PHP safe_mode bypass via proc_open() and custom environment

No description provided by source. ----------------------------------------------------------------------- + safe-bypass-procopen.txt - yet another way to bypass PHP safemode. + + By Milen Rangelov [email protected] + ----------------------------------------------------------------------- This...

PHP safe_mode bypass via proc_open() and custom environment

Exploit for linux platform in category local exploits =========================================================== PHP safemode bypass via procopen and custom environment ===========================================================...

Apple iTunes/QuickTime畸形'.mov'文件缓冲区溢出漏洞

BUGTRAQ ID: 32540 CNCAN ID：CNCAN-2008120301 Apple iTunes/QuickTime是苹果公司开发的媒体播放程序。 Apple iTunes/QuickTime处理.mov文件存在缓冲区溢出，远程攻击者可以利用漏洞以应用程序权限执行任意指令。 构建恶意的'.mov'文件，诱使用户访问，可导致以应用程序权限执行任意指令。 Apple QuickTime Player 7.5.5 + Apple Mac OS X 10.4.9 + Apple Mac OS X 10.3.9 + Apple Mac OS X 10.5 + Apple Mac O...

Fedora 9 : lynx-2.8.6-17.fc9 (2008-9550)

Mon Nov 10 2008 Jiri Moskovcak 2.8.6-17 - Fixed CVE-2008-4690 lynx: remote arbitrary command execution. via a crafted lynxcgi: URL thoger - Fri May 30 2008 Jiri Moskovcak 2.8.6-16 - updated to latest stable upstream version 2.8.6rel5 - Fri May 23 2008 Dennis Gilmore - 2.8.6-15.1 - minor rebuild...

Fedora 8 : lynx-2.8.6-12.fc8 (2008-9597)

Mon Nov 10 2008 Jiri Moskovcak - 2.8.6-12 - Fixed CVE-2008-4690 lynx: remote arbitrary command execution. via a crafted lynxcgi: URL thoger - Fri May 30 2008 Jiri Moskovcak - 2.8.6-11 - updated to latest upstream version 2.8.6rel5 - Resolves: 214205 - Wed Jan 9 2008 Jiri Moskovcak - 2.8.6-10 -...

verlihub -- insecure temporary file usage and arbitrary command execution

securityfocus reports: An attacker with local access could potentially exploit this issue to perform symbolic-link attacks, overwriting arbitrary files in the context of the affected application. Successfully mounting a symlink attack may allow the attacker to delete or corrupt sensitive files,...

VERITAS NetBackup Remote Command Execution

This module allows arbitrary command execution on an ephemeral port opened by Veritas NetBackup, whilst an administrator is authenticated. The port is opened and allows direct console access as root or SYSTEM from any source address. This module requires Metasploit: https://metasploit.com/downloa...

Sql injection

SQL injection vulnerability in tr.php in YourFreeWorld Classifieds Hosting Script allows remote attackers to execute arbitrary SQL commands via the id parameter...

[Backports-security-announce] Security update for openoffice.org

Rene Engelhard uploaded new packages for openoffice.org which fixed the following security problems: Debian BTS 496361 left-over debugging echos writing into an insecure temp file can allow attackers to overwrite files on the system with the prvilieges of the user executing senddoc File - Send...

security update

CentOS Errata and Security Advisory CESA-2008:0965-01 An updated lynx package that corrects two security issues is now available for Red Hat Enterprise Linux 2.1, 3, 4, and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. Lynx is a text-base...

JVN#20502807 Snoopy command injection vulnerability

Snoopy is an open source PHP library. Snoopy does not properly handle user-input data. This causes a vulnerability which may allow a remote attacker to execute an arbitrary command. Impact An arbitrary command could be executed with the privilege of the server where Snoopy runs. Solution Update t...

CentOS 3 / 4 / 5 : lynx (CESA-2008:0965)

An updated lynx package that corrects two security issues is now available for Red Hat Enterprise Linux 2.1, 3, 4, and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. Lynx is a text-based Web browser. An arbitrary command execution flaw was...

RHEL 2.1 / 3 / 4 / 5 : lynx (RHSA-2008:0965)

An updated lynx package that corrects two security issues is now available for Red Hat Enterprise Linux 2.1, 3, 4, and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. Lynx is a text-based Web browser. An arbitrary command execution flaw was...

lynx security update

CentOS Errata and Security Advisory CESA-2008:0965 An updated lynx package that corrects two security issues is now available for Red Hat Enterprise Linux 2.1, 3, 4, and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. Lynx is a text-based W...

Important: Red Hat Security Advisory: lynx security update

An updated lynx package that corrects two security issues is now available for Red Hat Enterprise Linux 2.1, 3, 4, and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. Lynx is a text-based Web browser. An arbitrary command execution flaw was...

Snoopy '_httpsrequest()'任意命令执行漏洞

BUGTRAQ ID: 31887 CNCAN ID：CNCAN-2008102405 Snoopy是一款模拟WEB浏览器的PHP类。 Snoopy 'httpsrequest'存在输入验证问题，远程攻击者可以利用漏洞以应用程序权限执行任意命令。 目前没有详细漏洞细节提供。 Snoopy Snoopy 1.2.3 Snoopy Snoopy 1.2.1 Snoopy Snoopy 1.2 Snoopy Snoopy 1.0 1 Snoopy Snoopy 0.94 Snoopy Snoopy 0.93 Snoopy Snoopy 0.92 Snoopy Snoopy 0.91 升级程序：...

viralator

The CGI 'viralator.cgi' is installed. Some versions of this CGI are don't check properly the user input and allow anyone to execute arbitrary commands with the privileges of the web server No flaw was tested. Your script might be a safe version. Solutions : Upgrade this script to version 0.9pre2 ...

CVE-2008-4690

lynx 2.8.6dev.15 and earlier, when advanced mode is enabled and lynx is configured as a URL handler, allows remote attackers to execute arbitrary commands via a crafted lynxcgi: URL, a related issue to CVE-2005-2929. NOTE: this might only be a vulnerability in limited deployments that have define...

CVE-2008-4641

The DoCommand function in jhead.c in Matthias Wandel jhead 2.84 and earlier allows attackers to execute arbitrary commands via shell metacharacters in unspecified input...

EMC AlphaStor Library Manager Arbitrary Command Execution

EMC AlphaStor Library Manager is prone to a remote command-injection vulnerability because the application fails to properly sanitize user-supplied input. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class...