CVE-1999-0733

Buffer overflow in VMWare 1.0.1 for Linux via a long HOME environmental variable...

Xi Graphics Accelerated X 4.0.x/5.0 - Local Buffer Overflow

// source: https://www.securityfocus.com/bid/488/info Accelerated-X, also known as Accel-X, is a popular commercial X server available from Xi Graphics. The servers are normally installed setuid root, and contain multiple buffer overflow vulnerabilities. These vulnerabilities were found in the...

IBM AIX 4.2.1 / Sun Solaris 7.0 - LC_MESSAGES libc Buffer Overflow (4)

// source: https://www.securityfocus.com/bid/268/info A buffer overflow in libc's handling of the LCMESSAGES environment variable allows a malicious user to exploit any suid root program linked agains libc to obtain root privileges. This problem is found in both IBM's AIX and Sun Microsystem's...

CVE-1999-0754

The INN inndstart program allows local users to gain privileges by specifying an alternate configuration file using the INNCONF environmental variable...

Oracle 8 - File Access

source: https://www.securityfocus.com/bid/170/info A number of security file access security vulnerabilities in suid programs that are part of Oracle may be exploited to obtain the privileges of the 'oracle' user and full access to the database system. Only the Unix version of Oracle is vulnerabl...

Microsoft IIS 5.0 - IISAPI Extension Enumerate Root Web Server Directory

source: https://www.securityfocus.com/bid/194/info A GET request that specifies a nonexistent file with an IISAPI-registered extension ie .pl, .idq will cause the IIS server to return an error message that includes the full path of the root web server directory. This can happen if the file is...

CVE-1999-1422

The default configuration of Slackware 3.4, and possibly other versions, includes . dot, the current directory in the PATH environmental variable, which could allow local users to create Trojan horse programs that are inadvertently executed by other users...

CVE-1999-0388

DataLynx suGuard trusts the PATH environment variable to execute the ps command, allowing local users to execute commands as root...

CVE-1999-0937

BNBForm allows remote attackers to read arbitrary files via the automessage hidden form variable...

PT-1998-1120 · Bnbform · Bnbform

Name of the Vulnerable Software and Affected Versions: BNBForm affected versions not specified Description: The issue allows remote attackers to read arbitrary files. This is achieved via the automessage hidden form variable. Recommendations: At the moment, there is no information about a newer...

CVE-1999-0782

KDE kppp allows local users to create a directory in an arbitrary location via the HOME environmental variable...

CVE-1999-1107

Buffer overflow in kppp in KDE allows local users to gain root access via a long PATH environmental variable...

CVE-1999-0781

KDE allows local users to execute arbitrary commands by setting the KDEDIR environmental variable to modify the search path that KDE uses to locate its executables...

textcounter.pl 1.2 - Arbitrary Command Execution

source: https://www.securityfocus.com/bid/2265/info textcounter.pl is distributed through Matt's Scripts archive, and provides added features to httpd servers such as counters, guestbooks, and http cookie management. Due to insufficient checking of entered characters, it is possible for a remote...

CVE-1999-1490

xosview 1.5.1 in Red Hat 5.1 allows local users to gain root access via a long HOME environmental variable...

CVE-1999-1096

Buffer overflow in kscreensaver in KDE klock allows local users to gain root privileges via a long HOME environmental variable...

CVE-1999-1040

Vulnerabilities in 1 ipxchk and 2 ipxlink in NetWare Client 1.0 on IRIX 6.3 and 6.4 allows local users to gain root access via a modified IFS environmental variable...

Armidale Software Yapp Conferencing System 2.2 - Local Buffer Overflow

Armidale Software Yapp Conferencing System 2.2 - Local Buffer Overflow // source: https://www.securityfocus.com/bid/365/info Armidale Software's Yapp Conferencing System is vulnerable to an environment variable related buffer overflow vulnerability in at least the Linux version. The consequence o...

Linux libc 5.3.12 (RedHat Linux 4.0 Slackware Linux 3.1) - libc NLSPATH

Linux libc 5.3.12 RedHat Linux 4.0 Slackware Linux 3.1 - libc NLSPATH // source: https://www.securityfocus.com/bid/379/info There is a serious vulnerability in linux libc affecting all Linux distributions using libc 5.2.18 and below. The vulnerability is centered around the NLSPATH environment...

CVE-1999-0192

Buffer overflow in telnet daemon tgetent routing allows remote attackers to gain root access via the TERMCAP environmental variable...