Lucene search
K

7668 matches found

Tenable Nessus
Tenable Nessus
added 2004/08/20 12:0 a.m.20 views

Aplio Internet Phone authenticate.cgi Arbitrary Command Execution

Binary data 1641.prm...

7.5CVSS7.3AI score0.03592EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2004/08/20 12:0 a.m.18 views

AOL Instant Messenger IMG Tag Arbitrary Command Execution

Binary data 1251.prm...

5CVSS7.3AI score0.11634EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2004/08/18 12:0 a.m.16 views

IkonBoard FUNC.pm lang Cookie Arbitrary Command Execution

Binary data 1537.prm...

7.5CVSS7.3AI score0.10814EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2004/08/18 12:0 a.m.15 views

Sendmail DEBUG Arbitrary Command Execution

Binary data 2028.prm...

10CVSS7.3AI score0.16446EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2004/08/13 12:0 a.m.233 views

YaPiG < 0.92.2 Multiple Scripts Arbitrary Command Execution

The remote host is running YaPiG, a web-based image gallery written in PHP. The remote version of YaPiG may allow a remote attacker to execute malicious scripts on a vulnerable system. This issue exists due to a lack of sanitization of user-supplied data. It is reported that an attacker may be ab...

5.9AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2004/08/09 12:0 a.m.130 views

BasiliX login.php3 username Variable Arbitrary Command Execution

The remote host appears to be running a version of BasiliX between 1.0.2beta or 1.0.3beta. In such versions, the script 'login.php3' fails to sanitize user input, which enables a remote attacker to pass in a specially crafted value for the parameter 'username' with arbitrary commands to be execut...

5.6AI score
Exploits0References1
FreeBSD
FreeBSD
added 2004/08/04 12:0 a.m.24 views

gnomevfs -- unsafe URI handling

Alexander Larsson reports that some versions of gnome-vfs and MidnightCommander contain a number of extfs' scripts that do not properly validate user input. If an attacker can cause her victim to process a specially-crafted URI, arbitrary commands can be executed with the privileges of the victim...

7.5CVSS6.5AI score0.01625EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2004/07/31 12:0 a.m.27 views

Mandrake Linux Security Advisory : xpdf (MDKSA-2003:071-1)

Martyn Gilmore discovered flaws in various PDF viewers, including xpdf. An attacker could place malicious external hyperlinks in a document that, if followed, could execute arbitary shell commands with the privileges of the person viewing the PDF document. Update : New packages are available as t...

7.5CVSS5.5AI score0.40942EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2004/07/31 12:0 a.m.39 views

Mandrake Linux Security Advisory : dhcpcd (MDKSA-2003:003)

A vulnerability was discovered by Simon Kelley in the dhcpcd DHCP client daemon. dhcpcd has the ability to execute an external script named dhcpcd-.exe when an IP address is assigned to that network interface. The script sources the file /var/lib/dhcpcd/dhcpcd-.info which contains shell variables...

7.5CVSS5.8AI score0.02048EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2004/07/31 12:0 a.m.24 views

Mandrake Linux Security Advisory : gaim (MDKSA-2002:054-1)

Versions of Gaim an AOL instant message client prior to 0.58 contain a buffer overflow in the Jabber plug-in module. As well, a vulnerability was discovered in the URL-handling code, where the 'manual' browser command passes an untrusted string to the shell without reliable quoting or escaping...

7.5CVSS6AI score0.0461EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2004/07/23 12:0 a.m.24 views

Fedora Core 1 : kdepim-3.1.4-2 (2004-133)

The KDE team found a buffer overflow in the file information reader of VCF files. An attacker could construct a VCF file so that when it was opened by a victim it would execute arbitrary commands. The Common Vulnerabilities and Exposures project cve.mitre.org has assigned the name CVE-2003-0988 t...

7.5CVSS6.1AI score0.06151EPSS
Exploits0References2
Cvelist
Cvelist
added 2004/07/14 4:0 a.m.33 views

CVE-2004-0201

Heap-based buffer overflow in the HtmlHelp program hh.exe in HTML Help for Microsoft Windows 98, Me, NT 4.0, 2000, XP, and Server 2003 allows remote attackers to execute arbitrary commands via a .CHM file with a large length field, a different vulnerability than CVE-2003-1041...

7.5AI score0.45137EPSS
Exploits0References9
Cvelist
Cvelist
added 2004/07/08 4:0 a.m.19 views

CVE-2004-0395

The xatitv program in the gatos package does not properly drop root privileges when the configuration file does not exist, which allows local users to execute arbitrary commands via shell metacharacters in a system call...

7AI score0.0041EPSS
Exploits0References3
Cvelist
Cvelist
added 2004/07/06 4:0 a.m.19 views

CVE-2002-1582

compose.cgi in Mailreader.com 2.3.30 and 2.3.31, when using Sendmail as the Mail Transfer Agent, allows remote attackers to execute arbitrary commands via shell metacharacters in the RealEmail configuration variable, which is used to call Sendmail in network.cgi...

7.6AI score0.03633EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2004/07/06 12:0 a.m.26 views

RHEL 2.1 : xchat (RHSA-2002:124)

A security issue in XChat allows a malicious server to execute arbitrary commands. XChat is a popular cross-platform IRC client. Versions of XChat prior to 1.8.9 do not filter the response from an IRC server when a /dns query is executed. Because XChat resolves hostnames by passing the configured...

7.5CVSS5.8AI score0.02391EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2004/07/06 12:0 a.m.41 views

RHEL 2.1 : XFree86 (RHSA-2003:065)

Updated XFree86 packages that resolve various security issues and additionally provide a number of bug fixes and enhancements are now available for Red Hat Enterprise Linux 2.1. XFree86 is an implementation of the X Window System, which provides the graphical user interface, video drivers, etc. f...

10CVSS6AI score0.03403EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2004/07/06 12:0 a.m.42 views

RHEL 2.1 : cvs (RHSA-2003:013)

Updated CVS packages are now available for Red Hat Linux Advanced Server. These updates fix a vulnerability which would permit arbitrary command execution on servers configured to allow anonymous read-only access. Updated 06 Feb 2003 Added fixed packages for Advanced Workstation 2.1 CVS is a...

7.5CVSS6.1AI score0.2387EPSS
Exploits1References4
securityvulns
securityvulns
added 2004/06/26 12:0 a.m.22 views

format string vulnerability in Gnats

Zone-h Security Advisory Date of discovery : 21 june 2004 Date of release : 24 june 2004 Bug found by Khan Shirani [email protected] http://www.zone-h.org --------------------------------------- Software : GNU Gnats 4.00 Bugs : formats string bugs Risk : low/medium Platform : nix...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2004/06/25 12:0 a.m.23 views

[ GLSA 200406-18 ] gzip: Insecure creation of temporary files

Gentoo Linux Security Advisory GLSA 200406-18 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity:...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2004/05/05 12:0 a.m.14 views

PHPX 3.x - forums.php Cross-Site Request Forgery Arbitrary Command Execution

PHPX 3.x - forums.php Cross-Site Request Forgery Arbitrary Command Execution source: https://www.securityfocus.com/bid/10284/info It has been reported that PHPX is affected by multiple administrator command execution vulnerabilities. These issues are due to a failure of the application to properl...

0.9AI score
Exploits0
Rows per page
Query Builder