It has been reported that TerminatorX may be prone to multiple vulnerabilities when handling command-line and environment variable data. As a result, an attacker may be capable of exploiting the application in a variety of ways to execute arbitrary code with elevated privileges. It should be noted that TerminatorX is not installed setuid by default, however the author recommends that users make the application setuid root.
It has been reported that TerminatorX may be prone to multiple vulnerabilities when handling command-line and environment variable data. As a result, an attacker may be capable of exploiting the application in a variety of ways to execute arbitrary code with elevated privileges. A proof-of-concept exploit has been released which demonstrates a stack-based buffer overflow vulnerability in TerminatorX v3.81. This vulnerability is only exploitable when the application is compiled with the --enable-suidroot flag.
IBM DB2 has been reported to be prone to multiple buffer overflow vulnerabilities that present themselves in binaries that are shipped with DB2. The vulnerabilities are likely caused due to a lack of sufficient boundary checks performed on user supplied command-line arguments before they are copied into a reserved buffer in memory. It has been reported that by supplying arguments of excessive length to the respective vulnerable executables a local attacker may trigger the execution of arbitrary attacker-supplied instructions with elevated privileges.
Multiple command-line parameter format string vulnerabilities have been discovered in various IBM DB2 binaries. Specifically, format-based functions are implemented erroneously within the db2govd, db2start, and db2stop programs. These binaries are typically installed setuid, allowing a malicious local user to gain elevated privileges.
Multiple command-line parameter format string vulnerabilities have been discovered in various IBM DB2 binaries. Specifically, format-based functions are implemented erroneously within the db2govd, db2start, and db2stop programs. These binaries are typically installed setuid, allowing a malicious local user to gain elevated privileges. An example of this exploit is shown above, where a malicious user can cause a segmentation fault by entering %n%n as a command-line parameter.
Multiple command-line parameter format string vulnerabilities have been discovered in various IBM DB2 binaries. Specifically, format-based functions are implemented erroneously within the db2govd, db2start, and db2stop programs. These binaries are typically installed setuid. As a result, a malicious local user may be capable of gaining elevate privileges.
HP has reported that some Software Distributor (SD) utilities are prone to a locally exploitable buffer-overrun vulnerability. Affected utilities include swinstall(1M) and swverify(1M). An attacker can exploit this vulnerability by crafting a malicious environment variable and executing the vulnerable utility. This will allow the attacker to execute arbitrary code with the privileges of the vulnerable utility.
It has been reported that Easy PHP Photo Album is prone to a HTML injection vulnerability that may allow an attacker to execute HTML code in a user's browser. The issue is reported to be present in the 'dir' parameter. This problem is due to insufficient sanitization of user-supplied input. Successful exploitation of this vulnerability may allow an attacker to steal cookie-based authentication credentials. Other attacks are also possible.
It has been reported that OpenAutoClassifieds is prone to a cross-site scripting vulnerability. The issue is reported to exist due insufficient sanitization of user-supplied data through the 'listings' parameter. The problem may allow a remote attacker to execute HTML or script code in the browser of a user following a malicious link created by an attacker. Successful exploitation of this attack may allow an attacker to steal cookie-based authentication information that could be used to launch further attacks.
It has been reported that VieNuke VieBoard may be prone to a SQL injection vulnerability that may allow an attacker to disclose sensitive information by supplying malicious SQL code to the underlying database. A malicious user may influence database queries in order to view or modify sensitive information potentially compromising the software or the database.
Services By CQR