lynx security update

CentOS Errata and Security Advisory CESA-2005:839 An updated lynx package that corrects a security flaw is now available. This update has been rated as having critical security impact by the Red Hat Security Response Team. Lynx is a text-based Web browser. An arbitrary command execute bug was fou...

Critical: Red Hat Security Advisory: lynx security update

An updated lynx package that corrects a security flaw is now available. This update has been rated as having critical security impact by the Red Hat Security Response Team. Lynx is a text-based Web browser. An arbitrary command execute bug was found in the lynx "lynxcgi:" URI handler. An attacker...

wzdFTPd.pm.txt

Metasploit plugin for: Wzdftpd SITE Command Arbitrary Command Execution 2005 11 26 - David Maciejak package Msf::Exploit::wzdftpdsite; use base "Msf::Exploit"; use strict; use Pex::Text; my $advanced = ; my $info = 'Name' = 'Wzdftpd SITE Command Arbitrary Command Execution', 'Version' = '$Revisio...

WzdFTPD 0.5.4 - SITE Remote Command Execution (Metasploit)

WzdFTPD 0.5.4 - SITE Remote Command Execution Metasploit Reference: http://www.milw0rm.com/id.php?id=1231 https://www.exploit-db.com/exploits/1231/ kcope /str0ke Metasploit plugin for: Wzdftpd SITE Command Arbitrary Command Execution 2005 11 26 - David Maciejak package Msf::Exploit::wzdftpdsite;...

WzdFTPD 0.5.4 - 'SITE' Remote Command Execution (Metasploit)

Reference: http://www.milw0rm.com/id.php?id=1231 https://www.exploit-db.com/exploits/1231/ kcope /str0ke Metasploit plugin for: Wzdftpd SITE Command Arbitrary Command Execution 2005 11 26 - David Maciejak package Msf::Exploit::wzdftpdsite; use base "Msf::Exploit"; use strict; use Pex::Text; my...

guestbook.cgi

The 'guestbook.cgi' is installed. This CGI has a well known security flaw that lets anyone execute arbitrary commands with the privileges of the http daemon root or nobody. OpenVAS Vulnerability Test $Id: guestbook.nasl 8023 2017-12-07 08:36:26Z teissa $ Description: guestbook.cgi Authors: Mathie...

Open WebMail vacation.pl Arbitrary Command Execution

The target is running at least one instance of Open WebMail in which the vacation.pl component fails to sufficiently validate user input. This failure enables remote attackers to execute arbitrary programs on a target using the privileges under which the web server operates. For further...

formmail.pl

The 'formmail.pl' is installed. This CGI has a well known security flaw that lets anyone execute arbitrary commands with the privileges of the http daemon root or nobody. OpenVAS Vulnerability Test $Id: formmailpl.nasl 6703 2017-07-12 13:57:25Z cfischer $ Description: formmail.pl Authors: Mathieu...

BasiliX Arbitrary Command Execution Vulnerability

The remote web server contains a PHP script that is prone to arbitrary command execution. Description : The remote host appears to be running a version of BasiliX between 1.0.2beta or 1.0.3beta. In such versions, the script 'login.php3' fails to sanitize user input, which enables a remote attacke...

nph-publish.cgi

The 'nph-publish.cgi' is installed. This CGI has a well known security flaw that lets an attacker to execute arbitrary commands with the privileges of the http daemon usually root or nobody. OpenVAS Vulnerability Test $Id: nph-publish.nasl 8023 2017-12-07 08:36:26Z teissa $ Description:...

PuTTY window title escape character arbitrary command execution

PuTTY is a free SSH client. This version contains a flaw that may allow a malicious user to insert arbitrary commands and execute them. The issue is triggered when an attacker sends commands, preceded by terminal emulator escape sequences. It is possible that the flaw may allow arbitrary code...

IIS Remote Command Execution

When IIS receives a user request to run a script, it renders the request in a decoded canonical form, then performs security checks on the decoded request. A vulnerability results because a second, superfluous decoding pass is performed after the initial security checks are completed. Thus, a...

mailreader.com directory traversal and arbitrary command execution

mailreader.com software is installed. A directory traversal flaw allows anybody to read arbitrary files on your system. OpenVAS Vulnerability Test $Id: mailreader.nasl 5783 2017-03-30 09:03:43Z cfi $ Description: mailreader.com directory traversal and arbitrary command execution Authors: Michel...

Count.cgi

An old version of SPDX-FileCopyrightText: 2004 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.10049";...

Open WebMail userstat.pl Arbitrary Command Execution

The target is running at least one instance of Open WebMail in which the userstat.pl component fails to sufficiently validate user input. SPDX-FileCopyrightText: 2004 George A. Theall Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...

CVSTrac ticket title arbitrary command execution

The remote host seems to be running cvstrac, a web-based bug and patch-set tracking system for CVS. This version contains a flaw related to ticket titles containing a semi-colon that may allow an attacker to execute arbitrary commands on the system. SPDX-FileCopyrightText: 2004 David Maciejak Som...

SecureCRT SSH1 protocol version string overflow

The remote host is using a vulnerable version of SecureCRT, a SSH/Telnet client built for Microsoft Windows operation systems. SPDX-FileCopyrightText: 2004 David Maciejak Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

ShopPlus Arbitrary Command Execution Vulnerability - Active Check

The ShopPlus CGI is prone to a vulnerability that allows execution of arbitrary commands with the security privileges of the web server. SPDX-FileCopyrightText: 2001 SecuriTeam Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

guestbook.pl

The SPDX-FileCopyrightText: 1999 Mathieu Perrin Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.10099";...

BasiliX Arbitrary Command Execution Vulnerability

The remote web server contains a BasiliX PHP script that is prone to arbitrary. SPDX-FileCopyrightText: 2004 George A. Theall Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...