CVE-2010-2930

CVE-2010-2930 affects hsolinkcontrol in hsolink 1.0.118. The issue consists of multiple stack-based buffer overflows triggered by long command-line arguments, enabling local privilege escalation. Root cause is buffer overflows in hsolinkcontrol. The provided documents do not specify a patch or wo...

CVE-2010-1671

CVE-2010-1671 affects hsolinkcontrol in hsolink 1.0.118. The issue is a local-privilege escalation caused by improper handling of shell metacharacters in command-line arguments, demonstrated by the second argument in a down action. Impact is local privilege gain; remediation/fix details are not p...

MapServer Insecure MapServ CGI Command-line Debug Args

The version of MapServer installed on the remote host allows the use of several insecure command-line debug arguments that are affected by unspecified vulnerabilities. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

Java: Java Web Start arbitrary command line injection

Unspecified vulnerability in the New Java Plug-in component in Oracle Java SE and Java for Business JDK and JRE 6 Update 18 and 19 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors...

Fedora Update for pcsc-lite FEDORA-2010-10764

Check for the Version of pcsc-lite OpenVAS Vulnerability Test Fedora Update for pcsc-lite FEDORA-2010-10764 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...

Oracle Secure Backup Administration $other Variable Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary commands on vulnerable installations of Oracle Secure Backup. Authentication is required to exploit this vulnerability. The specific flaw exists in the handling of variables to the propertybox.php script located on the Oracle Secure...

HP NNM 7.53 ovwebsnmpsrv.exe Buffer Overflow

Exploit Title: HP NNM 7.53 ovwebsnmpsrv.exe Buffer Overflow SEH Date: 07/06/2010 Author: bitform Software Link: hp.com Version: 7.53 Tested on: Windows XP SP2 CVE: CVE-2010-1964 Exploit: C:\Program Files\HP OpenView\www\bin\ovwebsnmpsrv.exe -dump...

Fedora 11 : gif2png-2.5.1-1102.fc11 (2010-0330)

Tue Jan 5 2010 Enrico Scholz - 2.5.1-1102 - catch another possible overflow when appending a numbered suffix detected to Tomas Hoger - applied the -overflow patch... - Sat Jan 2 2010 Enrico Scholz - 2.5.1-1101 - changed -overflow patch to abort on bad filenames instead of processing truncated...

Fedora Update for cups FEDORA-2010-10066

Check for the Version of cups OpenVAS Vulnerability Test Fedora Update for cups FEDORA-2010-10066 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...

[SECURITY] Fedora 11 Update: pcsc-lite-1.5.2-3.fc11

The purpose of PC/SC Lite is to provide a WindowsR SCard interface in a very small form factor for communicating to smartcards and readers. PC/SC Lite uses the same winscard API as used under WindowsR. This package includes the PC/SC Lite daemon, a resource manager that coordinates communications...

Oracle Java Web Start Launch Command-Line Injection (CVE-2010-0886; CVE-2010-0887; CVE-2010-1423)

The Oracle Java Web Start is a component of the Java 2 Runtime Environment JRE. It facilitates network deployment of applications developed with the Java programming language. This component enables stand-alone Java applications to be downloaded from a remote network location and run on a target...

[SECURITY] Fedora 11 Update: postgresql-8.3.11-1.fc11

PostgreSQL is an advanced Object-Relational database management system DBMS that supports almost all SQL constructs including transactions, subselects and user-defined types and functions. The postgresql package includes the client programs and libraries that you'll need to access a PostgreSQL DB...

Mathematica on Linux /tmp/MathLink vulnerability

"If you're doing anything technical, think Mathematica --..." http://www.wolfram.com/products/mathematica/index.html Mathematica7 on Linux uses the /tmp/MathLink directory in insecure ways. Mathematica creates or re-uses an existing /tmp/MathLink directory, and overwrites files within and follows...

Mathematica Symlink Attack

"If you're doing anything technical, think Mathematica --..." http://www.wolfram.com/products/mathematica/index.html Mathematica7 on Linux uses the /tmp/MathLink directory in insecure ways. Mathematica creates or re-uses an existing /tmp/MathLink directory, and overwrites files within and follows...

IPB 3.0.1 SQL Injection

Attention!\n"; echo "\n"; echo "Error!\n"; echo "This exploit is meant to be used as php CLI script!\n"; echo "More information:\n"; echo "http://www.google.com/search?hl=en&q=php+cl...

Joomla Camp26 VisitorData Module Shell Command Injection Vulnerability

No description provided by source. A vulnerability has been discovered in the Camp26 VisitorData module for Joomla, which can be exploited by malicious people to compromise a vulnerable system. Input passed via the "X-Forwarded-For" HTTP header is not properly sanitised before being used as a...

Invision Power Board 3.0.1 sql injection exploit

No description provided by source. ?php errorreportingEALL; /////////////////////////////////////////////////////////////////////// /////////////////////////////////////////////////////////////////////// // IPB 3.0.1 sql injection exploit // Version 1.0 // written by Cryptovirus //...

Invision Power Board 3.0.1 - SQL Injection

Attention!\n"; echo "\n"; echo "Error!\n"; echo "This exploit is meant to be used as php CLI script!\n"; echo "More information:\n"; echo "http://www.google.com/search?hl=en&q=php+...

Sun Java Web Start command-line argument injection

Added: 04/20/2010 CVE: CVE-2010-0886 BID: 39492 OSVDB: 63798 Background Sun Java Web Start allows standalone Java applications, called JNLP files, to be executed by the Java Runtime Environment JRE. Problem A vulnerability in Sun Java Web Start allows execution of arbitrary commands which are...

Sun Java Web Start command-line argument injection

Added: 04/20/2010 CVE: CVE-2010-0886 BID: 39492 OSVDB: 63798 Background Sun Java Web Start allows standalone Java applications, called JNLP files, to be executed by the Java Runtime Environment JRE. Problem A vulnerability in Sun Java Web Start allows execution of arbitrary commands which are...