Lucene search
K

4527 matches found

Tenable Nessus
Tenable Nessus
added 2011/04/20 12:0 a.m.28 views

SuSE 10 Security Update : dhcp6 (ZYPP Patch Number 7464)

A rogue DHCP server could instruct clients to use a host name that contains shell meta characters. Since many scripts in the system do not expect unusal characters in the system's host name the DHCP client needs to sanitize the host name offered by the server. CVE-2011-0997 %NASLMINLEVEL 70300 C...

7.5CVSS6.4AI score0.84292EPSS
Exploits6References2
Tenable Nessus
Tenable Nessus
added 2011/04/20 12:0 a.m.27 views

SuSE 11.1 Security Update : dhcpcd (SAT Patch Number 4389)

A rogue DHCP server could instruct clients to use a host name that contains shell meta characters. Since many scripts in the system do not expect unusal characters in the system's host name the DHCP client needs to sanitize the host name offered by the server. CVE-2011-0996 Note this update is...

6.8CVSS5.5AI score0.03748EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2011/04/13 12:0 a.m.24 views

SuSE 10 Security Update : dhcp (ZYPP Patch Number 7456)

A rogue DHCP server could instruct clients to use a host name that contains shell meta characters. Since many scripts in the system do not expect unusal characters in the system's host name the DHCP client needs to sanitize the host name offered by the server. CVE-2011-0997 %NASLMINLEVEL 70300 C...

7.5CVSS6.4AI score0.84292EPSS
Exploits6References2
securityvulns
securityvulns
added 2011/04/12 12:0 a.m.69 views

[SECURITY] [DSA 2216-1] isc-dhcp security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2216-1 [email protected] http://www.debian.org/security/ Nico Golde April 10, 2011 http://www.debian.org/security/faq -...

7.5CVSS1.9AI score0.84292EPSS
Exploits6
OSV
OSV
added 2011/04/11 6:55 p.m.1 views

DEBIAN-CVE-2011-1401

ikiwiki before 3.20110328 does not ascertain whether the htmlscrubber plugin is enabled during processing of the "meta stylesheet" directive, which allows remote authenticated users to conduct cross-site scripting XSS attacks via crafted Cascading Style Sheets CSS token sequences in 1 the default...

3.5CVSS8.2AI score0.0106EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2011/04/11 12:0 a.m.31 views

SuSE 10 Security Update : dhcpcd (ZYPP Patch Number 7452)

A rogue DHCP server could instruct clients to use a host name that contains shell meta characters. Since many scripts in the system do not expect unusal characters in the system's host name the DHCP client needs to sanitize the host name offered by the server. CVE-2011-0996 Note: this is a...

6.8CVSS5.4AI score0.03748EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2011/04/11 12:0 a.m.79 views

FreeBSD : isc-dhcp-client -- dhclient does not strip or escape shell meta-characters (7e69f00d-632a-11e0-9f3a-001d092480a4)

ISC reports : ISC dhclient did not strip or escape certain shell meta-characters in responses from the dhcp server like hostname before passing the responses on to dhclient-script. Depending on the script and OS, this can result in execution of exploit code on the client. %NASLMINLEVEL 70300 C...

7.5CVSS6.7AI score0.84292EPSS
Exploits6References2
Tenable Nessus
Tenable Nessus
added 2011/04/11 12:0 a.m.26 views

SuSE9 Security Update : dhcp (YOU Patch Number 12698)

A rogue DHCP server could instruct clients to use a host name that contains shell meta characters. Since many scripts in the system do not expect unusal characters in the system's host name the DHCP client needs to sanitize the host name offered by the server. CVE-2011-0996 %NASLMINLEVEL 70300 C...

7.5CVSS6.4AI score0.84292EPSS
Exploits6References4
Tenable Nessus
Tenable Nessus
added 2011/04/11 12:0 a.m.20 views

SuSE9 Security Update : dhcpcd (YOU Patch Number 12699)

A rogue DHCP server could instruct clients to use a host name that contains shell meta characters. Since many scripts in the system do not expect unusal characters in the system's host name the DHCP client needs to sanitize the host name offered by the server. CVE-2011-0996 Note: this is a...

7.5CVSS6.4AI score0.84292EPSS
Exploits6References4
Tenable Nessus
Tenable Nessus
added 2011/04/11 12:0 a.m.31 views

SuSE 11.1 Security Update : dhcp (SAT Patch Number 4315)

A rogue DHCP server could instruct clients to use a host name that contains shell meta characters. Since many scripts in the system do not expect unusal characters in the system's host name the DHCP client needs to sanitize the host name offered by the server. CVE-2011-0997 %NASLMINLEVEL 70300 C...

7.5CVSS6.4AI score0.84292EPSS
Exploits6References7
UbuntuCve
UbuntuCve
added 2011/04/08 3:17 p.m.32 views

CVE-2011-1183

Apache Tomcat 7.0.11, when web.xml has no login configuration, does not follow security constraints, which allows remote attackers to bypass intended access restrictions via HTTP requests to a meta-data complete web application. NOTE: this vulnerability exists because of an incorrect fix for...

5.8CVSS5.9AI score0.06156EPSS
Exploits0References1
Prion
Prion
added 2011/04/08 3:17 p.m.26 views

Design/Logic Flaw

Apache Tomcat 7.0.11, when web.xml has no login configuration, does not follow security constraints, which allows remote attackers to bypass intended access restrictions via HTTP requests to a meta-data complete web application. NOTE: this vulnerability exists because of an incorrect fix for...

5.8CVSS6.8AI score0.0654EPSS
Exploits1References8Affected Software1
Tenable Nessus
Tenable Nessus
added 2011/04/07 12:0 a.m.24 views

SuSE9 Security Update : dhcpcd (YOU Patch Number 12696)

A rogue DHCP server could instruct clients to use a host name that contains shell meta characters. Since many scripts in the system do not expect unusal characters in the system's host name the DHCP client needs to sanitize the host name offered by the server. CVE-2011-0996 %NASLMINLEVEL 70300 C...

7.5CVSS6.4AI score0.84292EPSS
Exploits6References4
FreeBSD
FreeBSD
added 2011/04/05 12:0 a.m.38 views

isc-dhcp-client -- dhclient does not strip or escape shell meta-characters

ISC reports: ISC dhclient did not strip or escape certain shell meta-characters in responses from the dhcp server like hostname before passing the responses on to dhclient-script. Depending on the script and OS, this can result in execution of exploit code on the client...

7.5CVSS1.2AI score0.84292EPSS
Exploits6
Tenable Nessus
Tenable Nessus
added 2011/03/31 12:0 a.m.17 views

SuSE 11.1 Security Update : logwatch (SAT Patch Number 4236)

Shell meta characters in log file names could lead to execution of arbitrary code. CVE-2011-1018 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update information. The text itself is copyright C Novell, Inc...

10CVSS5.4AI score0.18321EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2011/03/14 7:55 p.m.30 views

CVE-2011-0700

Multiple cross-site scripting XSS vulnerabilities in WordPress before 3.0.5 allow remote authenticated users to inject arbitrary web script or HTML via vectors related to 1 the Quick/Bulk Edit title aka post title or posttitle, 2 poststatus, 3 commentstatus, 4 pingstatus, and 5 escaping of tags...

3.5CVSS5.9AI score0.02669EPSS
Exploits0References1
Cvelist
Cvelist
added 2011/03/14 7:0 p.m.27 views

CVE-2011-0700

Multiple cross-site scripting XSS vulnerabilities in WordPress before 3.0.5 allow remote authenticated users to inject arbitrary web script or HTML via vectors related to 1 the Quick/Bulk Edit title aka post title or posttitle, 2 poststatus, 3 commentstatus, 4 pingstatus, and 5 escaping of tags...

5.2AI score0.02669EPSS
Exploits0References16
OpenVAS
OpenVAS
added 2011/03/09 12:0 a.m.28 views

Debian Security Advisory DSA 2182-1 (logwatch)

The remote host is missing an update to logwatch announced via advisory DSA 2182-1. OpenVAS Vulnerability Test $Id: deb21821.nasl 6613 2017-07-07 12:08:40Z cfischer $ Description: Auto-generated from advisory DSA 2182-1 logwatch Authors: Thomas Reinke Copyright: Copyright c 2011 E-Soft Inc...

4.3CVSS6.1AI score0.06309EPSS
Exploits0
OpenVAS
OpenVAS
added 2011/03/09 12:0 a.m.15 views

Debian: Security Advisory (DSA-2182-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS6.4AI score0.18321EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2011/03/07 12:0 a.m.22 views

Debian DSA-2182-1 : logwatch - shell command injection

Dominik George discovered that Logwatch does not guard against shell meta-characters in crafted log file names such as those produced by Samba. As a result, an attacker might be able to execute shell commands on the system running Logwatch. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

10CVSS5.5AI score0.18321EPSS
Exploits0References4
Rows per page
Query Builder