8695 matches found
CVE-1999-1381
The CVE covers a buffer overflow in the dbadmin CGI program 1.0.1 on Linux, enabling remote command execution. The available sources state this vulnerability allows arbitrary commands to be executed by an unauthenticated attacker over the network. No remediation or patch details are provided in t...
CVE-1999-1479
CVE-1999-1479 affects the CGI textcounter.pl (Matt Wright) – the installed textcounter CGI allows remote command execution via shell metacharacters. Impact is remote code execution with the privileges of the http daemon (usually root or nobody). Remediation available is to remove the CGI from /cg...
CVE-1999-1502
CVE-1999-1502 affects the Quake 1.9 client. It is due to buffer overflows triggered by long values in four fields (precache paths, server name, server address, argument to the map console command), allowing a remote attacker to execute arbitrary commands on the client. Exploitation details are no...
CVE-1999-1511
CVE-1999-1511 affects Xtramail 1.11, with buffer overflow issues in multiple services: POP3 PASS, SMTP HELO, and Control Service username. These overflow conditions can crash the service and may allow arbitrary code execution. Nessus plugin entries indicate fixes targeting Xtramail
CVE-1999-1261
The provided records describe CVE-1999-1261: a buffer overflow in Rainbow Six Multiplayer triggered by a long nickname (nick) command, enabling remote denial of service and potentially arbitrary command execution. The issue is software-level, affecting Rainbow Six Multiplayer, with network-based ...
CVE-1999-1112
Buffer overflow in IrfanView32 3.07 and earlier allows attackers to execute arbitrary commands via a long string after the "8BPS" image type in a Photo Shop image header...
CVE-1999-1154
LakeWeb Filemail CGI script allows remote attackers to execute arbitrary commands via shell metacharacters in the recipient email address...
CVE-1999-1334
Multiple buffer overflows in filter command in Elm 2.4 allows attackers to execute arbitrary commands via 1 long From: headers, 2 long Reply-To: headers, or 3 via a long -f filterfile command line argument...
Hassan Consulting Shopping Cart 1.23 - Arbitrary Command Execution
Hassan Consulting Shopping Cart 1.23 - Arbitrary Command Execution source: https://www.securityfocus.com/bid/3308/info Hassan Consulting's Shopping Cart is commercial web store software. Shopping Cart does not filter certain types of user-supplied input from web requests. This makes it possible f...
Hassan Consulting Shopping Cart 1.23 - Arbitrary Command Execution
source: https://www.securityfocus.com/bid/3308/info Hassan Consulting's Shopping Cart is commercial web store software. Shopping Cart does not filter certain types of user-supplied input from web requests. This makes it possible for a malicious user to submit a request which causes arbitrary...
Network Associates CSMAP and smap/smapd vulnerable to buffer overflow thereby allowing arbitrary command execution
Overview A remotely exploitable buffer overflow exists in the Gauntlet Firewall. Description The buffer overflow occurs in the smap/smapd and CSMAP daemons. According to PGP Security, these daemons are responsible for handling email transactions for both inbound and outbound e-mail.This...
Irix LPD tagprinter - Command Execution (Metasploit)
Irix LPD tagprinter - Command Execution Metasploit $Id: tagprinterexec.rb 10561 2010-10-06 00:53:45Z hdm $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing...
Solaris 8.0 LPD - Command Execution (Metasploit)
Solaris 8.0 LPD - Command Execution Metasploit $Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...
Solaris 8.0 LPD - Command Execution (Metasploit)
$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Solaris LPD...
Aladdin Ghostscript LD_RUN_PATH environment variable allows libraries to be loaded from current directory
Overview Alladin Ghostscript, a previewer for postscript files, uses an insecure value for the LDRUNPATH environment variable. This allows attackers to supply malicious libraries to be loaded from the current directory. Description Alladin Ghostscript is a previewer for postscript files. In...
NetCode NC Book book.cgi current Parameter Arbitrary Command Execution
The CGI 'book.cgi' is installed. This CGI has a well known security flaw that lets an attacker execute arbitrary commands with the privileges of the http daemon. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include 'compat.inc' ; ifdescription scriptid10721; scriptversion"1.27";...
SuSE Support Data Base sbsearch.cgi Arbitrary Command Execution
SuSE CGI 'sdbsearch.cgi' is installed. This CGI allows a local and possibly remote user to execute arbitrary commands with the privileges of the HTTP server. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; ifdescription scriptid10720;...
CVE-2001-0595
Buffer overflow in the kcsSUNWIOsolf.so library in Solaris 7 and 8 allows local attackers to execute arbitrary commands via the KCMSPROFILES environment variable, e.g. as demonstrated using the kcmsconfigure program...
SuSE 6.36.47.0 sdb - Arbitrary Command Execution
SuSE 6.36.47.0 sdb - Arbitrary Command Execution source: https://www.securityfocus.com/bid/3208/info An input validation error exists in sdb, the SuSE Support Data Base. The problem exists in the sdbsearch.cgi script, which uses data directly from the 'Referer' header field from a HTTP request as...
SuSE 6.3/6.4/7.0 sdb - Arbitrary Command Execution
source: https://www.securityfocus.com/bid/3208/info An input validation error exists in sdb, the SuSE Support Data Base. The problem exists in the sdbsearch.cgi script, which uses data directly from the 'Referer' header field from a HTTP request as a path when opening it's "keylist.txt" file. The...