Microsoft MSN Messenger Service 1.0 Setup BBS - ActiveX Control Buffer Overflow

source: https://www.securityfocus.com/bid/668/info There is a buffer overflow in the 4.71.0.10 version of the MSN Setup BBS ActiveX control setupbbs.ocx.. This ActiveX control is marked 'Safe for Scripting' . Arbitrary commands may be executed if the ActiveX control is run in a malicious manner...

CVE-1999-0689

The CDE dtspcd daemon allows local users to execute arbitrary commands via a symlink attack...

CVE-1999-1064

Multiple buffer overflows in WindowMaker 0.52 through 0.60.0 allow attackers to cause a denial of service and possibly execute arbitrary commands by executing WindowMaker with a long program name argv0...

Sendmail MAIL FROM Command Arbitrary Remote Command Execution

The remote SMTP server did not complain when issued the command : MAIL FROM: |testing This probably means that it is possible to send mail that will be bounced to a program, which is a serious threat, since this allows anyone to execute arbitrary commands on this host. This security hole might be...

Sendmail mail from/rcpt to Pipe Arbitrary Command Execution

The remote SMTP server did not complain when issued the command : MAIL FROM: root@thishost RCPT TO: |testing This probably means that it is possible to send mail directly to programs, which is a serious threat, since this allows anyone to execute arbitrary commands on this host. This security hol...

Excite for Web Server architext_query.pl Shell Metacharacter Arbitrary Command Execution

Excite for Webservers is installed. This CGI has a well-known security flaw that lets a remote attacker execute arbitrary commands with the privileges of the web server. Versions newer than 1.1. are patched. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc';...

Glimpse HTTP aglimpse Arbitrary Command Execution

The remote web server is running GlipmseHTTP. The installed version suffers from a remote command execution vulnerability in the 'aglimpse' component. Note that we could not actually check for the presence of this vulnerability, and only checked for the existence of the 'aglimpse' CGI...

abuseconsole.sh

There is a security hole in RedHat 2.1, which installs the game abuse, /usr/lib/games/abuse/abuse.console suid root. The abuse.console program loads its files without absolute pathnames, assuming the user is running abuse from the /usr/lib/games/abuse directory. One of these files in the undrv...

ToxSoft NextFTP 1.82 - Remote Buffer Overflow

// source: https://www.securityfocus.com/bid/572/info ToxSoft's shareware FTP client, NextFTP, contains an unchecked buffer in the code that parses CWD command replies. If the FTP server's reply contains the exploit code, arbitrary commands can be run on the client machine...

Microsoft Data Access Components (MDAC) 2.1 Microsoft IIS 3.04.0 Microsoft Index Server 2.0 Microsoft Site Server Commerce Edition 3.0 i386 MDAC - RDS (2)

Microsoft Data Access Components MDAC 2.1 Microsoft IIS 3.04.0 Microsoft Index Server 2.0 Microsoft Site Server Commerce Edition 3.0 i386 MDAC - RDS 2 source: https://www.securityfocus.com/bid/529/info MDAC Microsoft Data Access Components is a package used to integrate web and database services...

Web Server /cgi-bin Shell Access

The remote web server has one of these shells installed in /cgi-bin : ash, bash, csh, ksh, sh, tcsh, zsh Leaving executable shells in the cgi-bin directory of a web server may allow an attacker to execute arbitrary commands on the target machine with the privileges of the HTTP daemon. %NASLMINLEV...

in.fingerd Pipe Input Arbitrary Command Execution

It is possible to force the remote finger daemon to execute arbitrary commands by issuing requests like : finger |commandtoexecute@target An attacker may use this bug to gain a shell on this host. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid10126; scriptversion...

HylaFAX faxsurvey Arbitrary Command Execution

The 'faxsurvey' CGI does not sanitize input to the query string. A remote attacker could exploit this to execute arbitrary commands. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; ifdescription scriptid10067; scriptversion"1.45";...

WebGais webgais CGI Arbitrary Command Execution

The 'webgais' CGI is installed. This CGI may let an attacker execute arbitrary commands with the privileges of the http daemon usually root or nobody. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid10300;...

Multiple Vendor info2www CGI Arbitrary Command Execution

The 'info2www' CGI is installed. This CGI has a well known security flaw that lets an attacker execute arbitrary commands with the privileges of the http daemon usually root or nobody. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc';...

WebGais websendmail CGI Arbitrary Command Execution

The 'websendmail' program, part of Webgais, appears to be installed on the remote host. This CGI script has a well-known security flaw that lets an attacker execute arbitrary commands with the privileges of the http daemon usually root or nobody. %NASLMINLEVEL 70300 C Tenable Network Security, In...

CDomain whois_raw.cgi fqdn Parameter Arbitrary Command Execution

The remote host appears to be using the CdomainFree 'whoisraw.cgi' script. This CGI script allows an attacker to view any file on the target computer, as well as to execute arbitrary commands. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc';...

Multiple Vendor phf CGI Arbitrary Command Execution

The 'phf' CGI is installed. This CGI has a well known security flaw that lets an attacker execute arbitrary commands with the privileges of the http daemon usually root or nobody. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if...

IRIX handler CGI Arbitrary Command Execution

The 'handler' cgi is installed. This CGI has a well known security flaw that lets anyone execute arbitrary commands with the privileges of the http daemon root or nobody. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

Solaris 2.67.08 - netpr Local Buffer Overflow (1)

Solaris 2.67.08 - netpr Local Buffer Overflow 1 // source: https://www.securityfocus.com/bid/1200/info A buffer overrun exists in the 'netpr' program, part of the SUNWpcu LP package included with Solaris, from Sun Microsystems. Versions of netpr on Solaris 2.6 and 7, on both Sparc and x86 have be...