104 matches found
Novell NetIQ Privileged User Manager 2.3.1 - 'ldapagnt.dll' ldapagnt_eval() Perl Code Evaluation Remote Code Execution
Novell NetIQ Privileged User Manager 2.3.1 ldapagnt.dll ldapagnteval Perl Code Evaluation RCE pre auth/SYSTEM Tested against: Microsoft Windows 2003 r2 sp2 download url: http://download.novell.com/index.jsp search "Privileged User Manager" file tested: NetIQ-PUM-2.3.1.iso decompress and launch...
Novell NetIQ Privileged User Manager 2.3.1 ldapagnt.dll Code Execution
Novell NetIQ Privileged User Manager version 2.3.1 suffers from a perl code evaluation remote command execution vulnerability in ldapagnteval in ldapagnt.dll. The secure web interface contains a flaw which allows, without prior authentication, to execute a Perl script with SYSTEM privileges. This...
Novell NetIQ Privileged User Manager 2.3.1 - ldapagnt.dll ldapagnt_eval() Perl Code Evaluation Remote Code Execution
Novell NetIQ Privileged User Manager 2.3.1 - ldapagnt.dll ldapagnteval Perl Code Evaluation Remote Code Execution Novell NetIQ Privileged User Manager 2.3.1 ldapagnt.dll ldapagnteval Perl Code Evaluation RCE pre auth/SYSTEM Tested against: Microsoft Windows 2003 r2 sp2 download url:...
Trixbox langChoice PHP Local File Inclusion
$Id: $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ -- coding: utf-8 -- require 'msf/core' class...
[Backports-security-announce] Security update for devscripts
Adam D. Barratt uploaded new packages for devscripts which fixed the following security problem: CVE-2009-2946: When parsing watch files, uscan applied "mangle rules" by evaluating them as Perl code without any sanitisation. This could have lead to the execution of arbitrary code by users or...
Generic PHP Code Evaluation
Exploits things like It is likely that HTTP evasion options will break this exploit. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Generic PHP Code Evaluation', 'Description' = %q Exploits...
Debian Security Advisory DSA 1029-1 (libphp-adodb)
The remote host is missing an update to libphp-adodb announced via advisory DSA 1029-1. Several vulnerabilities have been discovered in libphp-adodb, the 'adodb' database abstraction layer for PHP. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2006-0146...
Debian: Security Advisory (DSA-1029-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DSA-1030-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian Security Advisory DSA 1031-1 (cacti)
The remote host is missing an update to cacti announced via advisory DSA 1031-1. Several vulnerabilities have been discovered in libphp-adodb, the 'adodb' database abstraction layer for PHP, which is embedded in cacti, a frontend to rrdtool for monitoring systems and services. The Common...
Debian DSA-1030-1 : moodle - several vulnerabilities
Several vulnerabilities have been discovered in libphp-adodb, the 'adodb' database abstraction layer for PHP, which is embedded in moodle, a course management system for online learning. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2006-0146 Andreas...
Ruby on Rails Routing Code URL Code Evaluation DoS
The remote web server appears to be using a version of Ruby on Rails, an open source web framework, that has a flaw in its routing code that can lead to the evaluation of Ruby code through the URL. Successful exploitation of this issue can result in a denial of service or even data loss...
rubygem-rails -- evaluation of ruby code
The Ruby on Rails blog reports: With Rails 1.1.0 through 1.1.5 minus the short-lived 1.1.3, you can trigger the evaluation of Ruby code through the URL because of a bug in the routing code of Rails. This means that you can essentially take down a Rails process by starting something like...
[SECURITY] [DSA 1029-1] New libphp-adodb packages fix several vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 1029-1 [email protected] http://www.debian.org/security/ Martin Schulze April 8th, 2006 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1031-1] New cacti packages fix several vulnerabilities
-------------------------------------------------------------------------- Debian Security Advisory DSA 1031-1 [email protected] http://www.debian.org/security/ Martin Schulze April 8th, 2006 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1030-1] New moodle packages fix several vulnerabilities
-------------------------------------------------------------------------- Debian Security Advisory DSA 1030-1 [email protected] http://www.debian.org/security/ Martin Schulze April 8th, 2006 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1029-1] New libphp-adodb packages fix several vulnerabilities
-------------------------------------------------------------------------- Debian Security Advisory DSA 1029-1 [email protected] http://www.debian.org/security/ Martin Schulze April 8th, 2006 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1029-1] New libphp-adodb packages fix several vulnerabilities
-------------------------------------------------------------------------- Debian Security Advisory DSA 1029-1 [email protected] http://www.debian.org/security/ Martin Schulze April 8th, 2006 http://www.debian.org/security/faq -...
DSA-1030-1 moodle - several
Bulletin has no description...
DSA-1031-1 cacti - several
Bulletin has no description...