Searching privileges software vulnerabilities

root privileges via buffer overflow in xlock co

privileges | overflow | command | systems | buffer | xlock | IRIX | root | via | SGI |

root privileges via buffer overflow in xlock command on SGI IRIX systems.


Solaris Solstice AdminSuite (AdminSuite) 2.1 an

AdminSuite | Solstice | Solaris |

Solaris Solstice AdminSuite (AdminSuite) 2.1 and 2.2 allows local users to gain privileges via the save option in the Database Manager, which is running with setgid bin privileges.


dpsexec (DPS Server) when running under XDM in

dpsexec |

dpsexec (DPS Server) when running under XDM in IBM AIX 3.2.5 and earlier does not properly check privileges, which allows local users to overwrite arbitrary files and gain privileges.


rcvtty in BSD 3.0 and 4.0 does not properly dro

privileges | specifying | alternate | executing | attackers | properly | command | allows | rcvtty | script | Trojan | before | horse | which | local | does | line | gain | drop | not | BSD |

rcvtty in BSD 3.0 and 4.0 does not properly drop privileges before executing a script, which allows local attackers to gain privileges by specifying an alternate Trojan horse script on the command line.


Chili!Soft ASP for Linux before 3.6 does not pr

privileges | attackers | inherited | ChiliSoft | malicious | properly | scripts | running | before | could | which | Linux | allow | group | gain | mode | does | ASP | via | not | set |

Chili!Soft ASP for Linux before 3.6 does not properly set group privileges when running in inherited mode, which could allow attackers to gain privileges via malicious scripts.


sendfiled, as included with Simple Asynchronous

Asynchronous | sendfiled | Transfer | included | Simple | File |

sendfiled, as included with Simple Asynchronous File Transfer (SAFT), on various Linux systems does not properly drop privileges when sending notification emails, which allows local attackers to gain privileges.


The (1) dump and (2) dump_lfs commands in NetBS


The (1) dump and (2) dump_lfs commands in NetBSD 1.4.x through 1.5.1 do not properly drop privileges, which could allow local users to gain privileges via the RCMD_CMD environment variable.


Cherokee web server before 0.2.7 does not prope

Cherokee | server | before | web |

Cherokee web server before 0.2.7 does not properly drop root privileges after binding to port 80, which could allow remote attackers to gain privileges via other vulnerabilities.


Identix BioLogon 3 allows users with physical a

administrative | CTRL-ALT-DEL | privileges | BioLogon | function | "Browse" | Explorer | physical | running | Identix | system | access | allows | which | users | using | runs | gain |

Identix BioLogon 3 allows users with physical access to the system to gain administrative privileges by using CTRL-ALT-DEL and running a "Browse" function, which runs Explorer with SYSTEM privileges.


The Connectables feature in Adobe PhotoDeluxe 3

Connectables | PhotoDeluxe | environment | privileges | CLASSPATH | directory | attackers | variable | prepends | applets | message | feature | remote | higher | allows | e-mail | Adobe | which | page | HTML | gain | run | web | via |

The Connectables feature in Adobe PhotoDeluxe 3.1 prepends the Adobe directory to the CLASSPATH environment variable, which allows applets to run with higher privileges and remote attackers to gain privileges via an HTML e-mail message or a web page.


tcpdump does not properly drop privileges to th

privileges | properly | starting | tcpdump | pcap | user | does | drop | not |

tcpdump does not properly drop privileges to the pcap user when starting up.


leksbot 1.2.3 in Debian GNU/Linux installs the

leksbot |

leksbot 1.2.3 in Debian GNU/Linux installs the KATAXWR as setuid root, which allows local users to gain root privileges by exploiting unknown vulnerabilities related to the escalated privileges, which KATAXWR is not designed to have.


Help in NIPrint LPD-LPR Print Server 4.10 and e

LPD-LPR | NIPrint | Server | Print | Help |

Help in NIPrint LPD-LPR Print Server 4.10 and earlier executes Windows Explorer with SYSTEM privileges, which allows local users to gain privileges.


Multiple programs in trr19 1.0 do not properly

privileges | executing | Multiple | programs | properly | command | system | before | allow | could | users | local | trr19 | which | drop | gain | not |

Multiple programs in trr19 1.0 do not properly drop privileges before executing a system command, which could allow local users to gain privileges.


MoinMoin 1.2.1 and earlier allows remote attack

MoinMoin |

MoinMoin 1.2.1 and earlier allows remote attackers to gain privileges by creating a user with the same name as an existing group that has higher privileges.


The init scripts in ChessBrain 20407 and earlie

ChessBrain | scripts | init |

The init scripts in ChessBrain 20407 and earlier execute user-owned programs with root privileges, which allows local users to gain privileges by modifying the programs.


phpScheduleIt 1.0.0 RC1 does not clear administ

phpScheduleIt |

phpScheduleIt 1.0.0 RC1 does not clear administrative privileges if the administrator logs in as a normal user, which allows users with physical access to gain administrative privileges.


Unknown vulnerability in typespeed 0.4.1 and ea

vulnerability | typespeed | Unknown |

Unknown vulnerability in typespeed 0.4.1 and earlier allows local users to gain privileges.


The DBMS_Scheduler in Oracle 10g allows remote

DBMS_Scheduler | SESSION_USER | additional | privileges | attackers | changing | CREATE | allows | remote | Oracle | user | gain | SYS | 10g | JOB |

The DBMS_Scheduler in Oracle 10g allows remote attackers with CREATE JOB privileges to gain additional privileges by changing SESSION_USER to the SYS user.


lockmail in maildrop before 1.5.3 does not drop

maildrop | lockmail | before |

lockmail in maildrop before 1.5.3 does not drop privileges before executing commands, which allows local users to gain privileges via command line arguments.


Software vulnerabilities results 1 to 20 of 1480     
Page: 12345...75