PT-1999-1476 · Unknown · Classifieds.Cgi

Name of the Vulnerable Software and Affected Versions: classifieds.cgi affected versions not specified Description: The issue allows remote attackers to execute arbitrary commands by specifying them in a hidden variable in a CGI form. This can be done through the classifieds.cgi script...

CVE-1999-0820

FreeBSD seyon allows users to gain privileges via a modified PATH variable for finding the xterm and seyon-emu commands...

netscape.4.x.java.txt

Netscape 4.x javascript security flaw Versions tested: Windows98/Netscape4.7,Windows95/Netscape4.05 Description: Credits to Henri Torgemane Netscape has a "persistent" navigator object, which means that any data put in the window.navigator object will be accessible to every other window as long a...

pine.420.txt

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I reported the vulnerability below to the Pine team on Oct 21, when 4.20 was current. 4.21 which I just noticed on freshmeat seems to fix the problem even though it's not mentioned in the release notes. Since it's not, I thought some disclosure was in...

CVE-1999-0818

Buffer overflow in Solaris kcmsconfigure via a long NETPATH environmental variable...

CVE-1999-0863

Buffer overflow in FreeBSD seyon via HOME environmental variable, -emulator argument, -modems argument, or the GUI...

PT-1999-1416 · Freebsd · Freebsd Seyon

Name of the Vulnerable Software and Affected Versions: FreeBSD seyon affected versions not specified Description: The issue is related to a buffer overflow in FreeBSD seyon, which can be triggered via the HOME environmental variable, -emulator argument, -modems argument, or the GUI...

HP HP-UX 10.20/11.0 / IBM AIX 4.3 / SCO Unixware 7.0 / Sun Solaris 2.6 - Change File Permission

source: https://www.securityfocus.com/bid/131/info Due to improper checking of ownership, the dtappgather utility shipped with the Common Desktop Environment allows arbitrary users to overwrite any file present on the filesystem, regardless of the owner of the file. dtappgather uses a directory o...

HP HP-UX 10.2011.0 IBM AIX 4.3 SCO Unixware 7.0 Sun Solaris 2.6 - Change File Permission

HP HP-UX 10.2011.0 IBM AIX 4.3 SCO Unixware 7.0 Sun Solaris 2.6 - Change File Permission source: https://www.securityfocus.com/bid/131/info Due to improper checking of ownership, the dtappgather utility shipped with the Common Desktop Environment allows arbitrary users to overwrite any file prese...

CVE-1999-0942

UnixWare dos7utils allows a local user to gain root privileges by using the STATICMERGE environmental variable to find a script which it executes...

CVE-1999-0192

Buffer overflow in telnet daemon tgetent routing allows remote attackers to gain root access via the TERMCAP environmental variable...

CVE-1999-0046

The CVE-1999-0046 entry documents a buffer overflow in the rlogin program triggered by the TERM environment variable. Red Hat/NVD entries confirm a buffer overflow affecting rlogin; no specific vulnerable versions or patches are provided in the supplied sources. Exploitation details, affected pro...

CVE-1999-0046

Buffer overflow of rlogin program using TERM environmental variable...

CVE-1999-0388

DataLynx suGuard trusts the PATH environment variable to execute the ps command, allowing local users to execute commands as root...

CVE-1999-0388

DataLynx suGuard (DataLynx) is affected: it trusts the PATH environment variable to execute the ps command, enabling a local user to run commands with root privileges. Root cause: use of PATH for command execution without proper validation. Impact: local privilege escalation to root as described ...

SuSE_overflow_exploit.txt

Greetings, My last post regarding a sccw exploit simply allowed any user to read any file on the system but, of course, didn't yield any instant root. A much more serious problem now exists in the form of a HOME environment variable buffer overflow. If you hadn't removed the s-bit before, now is...

Knox Arkeia 4.0 Backup - Local Overflow

/ source: https://www.securityfocus.com/bid/661/info Knox Software Arkeia 4.0 Backup rnavc & nlserverd HOME Environment Variable Buffer Overflow A local buffer overflow in the handling of the HOME environment variable by the rlserver and rnavc binaries that are part of the Knox Software Arkiea...

Knox Arkeia 4.0 Backup - Local Overflow

Knox Arkeia 4.0 Backup - Local Overflow / source: https://www.securityfocus.com/bid/661/info Knox Software Arkeia 4.0 Backup rnavc & nlserverd HOME Environment Variable Buffer Overflow A local buffer overflow in the handling of the HOME environment variable by the rlserver and rnavc binaries that...

CVE-1999-0906

Buffer overflow in sccw allows local users to gain root access via the HOME environmental variable...

SuSE Linux 6.2 sscw - HOME Environment Variable Buffer Overflow

SuSE Linux 6.2 sscw - HOME Environment Variable Buffer Overflow source: https://www.securityfocus.com/bid/656/info A buffer overflow vulnerability in sscw's handling of the HOME environment variable allows local users to gain root privileges. !/bin/bash Linux x86 exploit for /usr/bin/sccw on SuSE...