1763 matches found
[SA18579] OpenSSH scp Command Line Shell Command Injection
TITLE: OpenSSH scp Command Line Shell Command Injection SECUNIA ADVISORY ID: SA18579 VERIFY ADVISORY: http://secunia.com/advisories/18579/ CRITICAL: Not critical IMPACT: Privilege escalation WHERE: Local system SOFTWARE: OpenSSH 4.x http://secunia.com/product/5653/ OpenSSH 3.x...
[SA18556] Etomite "cij" Shell Command Execution Backdoor Security Issue
TITLE: Etomite "cij" Shell Command Execution Backdoor Security Issue SECUNIA ADVISORY ID: SA18556 VERIFY ADVISORY: http://secunia.com/advisories/18556/ CRITICAL: Highly critical IMPACT: System access WHERE: From remote SOFTWARE: Etomite 0.x http://secunia.com/product/6896/ DESCRIPTION: Luca Ercol...
GLSA-200512-10 : Opera: Command-line URL shell command injection
The remote host is affected by the vulnerability described in GLSA-200512-10 Opera: Command-line URL shell command injection Peter Zelezny discovered that the shell script used to launch Opera parses shell commands that are enclosed within backticks in the URL provided via the command line. Impac...
Shell Command Execution Vulnerability
The remote port seems to be running some form of shell script, with some provided user input. The input is not stripped for such meta characters as SPDX-FileCopyrightText: 2001 SecurITeam Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective...
Use SERV-U to do a backdoor-a vulnerability warning-the black bar safety net
serv-u default monitor 1 2 7. 0. 0. 1:4 3 9 5 8, so only in the present machine to be connected to this management port. serv-u default administrative account is LocalAdministrator,the default password is l@$ak. lk;0@P, this password in the same version is fixed, maybe in different versions is al...
Twiki rev Parameter Arbitrary Shell Command Execution
Binary data 3223.prm...
[SA16820] TWiki "rev" Shell Command Injection Vulnerability
---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...
libgadu -- multiple vulnerabilities
Wojtek Kaniewski reports: Multiple vulnerabilities have been found in libgadu, a library for handling Gadu-Gadu instant messaging protocol. It is a part of ekg, a Gadu-Gadu client, but is widely used in other clients. Also some of the user contributed scripts were found to behave in an insecure...
CVE-2005-1851
A certain contributed script for ekg Gadu Gadu client 1.5 and earlier allows attackers to execute shell commands via unknown attack vectors...
CVE-2005-1851
CVE-2005-1851 affects the ekg Gadu-Gadu client and its contributed scripts. Umbrella advisories describe insecure temporary file handling and a shell command injection path in contributed scripts (including ekgbot-pre1.py), which could allow an attacker to execute arbitrary commands with the priv...
CVE-2005-1851
Removed by vendor...
Debian DSA-760-1 : ekg - several vulnerabilities
Several vulnerabilities have been discovered in ekg, a console Gadu Gadu client, an instant messaging program. The Common Vulnerabilities and Exposures project identifies the following vulnerabilities : - CAN-2005-1850 Marcin Owsiany and Wojtek Kaniewski discovered insecure temporary file creatio...
[SECURITY] [DSA 760-1] New ekg packages fix several vulnerabilities
-------------------------------------------------------------------------- Debian Security Advisory DSA 760-1 [email protected] http://www.debian.org/security/ Martin Schulze July 18th, 2005 http://www.debian.org/security/faq -...
[SA15985] USANet Creations Products Shell Command Injection Vulnerability
---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...
[SA15981] pngcntrp "kaiseki.cgi" Shell Command Injection Vulnerability
---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...
WordPress Core 1.5.1.2 - 'xmlrpc' Interface SQL Injection
!/usr/bin/perl -w sorry for the late posting, had to test it. /str0ke Wordpress 1.5.1.2 Strayhorn // XMLRPC Interface SQL Injection By James Bercegay // http://www.gulftech.org/ // June 21 2005 Quick and dirty proof of concept that uses the XML RPC server vulnerabilities I discovered to extract a...
K-COLLECT CSV_DB / i_DB csv_db.cgi file Parameter Arbitrary Command Execution
The remote host is running K-COLLECT csv-database, a web application written in perl. The remote version of this software fails to sanitize user input to the 'file' parameter of the 'csvdb.cgi' script before using it to run a shell command. An unauthenticated can exploit this issue to execute...
[SA15754] NanoBlogger Plugins Shell Command Injection Vulnerability
---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...
eping.txt
www.RedC0de.org found the following error in eping: Details ------- Advisory name: Arbitrary code execution in eping plugin Advisory number: 1 Application: eping Aplication author: apnovi3 Security-Risk: high - very high Remote-Exploit: Yes Discovered by: m00fd1 aka Tr|p Introduction ------------...
MADSHEEP-05SA (security advisory): WebHints <= v1.03 Remote Command Execution Vulnerability
MADSHEEP-05SA security advisory: WebHints = v1.03 Remote Command Execution Vulnerability 06/11/2005 MADSHEEP-05SA security advisory: WebHints = v1.03 Remote Command Execution Vulnerability Published: 06 11 2005 Released: 06 11 2005 Name: WebHints Affected Systems: = 1.03 Issue: Remote Command...