9447 matches found
CVE-1999-0820
FreeBSD seyon allows users to gain privileges via a modified PATH variable for finding the xterm and seyon-emu commands...
CVE-2000-0388
Buffer overflow in FreeBSD libmytinfo library allows local users to execute commands via a long TERMCAP environmental variable...
CVE-1999-0820
The CVE-1999-0820 issue affects FreeBSD seyon, where a user can gain privileges by manipulating the PATH environment variable to influence the search order for the xterm and seyon-emu commands. Root cause is PATH-based command resolution allowing local privilege escalation. The available document...
CVE-2000-0331
CVE-2000-0331 affects Microsoft CMD.EXE on Windows NT and Windows 2000. The vulnerability is a buffer overflow caused by a long environment variable, enabling a local user to cause a denial of service. The available documents provide the root cause and impact but do not specify a remediation or p...
CVE-2000-0331
Buffer overflow in Microsoft command processor CMD.EXE for Windows NT and Windows 2000 allows a local user to cause a denial of service via a long environment variable, aka the "Malformed Environment Variable" vulnerability...
Еще дырки в Big Brother
С помощью переменной HOSTSVC можно получить доступ к любому файлу: http://www.bb4.com/cgi-bin/bb-hostsvc.sh?HOSTSVC=/../../../../../../../../etc/passwd...
CGI-World Poll It 2.0 - Internal Variable Override
CGI-World Poll It 2.0 - Internal Variable Override source: https://www.securityfocus.com/bid/1431/info Poll It is a Perl CGI application used to create and maintain opinion polls on websites. The program relies on a number of internal variables. These variables can be overwritten by any remote us...
CGI-World Poll It 2.0 - Internal Variable Override
source: https://www.securityfocus.com/bid/1431/info Poll It is a Perl CGI application used to create and maintain opinion polls on websites. The program relies on a number of internal variables. These variables can be overwritten by any remote user by specifying the new value as a variable in the...
IRIX 5.25.36.x - TelnetD Environment Variable Format String
IRIX 5.25.36.x - TelnetD Environment Variable Format String // source: https://www.securityfocus.com/bid/1572/info A vulnerability exists in the telnet daemon shipped with Irix versions 6.2 through 6.5.8, and in patched versions of the telnet daemon in Irix 5.2 through 6.1, from Silicon Graphics...
CVE-2000-0617
Buffer overflow in xconq and cconq game programs on Red Hat Linux allows local users to gain additional privileges via long USER environmental variable...
CVE-2000-0618
Buffer overflow in xconq and cconq game programs on Red Hat Linux allows local users to gain additional privileges via long DISPLAY environmental variable...
Дырка в BRU Backup
имя лог-файла определяется переменной среды окружения $ BRUEXECLOG=/etc/passwd, что позволяет переписать любой файл в системе, т.к. приложение suid root...
BRU Vulnerability
BRU backup software Vulnerability: Description: You can change the log file BRU uses by changing the BRUEXECLOG environment variable. Since bru is setuid root you can append to any file on the system. Exploitation: $ BRUEXECLOG=/etc/passwd $ export BRUEXECLOG $ bru -V ' comsec::0:0::/:/bin/sh ' $...
BRU 15.116.0 - BRUEXECLOG Environment Variable
BRU 15.116.0 - BRUEXECLOG Environment Variable source: https://www.securityfocus.com/bid/1321/info A vulnerability exists in BRU, the Backup and Restore Utility, from Enhanced Software Technologies. By setting the value of the BRUEXECLOG environment variable, it is possible to an attack to alter...
BRU 15.1/16.0 - BRUEXECLOG Environment Variable
source: https://www.securityfocus.com/bid/1321/info A vulnerability exists in BRU, the Backup and Restore Utility, from Enhanced Software Technologies. By setting the value of the BRUEXECLOG environment variable, it is possible to an attack to alter and create files on the filesystem. As BRU is...
CVE-2000-0230
Buffer overflow in imwheel allows local users to gain root privileges via the imwheel-solo script and a long HOME environmental variable...
CVE-1999-0754
CVE-1999-0754 concerns the INN inndstart program, where local users can gain privileges by specifying an alternate configuration file via the INNCONF environment variable. The available connected records confirm this vulnerability exists in INN’s inndstart component and describe the privilege-esc...
CVE-1999-0754
The INN inndstart program allows local users to gain privileges by specifying an alternate configuration file using the INNCONF environmental variable...
Real Networks Real Server 7.07.0.18.0 Beta - view-source Denial of Service
Real Networks Real Server 7.07.0.18.0 Beta - view-source Denial of Service source: https://www.securityfocus.com/bid/1288/info RealServer 7.0 will crash if it receives a request for a specific file with an unspecified variable value. http://targetIP:port/viewsource/template.html?...
Переполнение буфера в kdesud
Классическое переполнение при разборе переменно DISPLAY. Позволяет получить привилегии группы wheel...