CVE-2007-2700

The WLST script generated by the configToScript command in BEA WebLogic Express and WebLogic Server 9.0 and 9.1 does not encrypt certain attributes in configuration files when creating a new domain, which allows remote authenticated users to obtain sensitive information...

Format string

Format string vulnerability in the SCP module in Ipswitch WSFTP 2007 Professional might allow remote attackers to execute arbitrary commands via format string specifiers in the filename, related to the SHELL WSFTP script command...

FreeBSD : konversation -- shell script command injection (5c7bb4dd-6a56-11d9-97ec-000c6e8f12ef)

Konversation comes with Perl scripts that do not properly escape shell characters on executing a script. This makes it possible to attack Konversation with shell script command injection. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin...

B2 0.6 - 'b2edit.showposts.php?b2inc' Remote File Inclusion

source: https://www.securityfocus.com/bid/4673/info B2 is a news/weblog tool written in php. b2 allows webmasters to quickly post news on the frontpage, and let viewers interact with each other. It is available primarily for Unix and Linux. A variable that is referenced in the PHP scripts does no...

PT-2001-1015 · Util Linux +1 · Util-Linux +1

Name of the Vulnerable Software and Affected Versions: util-linux versions prior to 2.11n Red Hat Enterprise Linux affected versions not specified Description: The issue allows local users to overwrite arbitrary files by setting a hardlink from the typescript log file to any file on the system,...

script.command.txt

------------------------------------------------------------- Title: Silly hardlink vulnerability in UNIX 'script' command Linux version maintainer: Andries Brouwer [email protected] Bug found by: Marco van Berkum [email protected] Date: 17-12-2001 Priority: low...