8703 matches found
CVE-2014-8660
SAP Document Management Services allows local users to execute arbitrary commands via unspecified vectors...
kde-workspace -- privilege escalation
David Edmundson reports: KDE workspace configuration module for setting the date and time has a helper program which runs as root for performing actions. This is secured with polkit. This helper takes the name of the ntp utility to run as an argument. This allows a hacker to run any arbitrary...
Cisco Nexus 1000V Series Switches Arbitrary Command Execution Vulnerability (Cisco-SA-20131115-CVE-2013-5556)
A vulnerability in the license installation module of the Cisco Nexus 1000V could allow an authenticated, local attacker to execute arbitrary shell commands. Copyright C 2014 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...
Cisco Nexus 1000V Series Switches Arbitrary Command Execution Vulnerability (CSCui21340)
A vulnerability in the license installation module of a Cisco Nexus 1000V could allow an authenticated, local attacker to execute arbitrary shell commands. This issue is due to the failure of the 'install all iso' command to properly validate user-supplied input. C Tenable Network Security, Inc...
Arbitrary Command Execution
Overview Affected versions of this package are vulnerable to Arbitrary Command Execution due to the assignment functions accessing constructors functions, allowing attackers to execute their malicious code. Remediation Upgrade angularjs to version 1.3.2 or higher. References - GitHub ChangeLog -...
MGASA-2014-0429 Updated wpa_supplicant and hostapd packages fix security vulnerability
A vulnerability was found in the mechanism wpacli and hostapdcli use for executing action scripts. An unsanitized string received from a remote device can be passed to a system call resulting in arbitrary command execution under the privileges of the wpacli/hostapdcli process which may be root in...
tnftp "savefile" Arbitrary Command Execution
This module exploits an arbitrary command execution vulnerability in tnftp's handling of the resolved output filename - called "savefile" in the source - from a requested resource. If tnftp is executed without the -o command-line option, it will resolve the output filename from the last component...
HP Data Protector EXEC_INTEGUTIL Remote Code Execution
This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'HP Data Protector EXECINTEGUTIL Remote Code Execution', 'Description' = %q This exploit abuses a vulnerability in the HP Data...
[oCERT-2014-005] LPAR2RRD input sanitization errors
2014-005 LPAR2RRD input sanitization errors Description: LPAR2RRD is a performance monitoring and capacity planning software for IBM Power Systems. LPAR2RRD generates historical, future trends and nearly "real-time" CPU utilization graphs of LPAR's and shared CPU usage. Insufficient input...
EMC AlphaStor Device Manager Opcode 0x75 Command Injection
No description provided by source. require 'msf/core' class Metasploit3 Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::Tcp include Msf::Exploit::CmdStager def initializeinfo = superupdateinfoinfo, 'Name' = 'EMC AlphaStor Device Manager Opcode 0x75 Command Injection',...
JVN#87863382: N-Media file uploader vulnerability in handling uploaded files
N-Media file uploader is a plugin for WordPress. N-Media file uploader contains a vulnerability CWE-264 in the way it handles uploaded files. As a result, an arbitrary PHP script which is uploaded may be executed. Impact A user with "Author" privileges and above may execute an arbitrary command o...
EMC AlphaStor Device Manager Opcode 0x75 Command Injection
require 'msf/core' class Metasploit3 'EMC AlphaStor Device Manager Opcode 0x75 Command Injection', 'Description' = %q This module exploits a flaw within the Device Manager rrobtd.exe. When parsing the 0x75 command, the process does not properly filter user supplied input allowing for arbitrary...
AlienVault OSSIM av-centerd Util.pm remote_task Arbitrary Command Execution (CVE-2014-5210)
The vulnerability is due to a failure to safely sanitize remotetask SOAP requests within Util.pm. this vulnerability can be exploit by sending crafted requests to the affected service. Successful exploitation could result in arbitrary command execution with root privileges...
Design/Logic Flaw
GKSu 2.0.2, when sudo-mode is not enabled, uses " double quote characters in a gksu-run-helper argument, which allows attackers to execute arbitrary commands in certain situations involving an untrusted substring within this argument, as demonstrated by an untrusted filename encountered during...
CVE-2014-2886
GKSu 2.0.2 vulnerability (CVE-2014-2886): when sudo-mode is not enabled, gksu-run-helper processes an argument containing a double quote, enabling arbitrary command execution in scenarios with an untrusted substring (e.g., untrusted filename during VirtualBox extension pack install). Affected: GK...
CVE-2014-2972
expand.c in Exim before 4.83 expands mathematical comparisons twice, which allows local users to gain privileges and execute arbitrary commands via a crafted lookup value...
JEECMS任意命令执行漏洞(涉及大量案例,Administrator权限)
简要描述: JEECMS任意命令执行漏洞(涉及大量案例,Administrator权限) 详细说明: 谷歌搜索:inurl:jeecms/ArtiSearch.do 涉及大量案例 http://www.wwxzfw.gov.cn/jeecms/ArtiSearch.do?count=10&searchKey=a%27+and+1%3D1&chnlId= http://www.cnfamily.com/family/jeecms/ArtiSearch.do?count=10&searchKey=%C1%BD%BB%E1...
CVE-2014-5112
maint/modules/home/index.php in Fonality trixbox allows remote attackers to execute arbitrary commands via shell metacharacters in the lang parameter...
HP Data Protector 8.x Arbitrary Command Execution (HPSBMU03072)
Binary data hpdataprotectorhpsbmu03072.nbin...
AlienVault OSSIM av-centerd Util.pm get_license Arbitrary Command Execution (CVE-2014-3805)
An arbitrary command execution vulnerability exists in AlienVault OSSIM. The vulnerability is due to a failure to safely sanitize user data while handling SOAP service requests via the getlicense function of Util.pm. A remote unauthenticated attacker can exploit this vulnerability by sending...