Supervisor XML-RPC Authenticated Remote Code Execution Exploit

This Metasploit module exploits a vulnerability in the Supervisor process control software, where an authenticated client can send a malicious XML-RPC request to supervisord that will run arbitrary shell commands on the server. The commands will be run as the same user as supervisord. Depending o...

SquirrelMail: Remote Code Execution

Background SquirrelMail is a webmail package written in PHP. It supports IMAP and SMTP and can optionally be installed with SQL support. Description It was discovered that the sendmail.cf file is mishandled in a popen call. Impact A remote attacker, by enticing a user to open an e-mail attachment...

CVE-2017-14482

GNU Emacs before 25.3 allows remote attackers to execute arbitrary code via email with crafted "Content-Type: text/enriched" data containing an x-display XML element that specifies execution of shell commands, related to an unsafe text/enriched extension in lisp/textmodes/enriched.el, and unsafe...

CVE-2017-14482

GNU Emacs before 25.3 allows remote attackers to execute arbitrary code via email with crafted "Content-Type: text/enriched" data containing an x-display XML element that specifies execution of shell commands, related to an unsafe text/enriched extension in lisp/textmodes/enriched.el, and unsafe...

CVE-2017-14482

Removed by vendor...

[SECURITY] [DSA 3964-1] asterisk security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3964-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff September 04, 2017 https://www.debian.org/security/faq -...

Important: git

Issue Overview: Command injection via malicious ssh URLs: A shell command injection flaw related to the handling of "ssh" URLs has been discovered in Git. An attacker could use this flaw to execute shell commands with the privileges of the user running the Git client, for example, when performing...

Remote Command Execution (RCE)

Codiad is vulnerable to remote code execution RCE attacks. A malicious user can embed shell commands in parameter values sent to components/filemanager/class.filemanager.php and execute them...

git: Command injection via malicious ssh URLs

A shell command injection flaw related to the handling of "ssh" URLs has been discovered in Git. An attacker could use this flaw to execute shell commands with the privileges of the user running the Git client, for example, when performing a "clone" action on a malicious repository or a legitimat...

FreeBSD : Supervisord -- An authenticated client can run arbitrary shell commands via malicious XML-RPC requests (c9460380-81e3-11e7-93af-005056925db4)

mnaberez reports : supervisord can be configured to run an HTTP server on a TCP socket and/or a Unix domain socket. The HTTP server is how supervisorctl communicates with supervisord. If an HTTP server has been enabled, it will always serve both HTML pages and an XML-RPC interface. A vulnerabilit...

MGASA-2017-0263 Updated supervisor packages fix security vulnerability

A vulnerability has been found where an authenticated client can send a malicious XML-RPC request to supervisord that will run arbitrary shell commands on the server. The commands will be run as the same user as supervisord. Depending on how supervisord has been configured, this may be root...

Updated supervisor packages fix security vulnerability

A vulnerability has been found where an authenticated client can send a malicious XML-RPC request to supervisord that will run arbitrary shell commands on the server. The commands will be run as the same user as supervisord. Depending on how supervisord has been configured, this may be root...

mysql: Incorrect input validation allowing code execution via mysqldump

It was discovered that the mysql and mysqldump tools did not correctly handle database and table names containing newline characters. A database user with privileges to create databases or tables could cause the mysql command to execute arbitrary shell or SQL commands while restoring database...

mysql: Incorrect input validation allowing code execution via mysqldump

It was discovered that the mysql and mysqldump tools did not correctly handle database and table names containing newline characters. A database user with privileges to create databases or tables could cause the mysql command to execute arbitrary shell or SQL commands while restoring database...

CVE-2017-11610

A vulnerability was found in the XML-RPC interface in supervisord. When processing malformed commands, an attacker can cause arbitrary shell commands to be executed on the server as the same user as supervisord. Exploitation requires the attacker to first be authenticated to the supervisord servi...

macOS Fruitfly Backdoor Analysis Renders New Spying Capabilities

LAS VEGAS—The FruitFly backdoor became a known entity in January, but it’s a good bet that for years it had been in the wild, undetected by analysts and security software. The macOS and OS X malware has a number of insidious spying capabilities that would make anyone uneasy, and a variant recentl...

CVE-2017-6316

Citrix NetScaler SD-WAN devices through v9.1.2.26.561201 allow remote attackers to execute arbitrary shell commands as root via a CGISESSID cookie. On CloudBridge the former name of NetScaler SD-WAN devices, the cookie name was CAKEPHP rather than CGISESSID...

Design/Logic Flaw

Citrix NetScaler SD-WAN devices through v9.1.2.26.561201 allow remote attackers to execute arbitrary shell commands as root via a CGISESSID cookie. On CloudBridge the former name of NetScaler SD-WAN devices, the cookie name was CAKEPHP rather than CGISESSID...

CVE-2017-6320

A remote command injection vulnerability exists in the Barracuda Load Balancer product line confirmed on v5.4.0.004 2015-11-26 and v6.0.1.006 2016-08-19; fixed in 6.1.0.003 2017-01-17 in which an authenticated user can execute arbitrary shell commands and gain root privileges. The vulnerability...

Command injection

A remote command injection vulnerability exists in the Barracuda Load Balancer product line confirmed on v5.4.0.004 2015-11-26 and v6.0.1.006 2016-08-19; fixed in 6.1.0.003 2017-01-17 in which an authenticated user can execute arbitrary shell commands and gain root privileges. The vulnerability...