9447 matches found
Дырка в Internet Explorer (local variable exposure)
При использовании URL типа http://www.evil.org/VAR можно получить значение переменной VAR...
Дырки в PitBull LX (kernel variable modification)
Атакующий с правами root может обойти защиту путем модификации переменных ядра через sysctl...
FreeBSD 3.5.14.2 - Ports Package xklock Local Privilege Escalation
FreeBSD 3.5.14.2 - Ports Package xklock Local Privilege Escalation / xklock - FreeBSD 3.5.1 & 4.2 ports package local root exploit The X key lock program contain several exploitable buffer overflows in command line arguments aswell as the 'JNAME' environment variable. xklock is installed setuid...
CVE-2001-0033
KTH Kerberos IV allows local users to change the configuration of a Kerberos server running at an elevated privilege by specifying an alternate directory using with the KRBCONFDIR environmental variable, which allows the user to gain additional privileges...
Security Advisory FreeBSD-SA-01:25.kerberosIV
-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-01:25 Security Advisory FreeBSD, Inc. Topic: Local and remote vulnerabilities in Kerberos IV Category: core Module: libkrb, telnetd Announced: 2001-02-14 Credits: Jouko...
CVE-2001-0087
itetris/xitetris 1.6.2 and earlier trusts the PATH environmental variable to find and execute the gunzip program, which allows local users to gain root privileges by changing their PATH so that it points to a malicious gunzip program...
CVE-2001-0084
GTK+ library allows local users to specify arbitrary modules via the GTKMODULES environmental variable, which could allow local users to gain privileges if GTK+ is used by a setuid/setgid program...
PT-2001-1319 · Gtk · Gtk+ Library
Name of the Vulnerable Software and Affected Versions: GTK+ library affected versions not specified Description: The issue allows local users to specify arbitrary modules via the GTK MODULES environmental variable. This could potentially allow local users to gain privileges if GTK+ is used by a...
NewsDaemon remote administrator access
SUMMARY ------- In all versions of NewsDaemon prior to 0.21b released 25 Jan 2001, it is possible to spoof a global variable in an HTTP request and obtain administrator access remotely. NewsDaemon is the PHP-based Web Log software that runs http://daily.daemonnews.org/ a popular news and discussi...
SCO OpenServer 5.0.5 - Env Local Stack Overflow
SCO OpenServer 5.0.5 - Env Local Stack Overflow / Copyright c 2000 ADM / / All Rights Reserved / / THIS IS UNPUBLISHED PROPRIETARY SOURCE CODE OF ADM / / The copyright notice above does not evidence any / / actual or intended publication of such source code. / / / / Title: SCO OpenServer mscreen ...
CVE-2000-1184
telnetd in FreeBSD 4.2 and earlier, and possibly other operating systems, allows remote attackers to cause a denial of service by specifying an arbitrary large file in the TERMCAP environmental variable, which consumes resources as the server processes the file...
CVE-2000-0911
CVE-2000-0911 affects IMP 2.2 and earlier. The vulnerability arises from modifying the hidden attachment_name form variable, enabling an attacker to read and delete arbitrary files by causing IMP to send the targeted file to the attacker as an attachment. The available sources confirm the affecte...
CVE-2000-1001
add2basket.asp in Element InstantShop allows remote attackers to modify price information via the "price" hidden form variable...
CVE-2000-0911
IMP 2.2 and earlier allows attackers to read and delete arbitrary files by modifying the attachmentname hidden form variable, which causes IMP to send the file to the attacker as an attachment...
CVE-2000-0926
The CVE-2000-0926 entry concerns SmartWin CyberOffice Shopping Cart 2 (CyberShop). Vulnerability: remote attackers can modify price information by altering the hidden Price form variable. Affected component: the shopping cart/web interface that processes the Price field. Impact: data integrity co...
CVE-2000-1011
Buffer overflow in catopen function in FreeBSD 5.0 and earlier, and possibly other OSes, allows local users to gain root privileges via a long environmental variable...
CVE-2000-0926
SmartWin CyberOffice Shopping Cart 2 aka CyberShop allows remote attackers to modify price information by changing the "Price" hidden form variable...
CVE-2000-0824
The unsetenv function in glibc 2.1.1 does not properly unset an environmental variable if the variable is provided twice to a program, which could allow local users to execute arbitrary commands in setuid programs by specifying their own duplicate environmental variables such as LDPRELOAD or...
CVE-2000-1166
Twig webmail system does not properly set the "vhosts" variable if it is not configured on the site, which allows remote attackers to insert arbitrary PHP PHP3 code by specifying an alternate vhosts as an argument to the index.php3 program...
CVE-2000-1132
DCForum cgforum.cgi CGI script allows remote attackers to read arbitrary files, and delete the program itself, via a malformed "forum" variable...