SRT2003-09-11-1200 - setgid man MANPL overflow

The full version of this advisory can be found at. http://www.secnetops.com/research/advisories/SRT2003-09-11-1200.txt Quick Summary: Advisory Number : SRT2003-09-11-1200 Product : Andries Brouwer man Version : Version =1.5m1 Vendor : ftp://ftp.win.tue.nl/pub/linux-local/utils/man Class : Local...

Buffer overflow in man

Buffer overflow on -S key, MANPL variable...

ZH2003-26SA (security advisory): TSguestbook Ver. 2.1 Cross-Site Scripting Vulnerability

ZH2003-26SA security advisory: TSguestbook Ver. 2.1 Cross-Site Scripting Vulnerability Published: 31/08/2003 Released: 31/08/2003 Name: TSguestbook http://www.tsinter.net Affected Systems: All versions Issue: Remote attackers can insect XSS script Author: Trash-80 - [email protected]...

CVE-2003-0609

Stack-based buffer overflow in the runtime linker, ld.so.1, on Solaris 2.6 through 9 allows local users to gain root privileges via a long LDPRELOAD environment variable...

newsPHP 216 - Remote File Inclusion

source: https://www.securityfocus.com/bid/8488/info A file include vulnerability has been reported in the nphpd.php module of newsPHP that may permit an attacker to include and execute malicious script code on a vulnerable host. The issue is reported to exist in the LangFile variable of nphpd.php...

CVE-2003-0649

Buffer overflow in xpcd-svga for xpcd 2.08 and earlier allows local users to execute arbitrary code via a long HOME environment variable...

CVE-2003-0649

Affected product: xpcd (including xpcd-svga) prior to version 2.08. Root cause: buffer overflow in xpcd-svga where a long HOME environment variable is copied into a fixed-size buffer in pcd_open. Impact: local attackers could execute arbitrary code (with the Debian/Mandrake notes indicating poten...

PostNuke Downloads & Web_Links ttitle variable XSS

PostNuke Downloads & WebLinks ttitle variable XSS ------ Product: PostNuke Vendor: PostNuke WWW.POSTNUKE.COM http://www.POSTNUKE.COM Versions Vulnerable: PostNuke Phoenix 0.7.x.x Phoenix 0.7.2.3 with patches in all versions Phoenix 0.7.2.3 without patches in all versions 0.7.2.1 All prior version...

Chatserver - XSS ( push )

PostNuke Downloads & WebLinks ttitle variable XSS ------ Product: PostNuke Vendor: PostNuke WWW.POSTNUKE.COM http://www.POSTNUKE.COM Versions Vulnerable: PostNuke Phoenix 0.7.x.x Phoenix 0.7.2.3 with patches in all versions Phoenix 0.7.2.3 without patches in all versions 0.7.2.1 All prior version...

DEBIAN-CVE-2003-0454

Multiple buffer overflows in xgalaga 2.0.34 and earlier allow local users to gain privileges via a long HOME environment variable...

CVE-2003-0611

Multiple buffer overflows in xtokkaetama 1.0 allow local users to gain privileges via a long 1 -display command line argument or 2 XTOKKAETAMADIR environment variable...

xtokkaetama 1.0b Local Game Exploit (Red Hat 9.0)

Exploit for linux platform in category local exploits ================================================= xtokkaetama 1.0b Local Game Exploit Red Hat 9.0 ================================================= / xtokkaetama 1.0b local game exploit on Red Hat 9.0 Coded by brahma 31/07/2003...

Sun Solaris Runtime Linker buffer overflow

Buffer overflow on LDPRELOAD environment variable parsing...

DSA-354 xconq - buffer overflows

Bulletin has no description...

XBlast 2.6.1 - 'HOME Environment' Local Buffer Overflow

// source: https://www.securityfocus.com/bid/8296/info XBlast is contains a locally exploitable buffer overflow vulnerability due to insufficient bounds checking of data supplied via the HOME environment variable. Successful exploitation would allow a local user to execute code with a gid of game...

XBlast 2.6.1 - HOME Environment Local Buffer Overflow

XBlast 2.6.1 - HOME Environment Local Buffer Overflow // source: https://www.securityfocus.com/bid/8296/info XBlast is contains a locally exploitable buffer overflow vulnerability due to insufficient bounds checking of data supplied via the HOME environment variable. Successful exploitation would...

atomicboard 0.6.2 - Directory Traversal

source: https://www.securityfocus.com/bid/8236/info It has been reported that attackers may be able to modify the 'location' variable passed to the index.php file to cause the Web server to return arbitrary files. This script is prone to a directory traversal vulnerability, allowing attackers to...

Tower Toppler 0.96 - 'HOME Environment' Local Buffer Overflow

// source: https://www.securityfocus.com/bid/8132/info A problem with the software may make elevation of privileges possible. It has been reported that a buffer overflow exists in Tower Toppler. A local user may be able to exploit this issue to execute code with the privileges of the toppler...

CVE-2003-0454

Multiple buffer overflows in xgalaga 2.0.34 and earlier allow local users to gain privileges via a long HOME environment variable...

CVE-2003-0382

Buffer overflow in Eterm 0.9.2 allows local users to gain privileges via a long ETERMPATH environment variable...