SAP DB / MaxDB Cons Program Arbitrary Command Execution

Binary data 4337.prm...

mas-rfi.txt

---------------------------------------------------------------------- Member Area System MAS Remote File Include Vulnerability viewfunc.php ---------------------------------------------------------------------- Author: ShipNX Impact: Remote file include Status: Patch not available...

SAP DB / MaxDB Cons Program Arbitrary Command Execution

The version of SAP DB / MaxDB installed on the remote host fails to sanitize user-supplied input to the 'show' and 'execsdbinfo' commands before passing it to a 'system' call. An unauthenticated, remote attacker can leverage this issue to execute arbitrary commands on the affected host subject to...

GLSA-200801-01 : unp: Arbitrary command execution

The remote host is affected by the vulnerability described in GLSA-200801-01 unp: Arbitrary command execution Erich Schubert from Debian discovered that unp does not escape file names properly before passing them to calls of the shell. Impact : A remote attacker could entice a user or automated...

CVE-2008-0148

TUTOS 1.3 does not restrict access to php/admin/cmd.php, which allows remote attackers to execute arbitrary shell commands via the cmd parameter in a direct request...

[Full-disclosure] [ GLSA 200801-01 ] unp: Arbitrary command execution

Gentoo Linux Security Advisory GLSA 200801-01 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity:...

unp: Arbitrary command execution

Background unp is a script for unpacking various file formats. Description Erich Schubert from Debian discovered that unp does not escape file names properly before passing them to calls of the shell. Impact A remote attacker could entice a user or automated system to unpack a compressed archive...

CVE-2007-6610

CVE-2007-6610 affects unp up to 1.0.12 and older than 1.0.14. The vulnerability arises because unp does not properly escape file names before passing them to shell calls, enabling a context-dependent attacker to execute arbitrary shell commands via crafted filenames (potentially when invoked by a...

ClamAV clamav-milter black-hole-mode Sendmail Recipient Field Arbitrary Command Execution

The remote host appears to be running a version of Clamav-milter, a filter for sendmail, configured with '--black-hole-mode' that fails to sanitize recipient addresses of shell metacharacters before using them in a call to 'popen' to determine whether to discard incoming messages. An...

RHEL 4 : openoffice.org2 (RHSA-2007:1090)

Updated openoffice.org2 packages that fix a security issue are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. OpenOffice.org is an office productivity suite. HSQLDB is the default database engine...

DEBIAN-CVE-2007-6171

SQL injection vulnerability in the Postgres Realtime Engine resconfigpgsql in Asterisk 1.4.x before 1.4.15 and C.x before C.1.0-beta6 allows remote attackers to execute arbitrary SQL commands via unknown vectors...

[USN-541-1] Emacs vulnerability

=========================================================== Ubuntu Security Notice USN-541-1 November 13, 2007 emacs22 vulnerability CVE-2007-5795 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 7.10 This advisory also...

Ubuntu 6.10 / 7.04 : hplip vulnerability (USN-530-1)

It was discovered that the hpssd tool of hplip did not correctly handle shell meta-characters. A local attacker could exploit this to execute arbitrary commands as the hplip user. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security...

Fedora 7 : hplip-1.7.4a-6.fc7 (2007-2527)

This update fixes a vulnerability in the hpssd daemon. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

Miranda IM多个远程栈溢出漏洞

BUGTRAQ ID: 26115 CVECAN ID: CVE-2007-5542,CVE-2007-5543 Miranda IM是Microsoft Windows平台上使用的开源多协议即时消息客户端。 Miranda IM没有正确地实现雅虎通协议，如果向客户端发送了畸形的雅虎通报文的话，就可以触发栈溢出，导致执行任意指令。 Miranda Miranda IM 0.7 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://sourceforge.net/project/showfiles.php?groupid=94142...

GLSA-200710-21 : TikiWiki: Arbitrary command execution

The remote host is affected by the vulnerability described in GLSA-200710-21 TikiWiki: Arbitrary command execution ShAnKaR reported that input passed to the 'f' array parameter in tiki-graphformula.php is not properly verified before being used to execute PHP functions. Impact : An attacker could...

Mandrake Linux Security Advisory : hplip (MDKSA-2007:201)

A vulnerability in the hpssd tool was discovered where it did not correctly handle shell meta-characters. A local attacker could use this flaw to execute arbitrary commands as the hplip user. As well, this update fixes a problem with some HP scanners on Mandriva Linux 2007.1, particularly HP PSC...

DTSA-72-1 hplip - arbitrary command execution

Bulletin has no description...

[SECURITY] [DSA 1393-1] New xfce4-terminal packages fix arbitrary command execution

------------------------------------------------------------------------ Debian Security Advisory DSA 1393-1 [email protected] http://www.debian.org/security/ Steve Kemp October 23rd, 2007 http://www.debian.org/security/faq -...

TikiWiki: Arbitrary command execution

Background TikiWiki is an open source content management system written in PHP. Description ShAnKaR reported that input passed to the "f" array parameter in tiki-graphformula.php is not properly verified before being used to execute PHP functions. Impact An attacker could execute arbitrary code...