AWStats 6.5 - migrate Remote Shell Command Injection

AWStats 6.5 - migrate Remote Shell Command Injection !/usr/bin/env python http://secunia.com/advisories/19969/ by [email protected] May 5, 2006 - HAPPY CINCO DE MAYO HAPPY BIRTHDAY DAD private plz redsand@jinxy / $ nc -l -p 31337 -v listening on any 31337 ... connect to 65.99.197.147 from...

TWiki Search.pm shell command injection

Added: 04/06/2006 CVE: CVE-2004-1037 BID: 11674 OSVDB: 11714 Background TWiki is a web-based collaboration platform written in PERL. Problem The Search.pm module does not sufficiently check search strings for illegal characters, allowing remote attackers to execute commands using search strings...

TWiki Search.pm shell command injection

Added: 04/06/2006 CVE: CVE-2004-1037 BID: 11674 OSVDB: 11714 Background TWiki is a web-based collaboration platform written in PERL. Problem The Search.pm module does not sufficiently check search strings for illegal characters, allowing remote attackers to execute commands using search strings...

TWiki revision control shell command injection

Added: 04/06/2006 CVE: CVE-2005-2877 BID: 14834 OSVDB: 19403 Background TWiki is a web-based collaboration platform written in PERL. Problem The revision control function in TWiki does not sufficiently check the rev parameter before using it in a shell command call. This allows remote attackers t...

TWiki revision control shell command injection

Added: 04/06/2006 CVE: CVE-2005-2877 BID: 14834 OSVDB: 19403 Background TWiki is a web-based collaboration platform written in PERL. Problem The revision control function in TWiki does not sufficiently check the rev parameter before using it in a shell command call. This allows remote attackers t...

[SA19453] v-creator VCEngine.php Shell Command Injection Vulnerability

TITLE: v-creator VCEngine.php Shell Command Injection Vulnerability SECUNIA ADVISORY ID: SA19453 VERIFY ADVISORY: http://secunia.com/advisories/19453/ CRITICAL: Highly critical IMPACT: System access WHERE: From remote SOFTWARE: v-creator 1.x http://secunia.com/product/9080/ DESCRIPTION: A...

ImageMagick security update

CentOS Errata and Security Advisory CESA-2006:178-2 Updated ImageMagick packages that fix two security issues are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. ImageMagickTM is an image display and manipulation tool for the X...

ImageMagick security update

CentOS Errata and Security Advisory CESA-2006:0178 Updated ImageMagick packages that fix two security issues are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. ImageMagickTM is an image display and manipulation tool for the X...

[SECURITY] [DSA 957-2] New ImageMagick packages fix arbitrary command execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 957-2 [email protected] http://www.debian.org/security/ Martin Schulze January 31st, 2006 http://www.debian.org/security/faq -...

DSA-957-2 imagemagick - missing shell meta sanitising

Bulletin has no description...

[SA18579] OpenSSH scp Command Line Shell Command Injection

TITLE: OpenSSH scp Command Line Shell Command Injection SECUNIA ADVISORY ID: SA18579 VERIFY ADVISORY: http://secunia.com/advisories/18579/ CRITICAL: Not critical IMPACT: Privilege escalation WHERE: Local system SOFTWARE: OpenSSH 4.x http://secunia.com/product/5653/ OpenSSH 3.x...

GLSA-200512-10 : Opera: Command-line URL shell command injection

The remote host is affected by the vulnerability described in GLSA-200512-10 Opera: Command-line URL shell command injection Peter Zelezny discovered that the shell script used to launch Opera parses shell commands that are enclosed within backticks in the URL provided via the command line. Impac...

[SA16820] TWiki "rev" Shell Command Injection Vulnerability

---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...

libgadu -- multiple vulnerabilities

Wojtek Kaniewski reports: Multiple vulnerabilities have been found in libgadu, a library for handling Gadu-Gadu instant messaging protocol. It is a part of ekg, a Gadu-Gadu client, but is widely used in other clients. Also some of the user contributed scripts were found to behave in an insecure...

Debian DSA-760-1 : ekg - several vulnerabilities

Several vulnerabilities have been discovered in ekg, a console Gadu Gadu client, an instant messaging program. The Common Vulnerabilities and Exposures project identifies the following vulnerabilities : - CAN-2005-1850 Marcin Owsiany and Wojtek Kaniewski discovered insecure temporary file creatio...

[SECURITY] [DSA 760-1] New ekg packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 760-1 [email protected] http://www.debian.org/security/ Martin Schulze July 18th, 2005 http://www.debian.org/security/faq -...

[SA15985] USANet Creations Products Shell Command Injection Vulnerability

---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...

[SA15981] pngcntrp "kaiseki.cgi" Shell Command Injection Vulnerability

---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...

[SA15754] NanoBlogger Plugins Shell Command Injection Vulnerability

---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...

[SA15054] WebAPP E-Cart Module Shell Command Injection Vulnerability

---------------------------------------------------------------------- Want a new IT Security job? Vacant positions at Secunia: http://secunia.com/secuniavacancies/ ---------------------------------------------------------------------- TITLE: WebAPP E-Cart Module Shell Command Injection...