Cisco IOS XE Path Traversal Vulnerability

Cisco IOS XE is a set of operating systems developed by Cisco for its network devices. A path traversal vulnerability exists in the Guest Shell of Cisco IOS XE. The vulnerability stems from incomplete validation of certain commands. An attacker can exploit this vulnerability to execute arbitrary...

CVE-2019-12709 Cisco IOS XR Software for Cisco ASR 9000 VMAN CLI Privilege Escalation Vulnerability

A vulnerability in a CLI command related to the virtualization manager VMAN in Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with root privileges. The...

Cisco Unified Communications Domain Manager Security Bypass Vulnerability

Cisco Unified Communications Domain Manager CUCDM is a Cisco Cisco company dedicated to unified communications solutions in the call processing components. The component has scalable, distributable, and highly available enterprise voice-over-IP call processing capabilities. A security vulnerabili...

Serv-U FTP Server prepareinstallation Privilege Escalation

This module attempts to gain root privileges on systems running Serv-U FTP Server versions prior to 15.1.7. The Serv-U executable is setuid root, and uses ARGV0 in a call to system, without validation, when invoked with the -prepareinstallation flag, resulting in command execution with root...

Input validation

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with the privilege level of root. The vulnerability is due to insufficient validation of arguments passed to a specific CLI comman...

PT-2019-2368 · Cisco · Cisco Fx-Os +2

Name of the Vulnerable Software and Affected Versions: Cisco NX-OS versions prior to 8.31 Cisco FX-OS affected versions not specified Description: The issue is related to insufficient validation of arguments passed to certain CLI commands, which could allow an authenticated, local attacker with...

Cohu 3960HD Authentication Deficiency Vulnerability

The Cohu 3960HD is an IP zoom camera from Cohu USA that is typically used as a traffic camera. A security vulnerability exists in the Cohu 3960HD that stems from the program's failure to validate commands received on a remote configuration port. An attacker can exploit the vulnerability to change...

PHPCompta / NOALYSS 6.7.1 5638 - Remote Command Execution Vulnerability

PHPCompta/NOALYSS version 6.7.1 5638 suffers from a remote command execution vulnerability. Vulnerability title: Remote Command Execution in PHPCompta/NOALYSS CVE: CVE-2014-6389 Vendor: PHPCompta Product: PHPCompta/NOALYSS Affected version: 6.7.1 5638 Fixed version: 6.7.2 Reported by: Jerzy Krama...

Baby Web Server <= 2.6.2 Command Validation Exploit

No description provided by source. !/bin/perl Baby Web Server Command Validation Exploit -------------------------------------------------- Infam0us Gr0up - Securiti Research E:\nc -v localhost 80 Infam0us-Gr0up 127.0.0.1 80 http open GET HTTP HTTP/1.0 400 Bad Request Server: Baby Web Server --...

PHPX 3.x admin/news.php CSRF Arbitrary Command Execution

No description provided by source. source: http://www.securityfocus.com/bid/10284/info It has been reported that PHPX is affected by multiple administrator command execution vulnerabilities. These issues are due to a failure of the application to properly validate access to administrative command...

Gentoo Security Advisory GLSA 200509-15 (util-linux)

The remote host is missing updates announced in advisory GLSA 200509-15. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Gentoo Security Advisory GLSA 200509-15 (util-linux)

The remote host is missing updates announced in advisory GLSA 200509-15. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Baby Web Server 2.6.2 - Command Validation

!/bin/perl Baby Web Server Command Validation Exploit -------------------------------------------------- Infam0us Gr0up - Securiti Research E:\nc -v localhost 80 Infam0us-Gr0up 127.0.0.1 80 http open GET HTTP HTTP/1.0 400 Bad Request Server: Baby Web Server perl babyws.pl localhost test.txt...

Baby Web Server 2.6.2 - Command Validation

Baby Web Server 2.6.2 - Command Validation !/bin/perl Baby Web Server Command Validation Exploit -------------------------------------------------- Infam0us Gr0up - Securiti Research E:\nc -v localhost 80 Infam0us-Gr0up 127.0.0.1 80 http open GET HTTP HTTP/1.0 400 Bad Request Server: Baby Web...

Baby Web Server &lt;= 2.6.2 Command Validation Exploit

No description provided by source. !/bin/perl Baby Web Server Command Validation Exploit -------------------------------------------------- Infam0us Gr0up - Securiti Research E:\nc -v localhost 80 Infam0us-Gr0up 127.0.0.1 80 http open GET HTTP HTTP/1.0 400 Bad Request Server: Baby Web Server --...

Baby Web Server <= 2.6.2 Command Validation Exploit

Exploit for unknown platform in category remote exploits =================================================== Baby Web Server nc -v localhost 80 Infam0us-Gr0up 127.0.0.1 80 http open GET HTTP HTTP/1.0 400 Bad Request Server: Baby Web Server perl babyws.pl localhost test.txt...

CVE-2002-0610

The CVE-2002-0610 vulnerability affects HP MPE/iX FTPSRVR (versions 6.0–7.0). The FTP server does not properly validate certain FTP commands, enabling a remote attacker to gain unauthorized access. HP/HP-UX bulletin HPSBMP0204-014 documents the issue and provides patches: 6.0 FTPGD91A, 6.5 FTPGD9...

CVE-2002-0610

Vulnerability in FTPSRVR in HP MPE/iX 6.0 through 7.0 does not properly validate certain FTP commands, which allows attackers to gain privileges...