Rational ClearCase 3.24.x - DB Loader TERM Environment Variable Buffer Overflow

Rational ClearCase 3.24.x - DB Loader TERM Environment Variable Buffer Overflow // source: https://www.securityfocus.com/bid/3523/info ClearCase is a commercially available software change management package. It is maintained and distributed by Rational. A problem with the package could lead to a...

Переполнение буфера в ClearCase db_loader (buffer overflow)

Переполнение буфера при длинной переменной окружения TERM...

Rational ClearCase 3.2/4.x - DB Loader TERM Environment Variable Buffer Overflow

// source: https://www.securityfocus.com/bid/3523/info ClearCase is a commercially available software change management package. It is maintained and distributed by Rational. A problem with the package could lead to a local user gaining elevated privileges. The problem is in the handling of...

CVE-2001-0535

Example applications Exampleapps in ColdFusion Server 4.x do not properly restrict prevent access from outside the local host's domain, which allows remote attackers to conduct upload, read, or execute files by spoofing the "HTTP Host" CGI.Host variable in 1 the "Web Publish" example script, and ...

CVE-2001-1051

Dark Hart Portal darkportal PHP script allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable...

CVE-1999-1184

CVE-1999-1184 describes a buffer overflow in Elm 2.4 and earlier, allowing local users to gain privileges via a long TERM environment variable. Affected: Elm 2.4 and earlier. Impact per CVSS: partial confidentiality, integrity and availability with local, low complexity, no authentication require...

CVE-1999-1107

The CVE-1999-1107 entry describes a local buffer overflow in KDE’s kppp, triggered by a long PATH environment variable, enabling local users to gain root access. The affected component is kppp within KDE; the underlying cause is a buffer overflow related to PATH handling. The provided references ...

CVE-1999-1040

Vulnerabilities in 1 ipxchk and 2 ipxlink in NetWare Client 1.0 on IRIX 6.3 and 6.4 allows local users to gain root access via a modified IFS environmental variable...

CVE-1999-1422

The CVE-1999-1422 entry concerns Slackware 3.4 (and possibly other versions) where the PATH environment variable may include the current directory (.) by default. This enables local users to create Trojan horse programs that could be inadvertently executed by other users, due to execution precede...

CVE-1999-1038

Tiger 2.2.3 is affected by a local privilege issue where an attacker can overwrite arbitrary files via a symlink attack on temporary files in Tiger’s default working directory (WORKDIR). The root cause is a symlink vulnerability in how temporary files are handled, enabling local users to achieve ...

CVE-1999-1483

Buffer overflow in zgv in svgalib 1.2.10 and earlier allows local users to execute arbitrary code via a long HOME environment variable...

CVE-1999-1107

Buffer overflow in kppp in KDE allows local users to gain root access via a long PATH environmental variable...

CVE-1999-1501

1 ipxchk and 2 ipxlink in SGI OS2 IRIX 6.3 does not properly clear the IFS environmental variable before executing system calls, which allows local users to execute arbitrary commands...

CVE-1999-1461

The CVE-1999-1461 issue affects IRIX 5.3–6.5.10 where inpview trusts the PATH env var to locate and execute ttsession. A local user can modify PATH to point to a Trojan horse ttsession, enabling privilege escalation to root. The root cause is PATH-based resolution of ttsession, leading to arbitra...

CVE-1999-1184

Buffer overflow in Elm 2.4 and earlier allows local users to gain privileges via a long TERM environmental variable...

CVE-1999-1399

spaceball program in SpaceWare 7.3 v1.0 in IRIX 6.2 allows local users to gain root privileges by setting the HOSTNAME environmental variable to contain the commands to be executed...

CVE-1999-1534

CVE-1999-1534 affects Knox Arkeia Backup Server (backup product) with a local buffer overflow in nlservd and rnavc, exploitable via a long HOME environment variable to obtain root privileges. Descriptions across sources consistently indicate local access and root compromise; no concrete remediati...

CVE-1999-1296

Buffer overflow in Kerberos IV compatibility libraries as used in Kerberos V allows local users to gain root privileges via a long line in a kerberos configuration file, which can be specified via the KRBCONF environmental variable...

CVE-1999-1232

Untrusted search path vulnerability in day5datacopier in SGI IRIX 6.2 allows local users to execute arbitrary commands via a modified PATH environment variable that points to a malicious cp program...

CVE-2001-0943

dbsnmp in Oracle 8.0.5 and 8.1.5, under certain conditions, trusts the PATH environment variable to find and execute the 1 chown or 2 chgrp commands, which allows local users to execute arbitrary code by modifying the PATH to point to Trojan Horse programs...