CVE-2007-5549

Cisco IOS: vulnerable component is Command EXEC that allows local users to bypass command restrictions and access sensitive information via an unspecified variation of an IOS command (two disclosed methods, CSCsk16129). The exact root cause, affected IOS versions, and remediation are not provided...

Xen pygrub TOOLS/PYGRUB/SRC/GRUBCONF.PY本地命令注入漏洞

XenSource是一款流行的虚拟化程序。 XenSource包含的'tools/pygrub/src/GrubConf.py'脚本存在输入验证，本地攻击者可以利用漏洞提升特权执行任意命令。 当启动客户域时，pygrub使用Python exec来处理来自grub.conf中的不可信数据，通过构建grub.conf文件，在客户域中的root用户可以在domain 0中执行任意python代码。 修改grub.conf文件中的'default'： default "+str0os.system" insert evil command here "+" 可导致任意命令执行。 XenSour...

Code injection

inc/exif.inc.php in Original Photo Gallery 0.11.2 and earlier allows remote attackers to execute arbitrary programs via the exifprog parameter, which is specified in an exec function call...

CVE-2007-5224

inc/exif.inc.php in Original Photo Gallery 0.11.2 and earlier allows remote attackers to execute arbitrary programs via the exifprog parameter, which is specified in an exec function call...

CVE-2007-5224

The CVE-2007-5224 entry affects Original Photo Gallery 0.11.2 and earlier. Affected file: inc/exif.inc.php; the exif_prog parameter is used inside an exec() call without proper sanitization, allowing remote attackers to execute arbitrary commands on the server. This is described in multiple sourc...

HP-UX Security Patch : PHKL_34095

VM exec2 support for newer IPF binaries %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if !definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid26425; scriptversion"1.8"; scriptsetattributeattribute:"pluginmodificationdate",...

CheckPoint Secure Platform Multiple Buffer Overflows

Hi all, we have published a paper about CheckPoint Firewall-1 vulnerabilities. The platform tested is the Secure Platform R60. We have found many buffer overflows. Most of them are located in command line utilities that can be exploited locally. A very few of them maybe can be exploited remotely,...

Information disclosure

Unspecified vulnerability in the client in Symantec Veritas Backup Exec for Windows Servers 11d has unknown impact and remote attack vectors. NOTE: this information is based upon a vague advisory by a vulnerability information sales organization that does not coordinate with vendors or release...

CVE-2007-5126

Unspecified vulnerability in the client in Symantec Veritas Backup Exec for Windows Servers 11d has unknown impact and remote attack vectors. NOTE: this information is based upon a vague advisory by a vulnerability information sales organization that does not coordinate with vendors or release...

CVE-2007-5126

Technical details about CVE-2007-5126 are not publicly available in the provided connected documents; no specific affected products, versions, impact, or remediation are disclosed. Monitor for updates.

CVE-2007-5126

Unspecified vulnerability in the client in Symantec Veritas Backup Exec for Windows Servers 11d has unknown impact and remote attack vectors. NOTE: this information is based upon a vague advisory by a vulnerability information sales organization that does not coordinate with vendors or release...

In the PHP implementation of the system to external command-and-vulnerability warning-the black bar safety net

PHP as a server side scripting language, like writing a simple, or a complex dynamic web page such a task, it is fully able to do the job. But the thing is not always the case, sometimes in order to achieve a certain function, it must be by means of theoperating systemof the external program, or...

PHP <=5.2.4 open_basedir bypass & code exec & denial of service

Application: PHP =5.2.4 Web Site: http://php.net Platform: unix Bug: openbasedir bypass & code exec & denial of service/some people call this as a buffer overflow , but it's a denial of service./ special condition: default php-memory-limit ------------------------------------------------------- 1...

Moderate: kernel security and bugfix update

2.6.9-55.0.6.0.1 - fix entropy flag in bnx2 driver to generate entropy pool John Sobecki orabug 5931647 - fix for nfs open call taking longer issue Chuck Lever orabug 5580407 bz 219412 - fix enomem due to larger mtu size page alloc Zach Brown orabug 5486128 - fix percpu api bugon with rds Zach...

Moderate: Red Hat Security Advisory: kernel security and bugfix update

Updated kernel packages that fix several security issues and bugs in the Red Hat Enterprise Linux 4 kernel are now available. This security advisory has been rated as having moderate security impact by the Red Hat Security Response Team. The Linux kernel handles the basic functions of the operati...

win32 Tiny Download and Exec Shellcode 192 bytes

No description provided by source. ;Tiny Download&&Exec ShellCode codz czy 2007.6.1 ;header 163=6116+8+9+28+9568+27+17 ;163+19=192 comment % -------------------------------------- Tiny Download&&Exec ShellCode-- ...

CVE-2007-3618

Stack-based buffer overflow in the NetWorker Remote Exec Service nsrexecd.exe in EMC Software NetWorker 7.x.x allows remote attackers to execute arbitrary code via a 1 poll or 2 kill request with a "long invalid subcmd."...

EMC Legato Networker buffer overflow

Buffer overflow in SUNRPC TCP/111 Networker Remote Exec Service...

EMC Legato Networker Remote Exec Service Stack Overflow Vulnerabilities

These vulnerabilities allow remote attackers to execute arbitrary code on vulnerable installations of EMC Networker. Authentication is not required to exploit this vulnerability. The specific flaws exist in the Networker Remote Exec Service, nsrexecd.exe. The location of this service is available...

Borland Interbase ibserver.exe create buffer overflow

Added: 07/26/2007 CVE: CVE-2007-3566 BID: 25048 OSVDB: 38602 Background Borland Interbase is a database solution for Windows, Linux, and Solaris platforms. Problem A buffer overflow in the database service, ibserver.exe , allows remote attackers to execute arbitrary commands by sending a speciall...