A variable injection vulnerability was found in phpMyAdmin, that may allow an attacker to conduct Cross-site scripting (XSS) attacks and / or perform remote file inclusion.

PMASA-2005-1 Announcement-ID: PMASA-2005-1 Date: 2005-02-25 Summary A variable injection vulnerability was found in phpMyAdmin, that may allow an attacker to conduct Cross-site scripting XSS attacks and / or perform remote file inclusion. Description We received two bug reports by Maksymilian...

[SA13981] uim Environment Variable Trust Privilege Escalation

TITLE: uim Environment Variable Trust Privilege Escalation SECUNIA ADVISORY ID: SA13981 VERIFY ADVISORY: http://secunia.com/advisories/13981/ CRITICAL: Less critical IMPACT: Privilege escalation WHERE: Local system SOFTWARE: uim 0.x http://secunia.com/product/4680/ DESCRIPTION: Takumi Asaki has...

CVE-2005-0497

ADP Elite System Max 9000 allows remote authenticated users to gain privileges by uploading a .profile that sets the ADPROOT environment variable to the root directory...

Moderate: Red Hat Security Advisory: squirrelmail security update

An updated Squirrelmail package that fixes several security issues is now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. SquirrelMail is a standards-based webmail package written in PHP4. Jimmy Conner...

GLSA-200502-13 : Perl: Vulnerabilities in perl-suid wrapper

The remote host is affected by the vulnerability described in GLSA-200502-13 Perl: Vulnerabilities in perl-suid wrapper perl-suid scripts honor the PERLIODEBUG environment variable and write to that file with elevated privileges CAN-2005-0155. Furthermore, calling a perl-suid script with a very...

GNU a2ps - Anything to PostScript Not SUID Local Overflow

/ Not added to Local Non Poc section /str0ke / include include include // by lizard / lizstyleatgmail.com // greets go to slider/trog for helpin me // not suid by default ; define VULNTHING "/usr/bin/a2ps" define DEFRET 0xbffffffa - strlensc - strlenVULNTHING define xnullbitch 1100 //im not a asm...

xpcd PhotoCD viewer buffer overflow

Buffer overflow in xpcd-svga on oversized HOME environment variable...

Low: Red Hat Security Advisory: squirrelmail security update

An updated Squirrelmail package that fixes several security issues is now available for Red Hat Enterprise Linux 3. SquirrelMail is a standards-based webmail package written in PHP4. Jimmy Conner discovered a missing variable initialization in Squirrelmail. This flaw could allow potential insecur...

RHEL 3 : squirrelmail (RHSA-2005:135)

An updated Squirrelmail package that fixes several security issues is now available for Red Hat Enterprise Linux 3. SquirrelMail is a standards-based webmail package written in PHP4. Jimmy Conner discovered a missing variable initialization in Squirrelmail. This flaw could allow potential insecur...

CVE-2004-0965

stmkfont in HP-UX B.11.00 through B.11.23 relies on the user-specified PATH when executing certain commands, which allows local users to execute arbitrary code by modifying the PATH environment variable to point to malicious programs...

Important: Red Hat Security Advisory: perl security update

Updated Perl packages that fix several security issues are now available for Red Hat Enterprise Linux 3. Perl is a high-level programming language commonly used for system administration utilities and Web programming. Kevin Finisterre discovered a stack based buffer overflow flaw in sperl, the Pe...

Exim <= 4.42 Local Root Exploit

No description provided by source. !/bin/sh Local Lame R00T sploit for exim = 4.42 by Dark Eagle My First Coding Release In bash Unl0ck Research Team More Effective than C-code. @env.c content: include stdio.h include string.h int mainint argc, char argv char addrptr; addrptr = getenvargv1;...

Exim 4.42 - Local Privilege Escalation

Exim 4.42 - Local Privilege Escalation !/bin/sh Local Lame R00T sploit for exim include int mainint argc, char argv char addrptr; addrptr = getenvargv1; printf"%s @ %p\n", argv1, addrptr; return 0; gcc @env.c -o @env cp @env /usr/bin cd /usr/exim/bin CODE=perl -e 'print...

Exim 4.42 - Local Privilege Escalation

!/bin/sh Local Lame R00T sploit for exim include int mainint argc, char argv char addrptr; addrptr = getenvargv1; printf"%s @ %p\n", argv1, addrptr; return 0; gcc @env.c -o @env cp @env /usr/bin cd /usr/exim/bin CODE=perl -e 'print...

CVE-2004-1391

The CVE-2004-1391 entry concerns the PPPoE daemon (PPPoEd) in QNX RTP 6.1, where an untrusted execution path allows local users to execute arbitrary programs by manipulating the PATH environment variable to reference a malicious mount program. This describes a local-privilege problem rooted in PA...

CVE-2003-1053

Multiple buffer overflows in XShisen allow attackers to execute arbitrary code via a long 1 -KCONV command line option or 2 XSHISENLIB environment variable...

CVE-2003-1053

Multiple buffer overflows in XShisen allow attackers to execute arbitrary code via a long 1 -KCONV command line option or 2 XSHISENLIB environment variable...

CVE-2005-0113

inpview in SGI IRIX allows local users to execute arbitrary commands via the SUNTTSESSIONCMD environment variable, which is executed by inpview without dropping privileges...

[SECURITY] [DSA 642-1] New gallery packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 642-1 [email protected] http://www.debian.org/security/ Martin Schulze January 17th, 2005 http://www.debian.org/security/faq -...

Debian DSA-642-1 : gallery - several vulnerabilities

Several vulnerabilities have been discovered in gallery, a web-based photo album written in PHP4. The Common Vulnerabilities and Exposures project identifies the following vulnerabilities : - CAN-2004-1106 Jim Paris discovered a cross site scripting vulnerability which allows code to be inserted ...