CVE-1999-0768

Buffer overflow in Vixie Cron on Red Hat systems via the MAILTO environmental variable...

CVE-1999-0768

CVE-1999-0768 is a confirmed issue affecting Red Hat systems using Vixie Cron, where a buffer overflow can be triggered via the MAILTO environment variable. The connected Red Hat advisory reiterates the same description and confirms the vulnerability exists in Vixie Cron on Red Hat platforms. The...

CVE-1999-0318

Buffer overflow in xmcd 2.0p12 allows local users to gain access through an environmental variable...

CVE-1999-0769

CVE-1999-0769 affects Vixie Cron on Linux systems. The vulnerability allows local users to modify parameters of sendmail commands by manipulating the MAILTO environment variable, as described in multiple sources. Root cause is misuse of MAILTO by cron the environment passed to mail-related comman...

CVE-1999-0690

Technical details about CVE-1999-0690 are not publicly provided in the supplied documents; monitor for updates.

CVE-1999-0318

The CVE-1999-0318 issue affects the xmcd 2.0p12 release and is caused by a buffer overflow triggered via an environment variable, allowing local users to gain access. The PT-1997-1131 entry corroborates local privilege escalation through an environmental variable; it does not provide a product pa...

CVE-1999-0690

HP CDE program includes the current directory in root's PATH variable...

CVE-1999-0706

Linux xmonisdn package allows local users to gain root privileges by modifying the IFS or PATH environmental variables...

CVE-1999-0937

BNBForm allows remote attackers to read arbitrary files via the automessage hidden form variable...

CVE-1999-0964

Buffer overflow in FreeBSD setlocale in the libc module allows attackers to execute arbitrary code via a long PATHLOCALE environment variable...

CVE-1999-1327

Buffer overflow in linuxconf 1.11r11-rh2 on Red Hat Linux 5.1 allows local users to gain root privileges via a long LANG environmental variable...

CVE-2000-0009

The bnapass program in Optivity NETarchitect uses the PATH environmental variable for finding the "rm" program, which allows local users to execute arbitrary commands...

PT-1999-1476 · Unknown · Classifieds.Cgi

Name of the Vulnerable Software and Affected Versions: classifieds.cgi affected versions not specified Description: The issue allows remote attackers to execute arbitrary commands by specifying them in a hidden variable in a CGI form. This can be done through the classifieds.cgi script...

CVE-1999-0820

FreeBSD seyon allows users to gain privileges via a modified PATH variable for finding the xterm and seyon-emu commands...

netscape.4.x.java.txt

Netscape 4.x javascript security flaw Versions tested: Windows98/Netscape4.7,Windows95/Netscape4.05 Description: Credits to Henri Torgemane Netscape has a "persistent" navigator object, which means that any data put in the window.navigator object will be accessible to every other window as long a...

pine.420.txt

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I reported the vulnerability below to the Pine team on Oct 21, when 4.20 was current. 4.21 which I just noticed on freshmeat seems to fix the problem even though it's not mentioned in the release notes. Since it's not, I thought some disclosure was in...

CVE-1999-0818

Buffer overflow in Solaris kcmsconfigure via a long NETPATH environmental variable...

CVE-1999-0863

Buffer overflow in FreeBSD seyon via HOME environmental variable, -emulator argument, -modems argument, or the GUI...

PT-1999-1416 · Freebsd · Freebsd Seyon

Name of the Vulnerable Software and Affected Versions: FreeBSD seyon affected versions not specified Description: The issue is related to a buffer overflow in FreeBSD seyon, which can be triggered via the HOME environmental variable, -emulator argument, -modems argument, or the GUI...

HP HP-UX 10.20/11.0 / IBM AIX 4.3 / SCO Unixware 7.0 / Sun Solaris 2.6 - Change File Permission

source: https://www.securityfocus.com/bid/131/info Due to improper checking of ownership, the dtappgather utility shipped with the Common Desktop Environment allows arbitrary users to overwrite any file present on the filesystem, regardless of the owner of the file. dtappgather uses a directory o...