Unrestricted file upload

Unrestricted file upload vulnerability in Mini File Host 1.5 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in an unspecified directory, as demonstrated by creating a name.php file...

CVE-2008-6768

Unrestricted file upload vulnerability in admin/editor/images.php in K&S Shopsoftware allows remote attackers to execute arbitrary PHP code by uploading a file with an executable extension, then accessing it via a direct request to the file in images/upload/...

CVE-2008-6769

Unrestricted file upload vulnerability in upload.php in YourPlace 1.0.2 and earlier allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file...

Unrestricted file upload

Unrestricted file upload vulnerability in upload-file.php in Adam Patterson Studio Lounge Address Book 2.5, as reachable from index2.php, allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in...

CVE-2008-6769

Unrestricted file upload vulnerability in upload.php in YourPlace 1.0.2 and earlier allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file...

kernel: exit_notify: kill the wrong capable(CAP_KILL) check

The exitnotify function in kernel/exit.c in the Linux kernel before 2.6.30-rc1 does not restrict exit signals when the CAPKILL capability is held, which allows local users to send an arbitrary signal to a process by running a program that modifies the exitsignal field and then uses an exec system...

Unrestricted file upload

Unrestricted file upload vulnerability in admin/editor/image.php in e-cart.biz Free Shopping Cart allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in images/...

CVE-2009-1446

Unrestricted file upload vulnerability in upload.php in Elkagroup Image Gallery 1.0 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in gallery/pictures/. NOTE: some of these details ar...

Mandriva Linux Security Advisory : autofs (MDVSA-2008:009-1)

The default behaviour of autofs 5 for the hosts map did not specify the nosuid and nodev mount options. This could allow a local user with control of a remote NFS server to create a setuid root executable on the exported filesystem of the remote NFS server. If this filesystem was mounted with the...

Mandriva Linux Security Advisory : clamav (MDVSA-2008:003)

An integer overflow vulnerability was reported by iDefense with clamav when parsing Portable Executable PE files packed in he MEW format. This could be exploited to cause a heap-based buffer overflow CVE-2007-6335. Toeroek Edwin reported an off-by-one error when decompressing MS-ZIP compressed CA...

CVE-2008-6731

CVE-2008-6731 describes an unrestricted file upload vulnerability in submitlink.php of FlexPHPLink Pro 0.0.7 . An attacker can upload a file with an executable extension and then access the renamed file under the linkphoto/ path to execute arbitrary PHP code remotely. The vulnerability stems from...

CVE-2009-1314

body.asp in Web File Explorer 3.1 allows remote attackers to create arbitrary files and execute arbitrary code via the savefile action with a file parameter containing a filename that has an executable extension...

Ubuntu: Security Advisory (USN-754-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

FreeBSD i386/AMD64 Execve /bin/sh - Anti-Debugging

No description provided by source. / ELF - FreeBSD Execve /bin/sh - Anti-Debugging - i386/AMD64 c0d3z3r0 [email protected] ; [email protected] http://anderson.hacknroll.com http://blog.hacknroll.com \x7f\x45\x4c\x46\x01\x01\x01\x09\x00\x00\x00\x00\x00\x00\x00\x00...

FreeBSD i386/AMD64 Execve /bin/sh - Anti-Debugging

Exploit for freebsd/x86 platform in category shellcode ================================================== FreeBSD i386/AMD64 Execve /bin/sh - Anti-Debugging ================================================== / ELF - FreeBSD Execve /bin/sh - Anti-Debugging - i386/AMD64 c0d3z3r0 andersonunderground...

CVE-2008-6684

Unrestricted file upload vulnerability in editimage.php in Apartment Search Script allows remote attackers to execute arbitrary code by uploading a file with an executable extension and a GIF header, then accessing this file via a direct request to a renamed file in MemberAdmin/logo/...

Mandriva Update for clamav MDVSA-2008:003 (clamav)

Check for the Version of clamav OpenVAS Vulnerability Test Mandriva Update for clamav MDVSA-2008:003 clamav Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...

Mandriva Update for live MDVA-2008:183 (live)

Check for the Version of live OpenVAS Vulnerability Test Mandriva Update for live MDVA-2008:183 live Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...

Mandriva Update for autofs MDVSA-2008:009-1 (autofs)

Check for the Version of autofs OpenVAS Vulnerability Test Mandriva Update for autofs MDVSA-2008:009-1 autofs Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...

Mandriva Update for clamav MDVSA-2008:003 (clamav)

Check for the Version of clamav OpenVAS Vulnerability Test Mandriva Update for clamav MDVSA-2008:003 clamav Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...