CVE-2016-3115

Multiple CRLF injection vulnerabilities in session.c in sshd in OpenSSH before 7.2p2 allow remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data, related to the 1 doauthenticated1 and 2 sessionx11req functions...

CVE-2016-3115

Multiple CRLF injection vulnerabilities in session.c in sshd in OpenSSH before 7.2p2 allow remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data, related to the 1 doauthenticated1 and 2 sessionx11req functions...

Debian Security Advisory DSA 3495-1 (xymon - security update)

Markus Krell discovered that xymon, a network- and applications-monitoring system, was vulnerable to the following security issues: CVE-2016-2054The incorrect handling of user-supplied input in the config command can trigger a stack-based buffer overflow, resulting in denial of service via...

GLSA-201603-02 : OSC: Shell command injection

The remote host is affected by the vulnerability described in GLSA-201603-02 OSC: Shell command injection A vulnerability has been discovered that may allow remote attackers to execute arbitrary commands via shell metacharacters in a service file. Impact : A remote attacker could possibly execute...

Debian DSA-3495-1 : xymon - security update

Markus Krell discovered that xymon, a network- and applications-monitoring system, was vulnerable to the following security issues : - CVE-2016-2054 The incorrect handling of user-supplied input in the 'config' command can trigger a stack-based buffer overflow, resulting in denial of service via...

[SECURITY] [DSA 3495-1] xymon security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3495-1 [email protected] https://www.debian.org/security/ Sebastien Delafond February 29, 2016 https://www.debian.org/security/faq -...

FreeBSD : xymon-server -- multiple vulnerabilities (1cecd5e0-c372-11e5-96d6-14dae9d210b8)

J.C. Cleaver reports : - CVE-2016-2054: Buffer overflow in xymond handling of 'config' command - CVE-2016-2055: Access to possibly confidential files in the Xymon configuration directory - CVE-2016-2056: Shell command injection in the 'useradm' and 'chpasswd' web applications - CVE-2016-2057:...

PayPal remote code execution vulnerability-vulnerability warning-the black bar safety net

! /Article/UploadPic/2016-1/2016126182812936.jpg In 2 0 1 5 years 1 2 months,I in the PayPal Business Sitemanager.paypal.comfound a serious vulnerability,this vulnerability exist,so that I can through unsafe JAVA deserialize the object,in the PayPal website, the server on the remote using the she...

NTP - Local Privilege Escalation

Source: http://www.halfdog.net/Security/2015/NtpCronjobUserNtpToRootPrivilegeEscalation/ Introduction Problem description: The cronjob script bundled with ntp package is intended to perform cleanup on statistics files produced by NTP daemon running with statistics enabled. The script is run as ro...

PHP 'ext/standard/exec.c' file integer overflow vulnerability

PHP PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community. The language supports multiple syntaxes, multiple databases and operating systems, and support for C, C++ for program extensions and so on. An...

xymon-server -- multiple vulnerabilities

J.C. Cleaver reports: CVE-2016-2054: Buffer overflow in xymond handling of "config" command CVE-2016-2055: Access to possibly confidential files in the Xymon configuration directory CVE-2016-2056: Shell command injection in the "useradm" and "chpasswd" web applications CVE-2016-2057: Incorrect...

ZTE SOHO ROUTERWEB_SHELL_CMD.GCH 远程命令执行漏洞

漏洞概要 2014 年 3 月 3 日，Rapid7 团队发布了中兴 F460 / F660 后门信息1，任何可以访问设备的用户都可以直接访问一个命令执行的 Web 界面，以 root 权限执行任意命令。 上述设备在中国境内被广泛应用，俗称“电信光猫”。 漏洞描述 ZTE 生产的 SOHO Router 的一些型号中，Web 根目录（/home/httpd ）下存在 /webshellcmd.gch 文件，没有任何访问控制，可以直接执行任意系统命令。 以下几点值得注意： Rapid7 于 2014 年 3 月 3 日公布此漏洞，但是根据搜索结果，此问题早在 2012...

Updated python-pygments packages fix security vulnerability

An unsafe use of string concatenation in a shell string occurs in FontManager. If the developer allows the attacker to choose the font and outputs an image, the attacker can execute any shell command on the remote system. The name variable injected comes from the constructor of FontManager, which...

MGASA-2015-0478 Updated python-pygments packages fix security vulnerability

An unsafe use of string concatenation in a shell string occurs in FontManager. If the developer allows the attacker to choose the font and outputs an image, the attacker can execute any shell command on the remote system. The name variable injected comes from the constructor of FontManager, which...

Amazon Linux: Security Advisory (ALAS-2015-630)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux AMI : python-pygments (ALAS-2015-630)

An unsafe use of string concatenation in a shell string occurs in FontManager. If the developer allows the attacker to choose the font and outputs an image, the attacker can execute any shell command on the remote system. The name variable injected comes from the constructor of FontManager, which...

git-fastclone permits arbitrary shell command execution from .gitmodules

Git allows executing arbitrary shell commands using git-remote-ext via a remote URLs. Normally git never requests URLs that the user doesn't specifically request, so this is not a serious security concern. However, submodules did allow the remote repository to specify what URL to clone from. If a...

MGASA-2015-0456 Updated python-pygments packages fix security vulnerability

An unsafe use of string concatenation in a shell string occurs in FontManager. If the developer allows the attacker to choose the font and outputs an image, the attacker can execute any shell command on the remote system. The name variable injected comes from the constructor of FontManager, which...

setroubleshoot: insecure use of commands.getstatusoutput in sealert

A shell command injection flaw was found in the way the setroubleshoot executed external commands. A local attacker able to trigger certain SELinux denials could use this flaw to execute arbitrary code with root privileges...

http-vuln-cve2014-8877 NSE Script

Exploits a remote code injection vulnerability CVE-2014-8877 in Wordpress CM Download Manager plugin. Versions = 2.0.0 are known to be affected. CM Download Manager plugin does not correctly sanitise the user input which allows remote attackers to execute arbitrary PHP code via the CMDsearch...