732 matches found
CVE-2017-14480
MMM Agent exposure: A set of remote command injection flaws in MMM::Agent::Helpers::Network (clear_ip/add_ip, check_ip) in mmm_agentd 2.2.1 (FreeBSD; Linux/Solaris variants in related code paths) allows unauthenticated TCP clients to execute arbitrary commands with mmm_agentd privileges. Root cau...
CVE-2017-14475
MMM Agent (mmm_agentd) 2.2.1 for Linux is affected by multiple shell command injection flaws in the MMM::Agent::Helpers::Network::add_ip and related code paths. A specially crafted MMM protocol message can inject commands via untrusted role IP input passed through configure_ip/add_ip/clear_ip and...
CVE-2017-14474
Summary: CVE-2017-14474 and related MMM vulnerabilities affect MMM mmm_agentd 2.2.1, where _execute() constructs a shell command without sanitizing the $params, enabling an unauthenticated attacker who can open a TCP session to execute arbitrary commands with the privileges of mmm_agentd. Related...
CVE-2017-14479
In the MMM::Agent::Helpers::Network::clearip function in MySQL Multi-Master Replication Manager MMM mmmagentd 2.2.1 for Solaris, a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\agentd process. An...
CVE-2017-14481
The CVE-2017-14481 entry concerns a shell command injection in MMM (MySQL MMM) mmm_agentd 2.2.1 (Solaris). The vulnerability resides in MMM::Agent::Helpers::Network::send_arp (and related functions in MMM) where un-sanitized input from MMM protocol messages can be interpolated into shell commands...
CVE-2017-14476
In the MMM::Agent::Helpers::Network::addip function in MySQL Multi-Master Replication Manager MMM mmmagentd 2.2.1 for Solaris, a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\agentd process. An...
PT-2018-5670 · Mysql Server · Mysql Multi-Master Replication Manager
Name of the Vulnerable Software and Affected Versions: MySQL Multi-Master Replication Manager MMM mmm agentd version 2.2.1 Description: A specially crafted MMM protocol message can cause a shell command injection in the add ip function, resulting in arbitrary command execution with the privileges...
PT-2018-5673 · Mysql Server · Mysql Multi-Master Replication Manager
Name of the Vulnerable Software and Affected Versions: MySQL Multi-Master Replication Manager MMM mmm agentd version 2.2.1 Description: A specially crafted MMM protocol message can cause a shell command injection in the clear ip function, resulting in arbitrary command execution with the privileg...
PT-2018-5675 · Mysql Server · Mysql Multi-Master Replication Manager
Name of the Vulnerable Software and Affected Versions: MySQL Multi-Master Replication Manager MMM mmm agentd version 2.2.1 Description: A specially crafted MMM protocol message can cause a shell command injection in the clear ip function, resulting in arbitrary command execution with the privileg...
PT-2018-5676 · Mysql Server · Mysql Multi-Master Replication Manager
Name of the Vulnerable Software and Affected Versions: MySQL Multi-Master Replication Manager MMM mmm agentd version 2.2.1 Description: A specially crafted MMM protocol message can cause a shell command injection in the MMM::Agent::Helpers::Network::send arp function, resulting in arbitrary comma...
Exim base64d Remote Code Execution
!/usr/bin/python import time import socket import struct s = None f = None def logo: print print " CVE-2018-6789 Poc Exploit" print "@straightblast ; [email protected]" print def connecthost, port: global s global f s = socket.createconnectionhost,port f = s.makefile'rw', bufsize=0 def p...
CVE-2017-9274
A shell command injection in the obs-service-sourcevalidator before 0.7 could be used to execute code as the packager when checking RPM SPEC files with specific macro constructs...
CVE-2017-9274
A shell command injection in the obs-service-sourcevalidator before 0.7 could be used to execute code as the packager when checking RPM SPEC files with specific macro constructs...
CVE-2017-9274
A shell command injection in the obs-service-sourcevalidator before 0.7 could be used to execute code as the packager when checking RPM SPEC files with specific macro constructs...
UBUNTU-CVE-2017-9274
A shell command injection in the obs-service-sourcevalidator before 0.7 could be used to execute code as the packager when checking RPM SPEC files with specific macro constructs...
CVE-2017-9274 osc executes spec code during "osc commit"
A shell command injection in the obs-service-sourcevalidator before 0.7 could be used to execute code as the packager when checking RPM SPEC files with specific macro constructs...
CVE-2017-9274
A shell command injection in the obs-service-sourcevalidator before 0.7 could be used to execute code as the packager when checking RPM SPEC files with specific macro constructs...
CVE-2017-9274
CVE-2017-9274 describes a shell command injection in the OpenBuild/OpenSUSE component obs-service-source_validator (before version 0.7 ). The underlying issue allows an attacker to execute arbitrary code as the packager when validating RPM SPEC files that use specific macro constructs. Multiple c...
CVE-2017-1000215
ROOT xrootd version 4.6.0 and below is vulnerable to an unauthenticated shell command injection resulting in remote code execution...
CVE-2017-1000215
ROOT xrootd version 4.6.0 and below is vulnerable to an unauthenticated shell command injection resulting in remote code execution...