Cisco Unified Computing System Fabric Interconnect run-script Command Injection Vulnerability

A vulnerability in the run-script command of the Cisco Unified Computing System fabric interconnect could allow an authenticated, local attacker to execute commands and obtain an interactive Linux shell as the root user. The vulnerability is due to a failure to properly sanitize user input. An...

Cisco Unified Computing System Fabric Interconnect activate firmware Command Injection Vulnerability

A vulnerability in the activate firmware command of the Cisco Unified Computing System fabric interconnect could allow an authenticated, local attacker to execute commands and obtain an interactive Linux shell as the root user. The vulnerability is due to a failure to properly sanitize user input...

OpenSC Version Detection

Detects the installed version of OpenSC on the host. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

F5 FirePass 4100 SSL VPN My.Activiation.PHP3远程命令注入漏洞

F5's FirePass SSL VPN提供使用标准WEB浏览器对应用程序和数据进行安全访问的解决方案。 F5 FirePass 4100不正确过滤用户提交的输入，远程攻击者可以利用漏洞以WEB权限执行任意命令。 问题是'my.activation.php3'脚本对用户提交的'username'参数缺少过滤，在部分条件下允许用户注入Linux SHELL命令，导致以WEB权限执行。 F5 FirePass 4100 厂商解决方案 可参考如下安全公告获得补丁信息： https://tech.f5.com/home/solutions/sol167.html...

Command injection

Cisco CiscoWorks Wireless LAN Solution Engine WLSE and WLSE Express before 2.13, Hosting Solution Engine HSE and User Registration Tool URT before 20060419, and all versions of Ethernet Subscriber Solution Engine ESSE and CiscoWorks2000 Service Management Solution SMS allow local users to gain...

CVE-2006-1961

Cisco CiscoWorks Wireless LAN Solution Engine WLSE and WLSE Express before 2.13, Hosting Solution Engine HSE and User Registration Tool URT before 20060419, and all versions of Ethernet Subscriber Solution Engine ESSE and CiscoWorks2000 Service Management Solution SMS allow local users to gain...

CVE-2006-1961

CiscoWorks WLSE/WLSE Express <2.13, HSE and URT

CVE-2006-1961

Cisco CiscoWorks Wireless LAN Solution Engine WLSE and WLSE Express before 2.13, Hosting Solution Engine HSE and User Registration Tool URT before 20060419, and all versions of Ethernet Subscriber Solution Engine ESSE and CiscoWorks2000 Service Management Solution SMS allow local users to gain...

linux/x86 execve /bin/sh xor encrypted 55 bytes

Exploit for linux/x86 platform in category shellcode =============================================== linux/x86 execve /bin/sh xor encrypted 55 bytes =============================================== / .file "xor-encrypted shellcode" .version "1.0" .text .align 4 .globl main .type main,@function...

execve of /bin/sh after setreuid0,0

execve of /bin/sh after setreuid0,0. Shellcode exploit for linx86 platform / $Id: execve-setreuid.c,v 1.1 2001/05/02 18:10:52 raptor Exp $ execve-setreuid.c v1.0 - shellcode for Linux/i386 Copyright c 2001 Raptor This shellcode does an execve of /bin/sh after a setreuid0, 0, then exits. / / ASM...

[SECURITY] New version of wu-ftpd fixes buffer overflow

Subject: SECURITY New versions of wu-ftpd-academ fixes buffer overflow We have received reports that the wu-ftpd-academ package as distributed in Debian GNU/Linux 2.0 is vulnerable to a buffer overflow. Using this vulnerability, known as palmetto, it is possible to gain shell access or otherwise...