XFree86 4.2 XLOCALEDIR Local Buffer Overflow Vulnerability (4)

No description provided by source. source: http://www.securityfocus.com/bid/7002/info Several XFree86 utilities may be prone to a buffer overflow condition. The vulnerability exists due to insufficient boundary checks performed by these utilities when referencing the XLOCALEDIR environment...

HP Tru64 NLSPATH Environment Variable Local Buffer Overflow Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/5647/info Tru64 is a commercially available UNIX operating system. Tru64 was originally developed by Digital and is now distributed and maintained by HP. A buffer overflow has been discovered in a number of Tru64 binaries...

kpopup 0.9.x Privileged Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8915/info It has been alleged that it is possible for local attackers to gain root privileges through kpopup, which is is installed setuid root by default. According to the report, kpopup uses the system3 C-library functi...

Tower Toppler 0.96 HOME Environment Variable Local Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8132/info A problem with the software may make elevation of privileges possible. It has been reported that a buffer overflow exists in Tower Toppler. A local user may be able to exploit this issue to execute code with the...

RedHat restore 0.4 b15 Insecure Environment Variables Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1914/info restore is a program for backup and recovery procedures, distributed with the RedHat Linux Operating System. A vulnerability exists that could allow a user elevated permissions. The problem occurs in the RSH...

LGames LBreakout2 2.2.2 - Multiple Environment Variable Buffer Overflow Vulnerabilites

No description provided by source. source: http://www.securityfocus.com/bid/9712/info Multiple buffer overflow vulnerabilities exist in the environment variable handling of LBreakout2. The issue is due to an insufficient boundary checking of certain environment variables used by the affected...

BIGACE 2.4 - Multiple Remote File Inclusion Vulnerabilities

No description provided by source. / \ @ /|\ /|\ |-| / | \ /|/\ / | \ @ | |--------------------/--|-voV---|'/--Vov-|-----------------------|-| |-| '^ o o '^ | | | | \Y/' |-| |-| | | | | -=ShAd0w-CrEw=- |-| |-| | | | | |-| ||| | @ l /\ / \ /\ l |-| l / V \ \ V \ l @ l/ \I \ /'...

nuseo php enterprise 1.6 - Remote File Inclusion Vulnerability

No description provided by source. Vulnerability Type: Remote File Inclusion Vulnerable file: /NuSEO PHP Enterprise.v1.6 Nulled by DGT/NuSEO.PHP.Enterprise.v1.6.PHP.NULL-DGT/nuseo/admin/nuseoadmind.php Exploit URL:...

phpBB Module NoMoKeTos Rules 0.0.1 - Remote File Include Exploit

No description provided by source. !/usr/bin/perl phpBB Module NoMoKeTos Rules 0.0.1 Remote File Include Exploit Coded by bd0rk || SOH-Crew Usage: exploit.pl target cmd shell shell variable Greetings: str0ke, TheJT, Kacper, Lu7k, Maik Vulnerable Code: includeonce$phpbbrootpath...

Roxio Toast 7 DejaVu Component PATH Variable Local Privilege Escalation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/19596/info Roxio Toast is prone to a local privilege-escalation vulnerability because it fails to properly sanitize user-supplied input. As a result, local users may set their own search path for external applications tha...

BRU 15.1/16.0 BRUEXECLOG Environment Variable Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1321/info A vulnerability exists in BRU, the Backup and Restore Utility, from Enhanced Software Technologies. By setting the value of the BRUEXECLOG environment variable, it is possible to an attack to alter and create...

IRIX 6.5.x dmplay Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1528/info Certain versions of IRIX ship with a version of dmplay which is vulnerable to a buffer overflow attack. The program, dmplay, is used to play movie files under IRIX. The problem at hand is the way the program...

PHPDocumentor 1.2/1.3 Forum Lib Variable Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/16101/info phpDocumentor is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary...

MTink 0.9.x Printer Status Monitor Environment Variable Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6656/info mtink is prone to a locally exploitable buffer overflow condition. This is due to insufficient bounds checking of the HOME environment variable. mtink is reportedly installed setgid 'sys' on Mandrake Linux, so i...

Gitweb <= 1.7.3.3 - Cross Site Scripting

No description provided by source. -8 Description 8- Cross-site scripting XSS vulnerability in Gitweb 1.7.3.3 and previous versions allows remote attackers to inject arbitrary web script or HTML code via f and fp variables. -8 Proof Of Concept 8-...

php live helper <= 2.0.1 - Multiple Vulnerabilities

No description provided by source. GulfTech Security Research August 16, 2008 Vendor : Turnkey Web Tools, Inc URL : http://www.turnkeywebtools.com Version : PHP Live Helper = 2.0.1 Risk : Multiple Vulnerabilities Description: PHP Live Helper is an online support system written in php that allows...

Suidperl 5.00503 Mail Shell Escape Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/1547/info The interaction between some security checks performed by suidperl, the setuid version of perl, and the /bin/mail program creates a scenario that allows local malicious users to execute commands with root...

Gallery 1.3.x/1.4 - Remote Global Variable Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9490/info It has been reported that Gallery is prone to a vulnerability that may allow a remote attacker to gain unauthorized access by overwriting various values for global variables. The issue occurs due to improper...

Appfluent Database IDS < 2.1.0.103 (Env Variable) Local Exploit

No description provided by source...

Sudo 1.6.x Environment Variable Handling Security Bypass Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/16184/info Sudo is prone to a security-bypass vulnerability that could lead to arbitrary code execution. This issue is due to an error in the application when handling environment variables. A local attacker with the...