4773 matches found
CGIHandler: sets environmental variable based on user supplied Proxy request header
It was discovered that the Python CGIHandler class did not properly protect against the HTTPPROXY variable name clash in a CGI context. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a Python CGI script to an attacker-controlled proxy via a malicious HTTP...
JVN#03052683: Cybozu Mailwise vulnerable to information disclosure
Cybozu Mailwise contains an information disclosure vulnerability in the page where CGI environment variables are displayed. Cookie that contains session information has httponly attribute, and the Cookie value cannot be obtained by JavaScript code. However, Cookie values can be obtained in the pa...
IBM Spectrum Scale and GPFS Command Execution Vulnerabilities (CNVD-2016-06346)
IBM Spectrum Scale and IBM GPFS General Parallel File System are both products of IBM Corporation in the U.S. IBM GPFS is a set of enterprise file management systems optimized for petabyte-scale storage management.IBM Spectrum Scale is a set of IBM GPFS-based data and IBM Spectrum Scale is a data...
openssh -- sshd -- remote valid user discovery and PAM /bin/login attack
The OpenSSH project reports: sshd8: Mitigate timing differences in password authentication that could be used to discern valid from invalid account names when long passwords were sent and particular password hashing algorithms are in use on the server. CVE-2016-6210, reported by EddieEzra.Harari ...
AZL-78994 CVE-2016-5386 affecting package golang 1.25.7-1
The net/http package in Go through 1.6 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect CGI applications from the presence of untrusted client data in the HTTPPROXY environment variable, which might allow remote attackers to redirect a CGI...
Microsoft Windows Environment Variables
Nessus was able to collect system and active account environment variables on the remote Windows host and generate a report as a CSV attachment. C Tenable, Inc. include"compat.inc"; if description scriptid92364; scriptversion"1.14"; scriptsetattributeattribute:"pluginmodificationdate",...
CGI web servers assign Proxy header values from client requests to internal HTTP_PROXY environment variables
Overview Web servers running in a CGI or CGI-like context may assign client request Proxy header values to internal HTTPPROXY environment variables. This vulnerability can be leveraged to conduct man-in-the-middle MITM attacks on internal subrequests or to direct the server to initiate connection...
Vulnerabilities of the Alt Linux SPT operating system, which allow a malicious attacker to disable the device’s functionality
Multiple vulnerabilities in the bash command-line interpreter of the Altron Linux SPT operating system are caused by errors in processing input data during syntax analysis of code. Exploiting these vulnerabilities allows a malicious individual to execute arbitrary commands with the privileges of...
The vulnerability of Cisco IPS software allows a malicious individual to gain access to confidential information.
The GNU Bash command shell, as of version 4.3 bash43-025, incorrectly handles lines that follow the declaration of a specially crafted function, which is exported as a variable. This allows a malicious actor to read and write arbitrary files, as well as perform other unconfirmed actions. Security...
The vulnerability of the Cisco Nexus 5000 software allows a malicious individual to execute arbitrary code.
The GNU Bash command shell, as of version 4.3 and later, incorrectly handles lines that follow the declaration of a function exported as a variable. This allows a malicious actor to execute arbitrary code by interfering with environment variables. Security researchers have confirmed that this...
The vulnerability of the Cisco Unified Communications Manager software allows a malicious individual to gain access to confidential information.
The GNU Bash command shell, as of version 4.3 bash43-025 and later, incorrectly handles lines that follow the declaration of a specially crafted function, which is exported as a variable. This allows a malicious actor to read and write arbitrary files, as well as perform other unconfirmed actions...
The vulnerability of Cisco Nexus 1000V software allows a malicious individual to gain access to confidential information.
The GNU Bash command shell, as of version 4.3 bash43-025, incorrectly handles lines that follow the declaration of a specially crafted function, which is exported as a variable. This allows a malicious actor to read and write arbitrary files, as well as perform other unconfirmed actions. Security...
The vulnerability of Cisco ACS software allows a malicious individual to execute arbitrary code.
The GNU Bash command shell, as of version 4.3 and later, incorrectly handles lines that follow the declaration of a function that is exported as a variable. This allows a malicious actor to execute arbitrary code by interfering with environment variables. Security researchers have confirmed that...
Vulnerability of Cisco Nexus 7000 software, allowing attackers to access confidential information
The GNU Bash command shell, as of version 4.3 bash43-025 and later, incorrectly handles lines that follow the declaration of a specially crafted function, which is exported as a variable. This allows a malicious actor to read and write arbitrary files, as well as perform other undefined actions...
Vulnerability of Cisco ACS software, allowing a malicious individual to access confidential information
The GNU Bash command shell, as of version 4.3 bash43-025, incorrectly handles lines that follow the declaration of a specially crafted function, which is exported as a variable. This allows a malicious actor to read and write arbitrary files, as well as perform other unconfirmed actions. Security...
The vulnerability of the GNU Bash command-line interpreter allows a malicious actor to cause a service failure or execute arbitrary code.
The vulnerability of the GNU Bash command-line interpreter arises from errors in the processing of input data during syntax analysis of code. Exploiting this vulnerability allows a malicious individual to execute arbitrary code with the privileges of the current user whenever the command-line...
OracleVM 3.2 : sudo (OVMSA-2016-0079)
The remote OracleVM system is missing necessary patches to address critical security updates : - added patch for CVE-2014-0106: certain environment variables not sanitized when envreset is disabled Resolves: rhbz1072210 - backported fixes for CVE-2013-1775 CVE-2013-1776 CVE-2013-2776 CVE-2013-277...
SUSE-SU-2016:1528-1 Security update for openssh
openssh was updated to fix three security issues. These security issues were fixed: - CVE-2016-3115: Multiple CRLF injection vulnerabilities in session.c in sshd in OpenSSH allowed remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data, related to...
jenkins: Arbitrary build parameters are passed to build scripts as environment variables (SECURITY-170)
Jenkins before 2.3 and LTS before 1.651.2 might allow remote authenticated users to inject arbitrary build parameters into the build environment via environment variables...
CVE-2016-3721
Jenkins before 2.3 and LTS before 1.651.2 might allow remote authenticated users to inject arbitrary build parameters into the build environment via environment variables...