Gentoo Webapp-Config 1.10 - Insecure File Creation

source: https://www.securityfocus.com/bid/13780/info Gentoo webapp-config is prone to an insecure file creation vulnerability. This issue is due to a design error that causes the application to fail to verify the existence of a file before writing to it. An attacker may leverage this issue to cau...

Gforge - viewFile.php security flaw

-------------------------------------------------------------------------- Vendor : Gforge http://gforge.org Product : gforge Affected versions : 4.0 Bug fixed : = 4.0 & Debian pkg 3.1-30 Vulnerability : Input validation flaw Problem-Type : remote Severity : High, arbitrary command execution Auth...

PHP Advanced Transfer Manager < 1.22 File Upload Arbitrary Command Execution

Binary data 2933.prm...

Extreme Networks switches with ExtremeWare XOS allow arbitrary command execution

Overview Some Extreme Networks switches running ExtremeWare XOS have a vulnerability that allows a malicious authenticated user to escape to the underlying operating system command shell with administrator-level root privileges. Description Extreme Network switches running ExtremeWare XOS contain...

DEBIAN-CVE-2005-0758

zgrep in gzip before 1.3.5 does not properly sanitize arguments, which allows local users to execute arbitrary commands via filenames that are injected into a sed script...

CVE-2004-1876

The CVE-2004-1876 issue affects ClamAV's clamd (VirusEvent directive) prior to version 0.70. The vulnerability arises from using the "%f" parameter to substitute the file name, allowing a local user to trigger shell metacharacters and execute arbitrary commands with privileges of the antivirus pr...

gzip: Multiple vulnerabilities

Background gzip GNU zip is a popular compression program. The included zgrep utility allows you to grep gzipped files in place. Description The gzip and gunzip programs are vulnerable to a race condition when setting file permissions CAN-2005-0988, as well as improper handling of filename...

CVE-2005-1341

Apple Terminal 1.4.4 is affected by CVE-2005-1341, with the issue allowing execution of arbitrary commands via terminal escape sequences. The vulnerability concerns Terminal and related escape handling in macOS components; the initial description explicitly names Terminal 1.4.4 as vulnerable to c...

Open WebMail Shell Escape Arbitrary Command Execution

According to its banner, the version of Open WebMail installed on the remote host may allow execution of arbitrary shell commands due to its failure to ensure shell escape characters are removed from filenames and other strings before trying to read from them. %NASLMINLEVEL 70300 C Tenable Networ...

Open Webmail < 2.51 20050430 Shell Escape Arbitrary Command Execution

Binary data 2875.prm...

CVE-2000-1220

The line printer daemon lpd in the lpr package in multiple Linux operating systems allows local users to gain root privileges by causing sendmail to execute with arbitrary command line arguments, as demonstrated using the -C option to specify a configuration file...

CVE-2005-0130

Certain Perl scripts in Konversation 0.15 allow remote attackers to execute arbitrary commands via shell metacharacters in 1 channel names or 2 song names that are not properly quoted when the user runs IRC scripts...

AlstraSoft EPay Pro v2.0 has file include and multiple xss vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Dcrab 's Security Advisory Hsc Security Group http://www.hackerscenter.com/ dP Security http://digitalparadox.org/ Severity: High Title: AlstraSoft EPay Pro v2.0 has file include and multiple xss vulnerabilities Date: 02/04/2005 Vendor: AlstraSoft...

CVE-2005-0868

AS/400 Telnet 5250 terminal emulation clients, as implemented by 1 IBM client access, 2 Bosanova, 3 PowerTerm, 4 Mochasoft, and possibly other emulations, allows malicious AS/400 servers to execute arbitrary commands via a STRPCO Start PC Organizer command followed by STRPCCMD Start PC command, a...

CVE-2005-0638

xloadimage before 4.1-r2, and xli before 1.17, allows attackers to execute arbitrary commands via shell metacharacters in filenames for compressed images, which are not properly quoted when calling the gunzip command...

CVE-2005-0638

xloadimage before 4.1-r2, and xli before 1.17, allows attackers to execute arbitrary commands via shell metacharacters in filenames for compressed images, which are not properly quoted when calling the gunzip command...

[SECURITY] [DSA 690-1] New bsmtpd packages fix arbitrary command execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 690-1 [email protected] http://www.debian.org/security/ Martin Schulze February 25th, 2005 http://www.debian.org/security/faq -...

DSA-690-1 bsmtpd - missing input sanitising

Bulletin has no description...

CVE-2005-0516

The ImageGalleryPlugin ImageGalleryPlugin.pm in Twiki allows remote attackers to execute arbitrary commands via certain commands that generate thumbnails...

xloadimage -- arbitrary command execution when handling compressed files

Tavis Ormandy discovered that xli and xloadimage attempt to decompress images by piping them through gunzip or similar decompression tools. Unfortunately, the unsanitized file name is included as part of the command. This is dangerous, as in some situations, such as mailcap processing, an attacke...