1764 matches found
[SECURITY] [DSA 1465-2] New apt-listchanges packages fix arbitrary code execution
------------------------------------------------------------------------ Debian Security Advisory DSA-1465-2 [email protected] http://www.debian.org/security/ Steve Kemp January 17, 2008 http://www.debian.org/security/faq -...
Debian Security Advisory DSA 1226-1 (links)
The remote host is missing an update to links announced via advisory DSA 1226-1. Teemu Salmela discovered that the links character mode web browser performs insufficient sanitising of smb:// URIs, which might lead to the execution of arbitrary shell commands. OpenVAS Vulnerability Test $Id:...
Debian Security Advisory DSA 1250-1 (cacti)
The remote host is missing an update to cacti announced via advisory DSA 1250-1. It was discovered that cacti, a frontend to rrdtool, performs insufficient validation of data passed to the cmd script, which allows SQL injection and the execution of arbitrary shell commands. OpenVAS Vulnerability...
Debian Security Advisory DSA 1270-2 (openoffice.org)
The remote host is missing an update to openoffice.org announced via advisory DSA 1270-2. Several security related problems have been discovered in OpenOffice.org, the free office suite. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2007-0002 iDefense...
Debian: Security Advisory (DSA-1021-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian Security Advisory DSA 1006-1 (wzdftpd)
The remote host is missing an update to wzdftpd announced via advisory DSA 1006-1. kcope discovered that the wzdftpd FTP server lacks input sanitising for the SITE command, which may lead to the execution of arbitrary shell commands. The old stable distribution woody does not contain wzdftpd...
Debian: Security Advisory (DSA-1250-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DSA-1228-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian Security Advisory DSA 1204-1 (ingo1)
The remote host is missing an update to ingo1 announced via advisory DSA 1204-1. It was discovered that the Ingo email filter rules manager performs insufficient escaping of user-provided data in created procmail rules files, which allows the execution of arbitrary shell commands. OpenVAS...
Debian: Security Advisory (DSA-1315-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DSA-1220-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian Security Advisory DSA 1270-1 (openoffice.org)
The remote host is missing an update to openoffice.org announced via advisory DSA 1270-1. Several security related problems have been discovered in OpenOffice.org, the free office suite. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2007-0002 iDefense...
Debian Security Advisory DSA 1228-1 (elinks)
The remote host is missing an update to elinks announced via advisory DSA 1228-1. Teemu Salmela discovered that the elinks character mode web browser performs insufficient sanitising of smb:// URIs, which might lead to the execution of arbitrary shell commands. OpenVAS Vulnerability Test $Id:...
Debian Security Advisory DSA 762-1 (affix)
The remote host is missing an update to affix announced via advisory DSA 762-1. Kevin Finisterre discovered two problems in the Bluetooth FTP client from affix, user space utilities for the Affix Bluetooth protocol stack. The Common Vulnerabilities and Exposures project identifies the following...
Debian: Security Advisory (DSA-1297-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DSA-1204-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DSA-762-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DSA-1226-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
GLSA-200801-01 : unp: Arbitrary command execution
The remote host is affected by the vulnerability described in GLSA-200801-01 unp: Arbitrary command execution Erich Schubert from Debian discovered that unp does not escape file names properly before passing them to calls of the shell. Impact : A remote attacker could entice a user or automated...
CVE-2008-0148
TUTOS 1.3 does not restrict access to php/admin/cmd.php, which allows remote attackers to execute arbitrary shell commands via the cmd parameter in a direct request...