725 matches found
Bash Environment Variable Handling Shell Command Injection Via CUPS
Added: 11/05/2014 CVE: CVE-2014-6271 BID: 70103 OSVDB: 112004 Background GNU Bash Bourne Again SHell is a command shell commonly used on Linux and Unix systems. CUPS is printing software for UNIX-like systems that allows a computer to act as a print server. Problem The Bash shell executes command...
Bash Environment Variable Handling Shell Command Injection Via CUPS
Added: 11/05/2014 CVE: CVE-2014-6271 BID: 70103 OSVDB: 112004 Background GNU Bash Bourne Again SHell is a command shell commonly used on Linux and Unix systems. CUPS is printing software for UNIX-like systems that allows a computer to act as a print server. Problem The Bash shell executes command...
Fedora 19 : mediawiki-1.21.11-1.fc19 (2014-7805)
bug 65839 SECURITY: Prevent external resources in SVG files. - bug 66428 MimeMagic: Don't seek before BOF. This has weird side effects like only extracting the tail of the file partially or not at all. Note that Tenable Network Security has extracted the preceding description block directly from...
AWStats <= 6.5 (migrate) Remote Shell Command Injection Exploit
No description provided by source. !/usr/bin/env python http://secunia.com/advisories/19969/ by [email protected] May 5, 2006 - HAPPY CINCO DE MAYO HAPPY BIRTHDAY DAD private plz redsand@jinxy / $ nc -l -p 31337 -v listening on any 31337 ... connect to 65.99.197.147 from blacksecurity.org...
GLSA-201401-26 : Zabbix: Shell command injection
The remote host is affected by the vulnerability described in GLSA-201401-26 Zabbix: Shell command injection If a flexible user parameter is configured in Zabbix agent, including a newline in the parameters will execute newline section as a separate command even if UnsafeUserParameters are...
Zabbix: Shell command injection
Background Zabbix is software for monitoring applications, networks, and servers. Description If a flexible user parameter is configured in Zabbix agent, including a newline in the parameters will execute newline section as a separate command even if UnsafeUserParameters are disabled. Impact A...
Geany <=1.22 Local Code injection Vulnerability
Geany version Compile Or the shortcut F8, injected code ready. Examples: xpl.c";ls -la" xpl.c";cat /etc/passwd" 0day.today 2018-04-10...
[SECURITY] [DSA 2530-1] rssh security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2530-1 [email protected] http://www.debian.org/security/ Florian Weimer August 15, 2012 http://www.debian.org/security/faq -...
Debian DSA-2530-1 : rssh - shell command injection
Henrik Erkkonen discovered that rssh, a restricted shell for SSH, does not properly restrict shell access. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-2530. The text itself is copyrigh...
[SECURITY] [DSA 2530-1] rssh security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2530-1 [email protected] http://www.debian.org/security/ Florian Weimer August 15, 2012 http://www.debian.org/security/faq -...
[SECURITY] [DSA 2503-1] bcfg2 security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2503-1 [email protected] http://www.debian.org/security/ Florian Weimer June 28, 2012 http://www.debian.org/security/faq -...
Debian DSA-2503-1 : bcfg2 - shell command injection
It was discovered that malicious clients can trick the server component of the Bcfg2 configuration management system to execute commands with root privileges. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian...
ZDI-12-090 : Symantec Web Gateway Shell Command Injection Remote Code Execution Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-090 : Symantec Web Gateway Shell Command Injection Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-090 June 8, 2012 - -- CVE ID: CVE-2012-0297 - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - -- Affected...
RedHat Update for logrotate RHSA-2011:0407-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
RedHat Update for logrotate RHSA-2011:0407-01
Check for the Version of logrotate OpenVAS Vulnerability Test RedHat Update for logrotate RHSA-2011:0407-01 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...
Debian Security Advisory DSA 2423-1 (movabletype-opensource)
The remote host is missing an update to movabletype-opensource announced via advisory DSA 2423-1. OpenVAS Vulnerability Test $Id: deb24231.nasl 8970 2018-02-27 15:16:18Z cfischer $ Description: Auto-generated from advisory DSA 2423-1 movabletype-opensource Authors: Thomas Reinke Copyright:...
Debian DSA-2423-1 : movabletype-opensource - several vulnerabilities
Several vulnerabilities were discovered in Movable Type, a blogging system : Under certain circumstances, a user who has 'Create Entries' or'Manage Blog' permissions may be able to read known files on the local file system. The file management system contains shell command injection...
DSA-2423-1 movabletype-opensource - several
Bulletin has no description...
Debian DSA-2380-1 : foomatic-filters - shell command injection
It was discovered that the foomatic-filters, a support package for setting up printers, allowed authenticated users to submit crafted print jobs which would execute shell commands on the print servers. CVE-2011-2697 was assigned to the vulnerability in the Perl implementation included in lenny, a...
[SECURITY] [DSA 2380-1] foomatic-filters security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2380-1 [email protected] http://www.debian.org/security/ Florian Weimer January 04, 2012 http://www.debian.org/security/faq -...