HP Tru64 - NLSPATH Environment Variable Local Buffer Overflow (2)

source: https://www.securityfocus.com/bid/5647/info Tru64 is a commercially available UNIX operating system. Tru64 was originally developed by Digital and is now distributed and maintained by HP. A buffer overflow has been discovered in a number of Tru64 binaries. Attackers may exploit this via a...

Linuxconf 1.1.x/1.2.x - Local Environment Variable Buffer Overflow (2)

// source: https://www.securityfocus.com/bid/5585/info Linuxconf is a Linux configuration utility from Solucorp. It is typically installed as a setuid root utility for the management and configuration of Linux operating systems. A buffer overflow vulnerability has been reported for Linuxconf. The...

Buffer overflow in linuxconf

Buffer overflow in environment variable parsing...

Linuxconf 1.1.x/1.2.x - Local Environment Variable Buffer Overflow (1)

// source: https://www.securityfocus.com/bid/5585/info Linuxconf is a Linux configuration utility from Solucorp. It is typically installed as a setuid root utility for the management and configuration of Linux operating systems. A buffer overflow vulnerability has been reported for Linuxconf. The...

Linuxconf 1.1.x1.2.x - Local Environment Variable Buffer Overflow (2)

Linuxconf 1.1.x1.2.x - Local Environment Variable Buffer Overflow 2 // source: https://www.securityfocus.com/bid/5585/info Linuxconf is a Linux configuration utility from Solucorp. It is typically installed as a setuid root utility for the management and configuration of Linux operating systems. ...

Linuxconf 1.1.x1.2.x - Local Environment Variable Buffer Overflow (3)

Linuxconf 1.1.x1.2.x - Local Environment Variable Buffer Overflow 3 source: https://www.securityfocus.com/bid/5585/info Linuxconf is a Linux configuration utility from Solucorp. It is typically installed as a setuid root utility for the management and configuration of Linux operating systems. A...

Linuxconf 1.1.x1.2.x - Local Environment Variable Buffer Overflow (1)

Linuxconf 1.1.x1.2.x - Local Environment Variable Buffer Overflow 1 // source: https://www.securityfocus.com/bid/5585/info Linuxconf is a Linux configuration utility from Solucorp. It is typically installed as a setuid root utility for the management and configuration of Linux operating systems. ...

Linuxconf 1.1.x/1.2.x - Local Environment Variable Buffer Overflow (3)

source: https://www.securityfocus.com/bid/5585/info Linuxconf is a Linux configuration utility from Solucorp. It is typically installed as a setuid root utility for the management and configuration of Linux operating systems. A buffer overflow vulnerability has been reported for Linuxconf. The...

Basilix Webmail basilix.php3 request_id[DUMMY] Variable Traversal Arbitrary File Access

The script 'basilix.php3' is installed on the remote web server. Some versions of this webmail software allow the users to read any file on the system with the permission of the webmail software, and execute any PHP. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. References: From: "karol "...

qmailadmin SUID buffer overflow

qmailadmin is not part of qmail. It's from http://inter7.com/qmailadmin/ and I guess you can download from there and play with it, although the versions I am using were built from the FreeBSD ports tree and also from a Linux RPM I grabbed from:...

qmailadmin 1.0.x - Local Buffer Overflow

/ source: https://www.securityfocus.com/bid/5404/info The qmailadmin utility, developed by Inter7, is vulnerable to a buffer overflow condition. It is meant to run as a CGI program and is typically installed setuid owned by root on some systems, regular users on others. qmailadmin fails to...

Novell GroupWise 6.0.1 Support Pack 1 Bufferoverflow

----------------------------------------------------------------------- Title: Novell GroupWise 6.0.1 Support Pack 1 Bufferoverflow Author: Marco van Berkum Classification: High risk Date: 25/07/2002 Email: [email protected] Company: OBIT Company site: http://www.obit.nl Personal website:...

HP Tru64 - NLSPATH Environment Variable Local Buffer Overflow (1)

source: https://www.securityfocus.com/bid/5647/info Tru64 is a commercially available UNIX operating system. Tru64 was originally developed by Digital and is now distributed and maintained by HP. A buffer overflow has been discovered in a number of Tru64 binaries. Attackers may exploit this via a...

HP Tru64 - NLSPATH Environment Variable Local Buffer Overflow (1)

HP Tru64 - NLSPATH Environment Variable Local Buffer Overflow 1 source: https://www.securityfocus.com/bid/5647/info Tru64 is a commercially available UNIX operating system. Tru64 was originally developed by Digital and is now distributed and maintained by HP. A buffer overflow has been discovered...

CVE-2002-0143

Buffer overflow in Eterm of Enlightenment Imlib2 1.0.4 and earlier allows local users to execute arbitrary code via a long HOME environment variable...

CVE-2000-0976

Buffer overflow in xlib in XFree 3.3.x possibly allows local users to execute arbitrary commands via a long DISPLAY environment variable or a -display command line parameter...

CVE-2001-1234

CVE-2001-1234 affects Bharat Mediratta’s Gallery PHP script (versions before 1.2.1). A remote file inclusion flaw in the includedir parameter allows an attacker to include arbitrary remote files, enabling remote code execution with the web server’s privileges. The issue is documented by a Nessus ...

CVE-2002-0043

This CVE affects sudo versions 1.6.0–1.6.3p7. The issue is that sudo does not properly clear the environment before calling the mail program, allowing a local user to gain root privileges by manipulating environment variables and how the mail program is invoked. Documented impact is local privile...

Another flaw in Apache?

Hello. While playing with the SetEnv directive with Apache, I noticed that httpd processes are dying with a signal 11 if the data stored in an environment variable was too long. I simply triggered the bug by creating a .htaccess file so a regular user can do it with : SetEnv DATELOCALE "..." The...

QNX RTOS 6.1 - usrphotonbinphlocale Environment Variable Buffer Overflow

QNX RTOS 6.1 - usrphotonbinphlocale Environment Variable Buffer Overflow / source: https://www.securityfocus.com/bid/4917/info The QNX phlocale utility is prone to an exploitable buffer overflow condition. This is due to insufficient bounds checking of the ABLANG environment variable. Exploitatio...