CGI Generic XSS (quick test)

The remote web server hosts CGI scripts that fail to adequately sanitize request strings with malicious JavaScript. By leveraging this issue, an attacker may be able to cause arbitrary HTML and script code to be executed in a user's browser within the security context of the affected site. These...

Fedora Update for php FEDORA-2007-455

Check for the Version of php OpenVAS Vulnerability Test Fedora Update for php FEDORA-2007-455 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of th...

Fedora Update for php FEDORA-2007-709

Check for the Version of php OpenVAS Vulnerability Test Fedora Update for php FEDORA-2007-709 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of th...

Multiple Tor World CGI scripts vulnerable to arbitrary script execution

Overview Multiple Tor World CGI scripts contain a vulnerability which may allow an arbitrary script execution. Tor World provides CGI scripts for implementing search engines, message boards, and other tools. Multiple Tor World CGI scripts contain a vulnerability which may allow an attacker to...

CVE-2008-4077

The CGI scripts in 1 LedgerSMB LSMB before 1.2.15 and 2 SQL-Ledger 2.8.17 and earlier allow remote attackers to cause a denial of service resource exhaustion via an HTTP POST request with a large Content-Length...

CVE-2008-4077

The CGI scripts in 1 LedgerSMB LSMB before 1.2.15 and 2 SQL-Ledger 2.8.17 and earlier allow remote attackers to cause a denial of service resource exhaustion via an HTTP POST request with a large Content-Length...

Code injection

The CGI scripts in 1 LedgerSMB LSMB before 1.2.15 and 2 SQL-Ledger 2.8.17 and earlier allow remote attackers to cause a denial of service resource exhaustion via an HTTP POST request with a large Content-Length...

CVE-2008-4077

LedgerSMB pre-1.2.15 and SQL-Ledger 2.8.17 and earlier are affected by CVE-2008-4077. The issue arises in the CGI scripts, where an HTTP POST with a large Content-Length can cause resource exhaustion (DoS). The vulnerability is exploited remotely via crafted requests to the CGI endpoints. Remedia...

CVE-2008-4077

The CGI scripts in 1 LedgerSMB LSMB before 1.2.15 and 2 SQL-Ledger 2.8.17 and earlier allow remote attackers to cause a denial of service resource exhaustion via an HTTP POST request with a large Content-Length...

CVE-2008-4077

The CGI scripts in 1 LedgerSMB LSMB before 1.2.15 and 2 SQL-Ledger 2.8.17 and earlier allow remote attackers to cause a denial of service resource exhaustion via an HTTP POST request with a large Content-Length...

Red Hat Fedora目录服务器HTTP非转义函数缓冲区溢出漏洞

BUGTRAQ ID: 31106 CVE ID：CVE-2008-2932 CNCVE ID：CNCVE-20082932 Red Hat Fedora Directory Server是一款目录服务程序。 Red Hat Fedora Directory Server adminutil不正确处理用户输入，远程攻击者可以利用漏洞进行缓冲区溢出，以应用程序权限执行任意指令。 adminutil是一款Red Hat / Fedora Directory Server附带的多个CGI脚本使用的通用函数库。 adminutil...

CVE-2008-2932

Heap-based buffer overflow in Red Hat adminutil 1.1.6 allows remote attackers to cause a denial of service daemon crash or possibly execute arbitrary code via % percent encoded HTTP input to unspecified CGI scripts in Fedora Directory Server. NOTE: this vulnerability exists because of an incorrec...

CVE-2008-2932

Heap-based buffer overflow in Red Hat adminutil 1.1.6 allows remote attackers to cause a denial of service daemon crash or possibly execute arbitrary code via % percent encoded HTTP input to unspecified CGI scripts in Fedora Directory Server. NOTE: this vulnerability exists because of an incorrec...

PT-2008-4370 · Red Hat · Red Hat Adminutil

Name of the Vulnerable Software and Affected Versions: Red Hat adminutil version 1.1.6 Description: A heap-based buffer overflow issue exists, allowing remote attackers to cause a denial of service or possibly execute arbitrary code via percent encoded HTTP input to unspecified CGI scripts in...

JVN#18616622 Multiple Tor World CGI scripts vulnerable to arbitrary script execution

Tor World provides CGI scripts for implementing search engines, message boards, and other tools. Multiple Tor World CGI scripts contain a vulnerability which may allow an attacker to inject an arbitrary script into the web page which is generated by the affected product. This vulnerability is...

[SECURITY] Fedora 9 Update: perl-5.10.0-27.fc9

Perl is a high-level programming language with roots in C, sed, awk and shell scripting. Perl is good at handling processes and files, and is especially good at handling text. Perl's hallmarks are practicality and efficiency. While it is used to do a lot of different things, Perl's most common...

JVN#45389864 CGIWrap error page cross-site scripting vulnerability

CGIWrap is a gateway program that allows general users to use CGI scripts and HTML forms on the web server. CGIWrap contains a cross-site scripting vulnerability as it does not specify charset in the error page. Impact An arbitrary script may be executed on the user's web browser. Solution Update...

Cross-site scripting vulnerability in multiple Tor World CGI scripts

Overview Multiple Tor World CGI scripts contain a cross-site scripting vulnerability. Tor World provides CGI scripts for implementing search engines, message boards, and other tools. Multiple Tor World CGI scripts contain a cross-site scripting vulnerability. Impact An arbitrary script can be...

[SECURITY] Fedora 7 Update: perl-5.8.8-29.fc7

Perl is a high-level programming language with roots in C, sed, awk and shell scripting. Perl is good at handling processes and files, and is especially good at handling text. Perl's hallmarks are practicality and efficiency. While it is used to do a lot of different things, Perl's most common...

Fedora 7 : fedora-ds-admin-1.1.4-1.fc7 (2008-3214)

This release addresses two security vulerabilities in the package: - shell command injection in CGI replication monitor CVE-2008-0892 - unrestricted access to CGI scripts CVE-2008-0893 Fix Description: Remove ScriptAlias for bin/admin/admin/bin - do not use that directory for CGI URIs - use only...