RedHat Update for lynx RHSA-2008:0965-01

Check for the Version of lynx OpenVAS Vulnerability Test RedHat Update for lynx RHSA-2008:0965-01 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...

RedHat Update for lynx RHSA-2008:0965-01

Check for the Version of lynx OpenVAS Vulnerability Test RedHat Update for lynx RHSA-2008:0965-01 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...

CentOS Update for lynx CESA-2008:0965-01 centos2 i386

Check for the Version of lynx OpenVAS Vulnerability Test CentOS Update for lynx CESA-2008:0965-01 centos2 i386 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...

CentOS Update for lynx CESA-2008:0965 centos3 i386

Check for the Version of lynx OpenVAS Vulnerability Test CentOS Update for lynx CESA-2008:0965 centos3 i386 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...

CentOS Update for lynx CESA-2008:0965 centos4 i386

Check for the Version of lynx OpenVAS Vulnerability Test CentOS Update for lynx CESA-2008:0965 centos4 i386 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...

CentOS Update for lynx CESA-2008:0965 centos3 x86_64

Check for the Version of lynx OpenVAS Vulnerability Test CentOS Update for lynx CESA-2008:0965 centos3 x8664 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...

CentOS Update for lynx CESA-2008:0965 centos3 i386

Check for the Version of lynx OpenVAS Vulnerability Test CentOS Update for lynx CESA-2008:0965 centos3 i386 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...

Microsoft Excel未明远程代码执行漏洞

BUGTRAQ ID: 33870 CNCAN ID：CNCAN-2009022404 Microsoft Excel是一款微软开发的电子表格处理程序。 Microsoft Excel存在未明问题，远程攻击者可以利用漏洞以运行此程序的用户上下文执行任意指令。 目前没有详细漏洞细节提供。Symantec报告此漏洞，目前检测名为'Trojan.Mdropper.AC'。 Microsoft Excel 2007 SP1 Microsoft Excel 2007 厂商解决方案 目前没有解决方案提供： http://office.microsoft.com/excel...

CVE-2008-6235

The Netrw plugin netrw.vim in Vim 7.0 and 7.1 allows user-assisted attackers to execute arbitrary commands via shell metacharacters in a filename used by the 1 "D" delete command or 2 b:netrwcurdir variable, as demonstrated using the netrw.v4 and netrw.v5 test cases...

CVE-2008-6235

CVE-2008-6235 affects Vim 7.0/7.1 through the netrw.vim plugin, which allows command execution via shell metacharacters in filenames used by the D (delete) command or b:netrw_curdir. Exploitation could lead to arbitrary code execution. Public fixes exist (e.g., advisories RHSA-2008:0580 and OpenS...

Sql injection

SQL injection vulnerability in index.php in Five Dollar Scripts Drinks script allows remote attackers to execute arbitrary SQL commands via the recid parameter...

PyCrypto ARC2模块缓冲区溢出漏洞

BUGTRAQ ID: 33674 CVECAN ID: CVE-2009-0544 PyCrypto是使用Python编写的加密工具包。 PyCrypto的ARC2模块中存在缓冲区溢出漏洞，如果远程攻击者在发送的请求中包含有超长的ARC2密钥长度的话，就可以触发这个溢出，导致拒绝服务或执行任意指令。 Dwayne C. Litzenberger PyCrypto 2.0.x 厂商补丁： Dwayne C. Litzenberger ---------------------- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...

AWStats migrate Remote Command Execution

This module exploits an arbitrary command execution vulnerability in the AWStats CGI script. AWStats v6.4 and v6.5 are vulnerable. Perl based payloads are recommended with this module. The vulnerability is only present when AllowToUpdateStatsFromBrowser is enabled in the AWStats configuration fil...

Oracle Secure Backup Administration Server login.php Arbitrary Command Injection

The remote version of Oracle Secure Backup Administration Server fails to sanitize user-supplied input to various parameters used in the 'login.php' script before using it. By sending specially crafted arguments an attacker can exploit it to execute code on the remote host with the web server...

CA20090107-01: CA Service Metric Analysis and CA Service Level Management smmsnmpd Arbitrary Command Execution Vulnerability

Title: CA20090107-01: CA Service Metric Analysis and CA Service Level Management smmsnmpd Arbitrary Command Execution Vulnerability CA Advisory Reference: CA20090107-01 CA Advisory Date: 2009-01-07 Reported By: Michel Arboi of Tenable Network Security Impact: A remote attacker can execute arbitra...

XOOPS Multiple Scripts mydirname Parameter Arbitrary Command Injection

The version of XOOPS installed on the remote host fails to filter user-supplied input to the 'mydirname' parameter of the 'onupdate.php', 'notification.php', and 'oninstall.php' scripts under the application's 'xoopslib/modules/protector' directory before passing it to PHP 'eval' functions...

TCL Shell (tclsh) Arbitrary Command Execution

A TCL shell tclsh is running on this port, and it allows unauthenticated users to run arbitrary commands on the machine. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid35308; scriptversion"1.14";...

RedHat Security Advisory RHSA-2009:0019

The remote host is missing updates announced in advisory RHSA-2009:0019. Hanterm is a replacement for xterm, a X Window System terminal emulator, that supports Hangul input and output. A flaw was found in the Hanterm handling of Device Control Request Status String DECRQSS escape sequences. An...

FreeBSD Ports: xterm

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

netatalk -- arbitrary command execution in papd daemon

Secunia reports: A vulnerability has been reported in Netatalk, which potentially can be exploited by malicious users to compromise a vulnerable system. The vulnerability is caused due to the papd daemon improperly sanitising several received parameters before passing them in a call to popen. Thi...