Gentoo Security Advisory GLSA 200809-12 (newsbeuter)

The remote host is missing updates announced in advisory GLSA 200809-12. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Gentoo Security Advisory GLSA 200809-12 (newsbeuter)

The remote host is missing updates announced in advisory GLSA 200809-12. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Newsbeuter: User-assisted execution of arbitrary code

Background Newsbeuter is a RSS/Atom feed reader for the text console. Description J.H.M. Dassen reported that the open-in-browser command does not properly escape shell metacharacters in the URL before passing it to system. Impact A remote attacker could entice a user to open a feed with speciall...

DEBIAN-CVE-2008-4101

Vim 3.0 through 7.x before 7.2.010 does not properly escape characters, which allows user-assisted attackers to 1 execute arbitrary shell commands by entering a K keystroke on a line that contains a ";" semicolon followed by a command, or execute arbitrary Ex commands by entering an argument afte...

CVE-2008-4101

Vim 3.0 through 7.x before 7.2.010 does not properly escape characters, which allows user-assisted attackers to 1 execute arbitrary shell commands by entering a K keystroke on a line that contains a ";" semicolon followed by a command, or execute arbitrary Ex commands by entering an argument afte...

Code injection

Vim 3.0 through 7.x before 7.2.010 does not properly escape characters, which allows user-assisted attackers to 1 execute arbitrary shell commands by entering a K keystroke on a line that contains a ";" semicolon followed by a command, or execute arbitrary Ex commands by entering an argument afte...

FreeBSD Ports: gaim, ja-gaim, ko-gaim, ru-gaim

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

vim-sanitize.txt

Vim: Arbitrary Code Execution in Commands: K, Control-, g 1. SUMMARY Product : Vim -- Vi IMproved Versions : 3.0--current, possibly older Impact : Arbitrary code execution Wherefrom: Local Original : http://www.rdancer.org/vulnerablevim-K.html Insufficient sanitization can lead to Vim executing...

Prozilla Forum Service (forum.php forum) SQL Injection Vulnerability

Exploit for unknown platform in category web applications ==================================================================== Prozilla Forum Service forum.php forum SQL Injection Vulnerability ====================================================================...

CenterIM <= 4.22.3 Remote Command Execution Vulnerability

No description provided by source. Application: CenterIM http://www.centerim.org/index.php/MainPage Versions: centerim = 4.22.3 OS: Linux Bug: Execution of shell commands Exploit: remote Date: 15 March 2008 Author: Brian Fonfara w00 eMail: [email protected] Web: newb.kicks-ass.net 1 Bug 2...

CenterIM 4.22.3 - Remote Command Execution

CenterIM 4.22.3 - Remote Command Execution Application: CenterIM http://www.centerim.org/index.php/MainPage Versions: centerim = 4.22.3 OS: Linux Bug: Execution of shell commands Exploit: remote Date: 15 March 2008 Author: Brian Fonfara w00 eMail: [email protected] Web: newb.kicks-ass.net 1 Bu...

GLSA-200803-06 : SWORD: Shell command injection

The remote host is affected by the vulnerability described in GLSA-200803-06 SWORD: Shell command injection Dan Dennison reported that the diatheke.pl script used in SWORD does not properly sanitize shell meta-characters in the 'range' parameter before processing it. Impact : A remote attacker...

Debian Security Advisory DSA 1508-1 (diatheke)

The remote host is missing an update to diatheke announced via advisory DSA 1508-1. OpenVAS Vulnerability Test $Id: deb15081.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1508-1 diatheke Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

Debian: Security Advisory (DSA-1508-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DSA-1508-1 : diatheke - insufficient input sanitising

Dan Dennison discovered that Diatheke, a CGI program to make a bible website, performs insufficient sanitising of a parameter, allowing a remote attacker to execute arbitrary shell commands as the web server user. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and packa...

[SECURITY] [DSA 1508-1] New diatheke packages fix arbirary shell command execution

------------------------------------------------------------------------ Debian Security Advisory DSA-1508-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst February 25, 2008 http://www.debian.org/security/faq -...

Debian: Security Advisory (DSA-1477-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian Security Advisory DSA 1465-1 (apt-listchanges)

The remote host is missing an update to apt-listchanges announced via advisory DSA 1465-1. OpenVAS Vulnerability Test $Id: deb14651.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1465-1 apt-listchanges Authors: Thomas Reinke Copyright: Copyright c 2008...

Coppermine Photo Gallery 1.4.14 Remote Command Execution Exploit

No description provided by source. waraxe-2008-SA065 - Remote Shell Command Execution in Coppermine 1.4.14 =============================================================================== Author: Janek Vind "waraxe" Date: 30. January 2008 Location: Estonia, Tartu Web:...

DSA-1477-1 yarssr - missing input sanitising

Bulletin has no description...