0782

KDE kppp allows local users to create a directory in an arbitrary location via the HOME environmental variable...

Переполнение буфера в CMD

Тривиальное переполнение буфера при слишком большой переменной окружения...

CVE-2000-0331

Buffer overflow in Microsoft command processor CMD.EXE for Windows NT and Windows 2000 allows a local user to cause a denial of service via a long environment variable, aka the "Malformed Environment Variable" vulnerability...

CVE-1999-0906

The CVE-1999-0906 entry describes a local buffer overflow in sccw that allows escalation to root via the HOME environment variable. The connected KITPLOIT reference mentions an attack example and lists CVE-1999-0906, but none of the provided documents specify the affected product/vendor/version, ...

CVE-1999-0888

The CVE-1999-0888 entry concerns dbsnmp in Oracle Intelligent Agent. Local users can gain privileges by manipulating the ORACLE_HOME environment variable, which dbsnmp uses to locate the nmiconf.tcl script. The vulnerability affects the component responsible for Oracle Agent operations and has a ...

CVE-1999-0906

Buffer overflow in sccw allows local users to gain root access via the HOME environmental variable...

CNC Technology BizDB 1.0 - bizdb-search.cgi Remote Command Execution

CNC Technology BizDB 1.0 - bizdb-search.cgi Remote Command Execution source: https://www.securityfocus.com/bid/1104/info BizDB is a web databse integration product using perl CGI scripts. One of the scripts, bizdb-search.cgi, passes a variable's contents to an unchecked open call and can therefor...

CNC Technology BizDB 1.0 - 'bizdb-search.cgi' Remote Command Execution

source: https://www.securityfocus.com/bid/1104/info BizDB is a web databse integration product using perl CGI scripts. One of the scripts, bizdb-search.cgi, passes a variable's contents to an unchecked open call and can therefore be made to execute commands at the privilege level of the webserver...

CVE-2000-0170

CVE-2000-0170 describes a buffer overflow in the Linux man program triggered by the MANPAGER environment variable, allowing local users to gain privileges. The connected documents reiterate this root cause and the local-privilege impact, but do not provide concrete details on affected product ver...

CVE-2000-0170

Buffer overflow in the man program in Linux allows local users to gain privileges via the MANPAGER environmental variable...

CVE-1999-0964

Buffer overflow in FreeBSD setlocale in the libc module allows attackers to execute arbitrary code via a long PATHLOCALE environment variable...

CVE-1999-0786

The dynamic linker in Solaris allows a local user to create arbitrary files via the LDPROFILE environmental variable and a symlink attack...

CVE-1999-0733

Buffer overflow in VMWare 1.0.1 for Linux via a long HOME environmental variable...

CVE-2000-0230

Buffer overflow in imwheel allows local users to gain root privileges via the imwheel-solo script and a long HOME environmental variable...

Halloween Linux 4.0 / RedHat Linux 6.1/6.2 - 'imwheel' (1)

// source: https://www.securityfocus.com/bid/1060/info A vulnerability exists in the 'imwheel' package for Linux. This package is known to be vulnerable to a buffer overrun in its handling of the HOME environment variable. By supplying a sufficiently long string containing machine executable code...

Halloween Linux 4.0 RedHat Linux 6.16.2 - imwheel (2)

Halloween Linux 4.0 RedHat Linux 6.16.2 - imwheel 2 // source: https://www.securityfocus.com/bid/1060/info A vulnerability exists in the 'imwheel' package for Linux. This package is known to be vulnerable to a buffer overrun in its handling of the HOME environment variable. By supplying a...

Halloween Linux 4.0 RedHat Linux 6.16.2 - imwheel (1)

Halloween Linux 4.0 RedHat Linux 6.16.2 - imwheel 1 // source: https://www.securityfocus.com/bid/1060/info A vulnerability exists in the 'imwheel' package for Linux. This package is known to be vulnerable to a buffer overrun in its handling of the HOME environment variable. By supplying a...

CVE-2000-0170

Buffer overflow in the man program in Linux allows local users to gain privileges via the MANPAGER environmental variable...