Remote Code Execution (RCE)

macaddress is vulnerable to remote code execution RCE attacks. The vulnerability exists due to the lack of sanitization of the iface argument, allowing arbitrary shell commands to be injected and executed through it...

Node.js third-party modules: [buttle] Remote Command Execution via unsanitized PHP filename when it's run with --php-bin flag

I would like to report Remote Code Execution in buttle module. When buttle is run with --php-bin option to handle PHP, the PHP filename is not sanitized and allows to inject shell commands. Module module name: buttle version: 0.2.0 npm page: https://www.npmjs.com/package/buttle Module Description...

Open-AudIT Professional Cross-Site Scripting Vulnerability

Open-AudIT Professional is a network discovery and auditing program. The program intelligently scans networks and network devices and provides status reports. A cross-site scripting vulnerability exists in Open-AudIT Professional version 2.1. A remote attacker can exploit this vulnerability to...

Apache CouchDB Arbitrary Command Execution

CouchDB administrative users can configure the database server via HTTPS. Some of the configuration options include paths for operating system-level binaries that are subsequently launched by CouchDB. This allows an admin user in Apache CouchDB before 1.7.0 and 2.x before 2.1.1 to execute arbitra...

Debian DSA-4149-1 : plexus-utils2 - security update

Charles Duffy discovered that the Commandline class in the utilities for the Plexus framework performs insufficient quoting of double-encoded strings, which could result in the execution of arbitrary shell commands. C Tenable Network Security, Inc. The descriptive text and package checks in this...

[SECURITY] [DSA 4149-1] plexus-utils2 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4149-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff March 22, 2018 https://www.debian.org/security/faq -...

Debian DSA-4146-1 : plexus-utils - security update

Charles Duffy discovered that the Commandline class in the utilities for the Plexus framework performs insufficient quoting of double-encoded strings, which could result in the execution of arbitrary shell commands. C Tenable Network Security, Inc. The descriptive text and package checks in this...

Debian DSA-4134-1 : util-linux - security update

Bjorn Bosselmann discovered that the umount bash completion from util-linux does not properly handle embedded shell commands in a mountpoint name. An attacker with rights to mount filesystems can take advantage of this flaw for privilege escalation if a user in particular root is tricked into usi...

Newsbeuter: User-assisted execution of arbitrary code

Background Newsbeuter is a RSS/Atom feed reader for the text console. Description Newsbeuter does not properly escape shell meta-characters in an RSS item with a media enclosure in the podcast playback function of Podbeuter. Impact A remote attacker, by enticing a user to open a feed with a...

CVE-2018-7738

In util-linux before 2.32-rc1, bash-completion/umount allows local users to gain privileges by embedding shell commands in a mountpoint name, which is mishandled during a umount command within Bash by a different user, as demonstrated by logging in as root and entering umount followed by a tab...

CVE-2018-7738

In util-linux before 2.32-rc1, bash-completion/umount allows local users to gain privileges by embedding shell commands in a mountpoint name, which is mishandled during a umount command within Bash by a different user, as demonstrated by logging in as root and entering umount followed by a tab...

Authentication flaw

In util-linux before 2.32-rc1, bash-completion/umount allows local users to gain privileges by embedding shell commands in a mountpoint name, which is mishandled during a umount command within Bash by a different user, as demonstrated by logging in as root and entering umount followed by a tab...

CVE-2018-7738

In util-linux before 2.32-rc1, bash-completion/umount allows local users to gain privileges by embedding shell commands in a mountpoint name, which is mishandled during a umount command within Bash by a different user, as demonstrated by logging in as root and entering umount followed by a tab...

CVE-2018-7738

In util-linux before 2.32-rc1, bash-completion/umount allows local users to gain privileges by embedding shell commands in a mountpoint name, which is mishandled during a umount command within Bash by a different user, as demonstrated by logging in as root and entering umount followed by a tab...

CVE-2018-7738

The CVE-2018-7738 entry concerns util-linux before 2.32-rc1, where the bash-completion/umount script mishandles certain mountpoint names, allowing a local attacker to escalate privileges via an autocompletion sequence in Bash. Exploitation is demonstrated by embedding shell commands in a mountpoi...

Node.js third-party modules: [open] concatenation of unsanitized input into exec() command

I would like to report command injection in open. It allows to inject arbitrary shell commands by specifing crafted urls. Module module name: open version: 0.0.5 npm page: https://www.npmjs.com/package/open Module Description Open a file or url in the user's preferred application. Module Stats 31...

Debian DSA-4116-1 : plasma-workspace - security update

Krzysztof Sieluzycki discovered that the notifier for removable devices in the KDE Plasma workspace performed insufficient sanitisation of FAT/VFAT volume labels, which could result in the execution of arbitrary shell commands if a removable device with a malformed disk label is mounted. C Tenabl...

Input validation

A vulnerability in an operations script of Cisco UCS Central could allow an authenticated, remote attacker to execute arbitrary shell commands with the privileges of the daemon user. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by posting...

CVE-2018-0113

A vulnerability in an operations script of Cisco UCS Central could allow an authenticated, remote attacker to execute arbitrary shell commands with the privileges of the daemon user. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by posting...

Cisco UCS Central Arbitrary Command Execution Vulnerability

A vulnerability in an operations script of Cisco UCS Central could allow an authenticated, remote attacker to execute arbitrary shell commands with the privileges of the daemon user. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by posting...