1820 matches found
CVE-2008-4101
Vim 3.0 through 7.x before 7.2.010 does not properly escape characters, which allows user-assisted attackers to 1 execute arbitrary shell commands by entering a K keystroke on a line that contains a ";" semicolon followed by a command, or execute arbitrary Ex commands by entering an argument afte...
Code injection
Vim 3.0 through 7.x before 7.2.010 does not properly escape characters, which allows user-assisted attackers to 1 execute arbitrary shell commands by entering a K keystroke on a line that contains a ";" semicolon followed by a command, or execute arbitrary Ex commands by entering an argument afte...
FreeBSD Ports: gaim, ja-gaim, ko-gaim, ru-gaim
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
vim-sanitize.txt
Vim: Arbitrary Code Execution in Commands: K, Control-, g 1. SUMMARY Product : Vim -- Vi IMproved Versions : 3.0--current, possibly older Impact : Arbitrary code execution Wherefrom: Local Original : http://www.rdancer.org/vulnerablevim-K.html Insufficient sanitization can lead to Vim executing...
Prozilla Forum Service (forum.php forum) SQL Injection Vulnerability
Exploit for unknown platform in category web applications ==================================================================== Prozilla Forum Service forum.php forum SQL Injection Vulnerability ====================================================================...
CenterIM <= 4.22.3 Remote Command Execution Vulnerability
No description provided by source. Application: CenterIM http://www.centerim.org/index.php/MainPage Versions: centerim = 4.22.3 OS: Linux Bug: Execution of shell commands Exploit: remote Date: 15 March 2008 Author: Brian Fonfara w00 eMail: [email protected] Web: newb.kicks-ass.net 1 Bug 2...
CenterIM 4.22.3 - Remote Command Execution
CenterIM 4.22.3 - Remote Command Execution Application: CenterIM http://www.centerim.org/index.php/MainPage Versions: centerim = 4.22.3 OS: Linux Bug: Execution of shell commands Exploit: remote Date: 15 March 2008 Author: Brian Fonfara w00 eMail: [email protected] Web: newb.kicks-ass.net 1 Bu...
GLSA-200803-06 : SWORD: Shell command injection
The remote host is affected by the vulnerability described in GLSA-200803-06 SWORD: Shell command injection Dan Dennison reported that the diatheke.pl script used in SWORD does not properly sanitize shell meta-characters in the 'range' parameter before processing it. Impact : A remote attacker...
Debian Security Advisory DSA 1508-1 (diatheke)
The remote host is missing an update to diatheke announced via advisory DSA 1508-1. OpenVAS Vulnerability Test $Id: deb15081.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1508-1 diatheke Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...
Debian: Security Advisory (DSA-1508-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-1508-1 : diatheke - insufficient input sanitising
Dan Dennison discovered that Diatheke, a CGI program to make a bible website, performs insufficient sanitising of a parameter, allowing a remote attacker to execute arbitrary shell commands as the web server user. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and packa...
[SECURITY] [DSA 1508-1] New diatheke packages fix arbirary shell command execution
------------------------------------------------------------------------ Debian Security Advisory DSA-1508-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst February 25, 2008 http://www.debian.org/security/faq -...
Coppermine Photo Gallery 1.4.14 Remote Command Execution Exploit
No description provided by source. waraxe-2008-SA065 - Remote Shell Command Execution in Coppermine 1.4.14 =============================================================================== Author: Janek Vind "waraxe" Date: 30. January 2008 Location: Estonia, Tartu Web:...
Debian Security Advisory DSA 1465-1 (apt-listchanges)
The remote host is missing an update to apt-listchanges announced via advisory DSA 1465-1. OpenVAS Vulnerability Test $Id: deb14651.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1465-1 apt-listchanges Authors: Thomas Reinke Copyright: Copyright c 2008...
Debian: Security Advisory (DSA-1477-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
DSA-1477-1 yarssr - missing input sanitising
Bulletin has no description...
[SECURITY] [DSA 1465-2] New apt-listchanges packages fix arbitrary code execution
------------------------------------------------------------------------ Debian Security Advisory DSA-1465-2 [email protected] http://www.debian.org/security/ Steve Kemp January 17, 2008 http://www.debian.org/security/faq -...
Debian Security Advisory DSA 1226-1 (links)
The remote host is missing an update to links announced via advisory DSA 1226-1. Teemu Salmela discovered that the links character mode web browser performs insufficient sanitising of smb:// URIs, which might lead to the execution of arbitrary shell commands. OpenVAS Vulnerability Test $Id:...
Debian Security Advisory DSA 1250-1 (cacti)
The remote host is missing an update to cacti announced via advisory DSA 1250-1. It was discovered that cacti, a frontend to rrdtool, performs insufficient validation of data passed to the cmd script, which allows SQL injection and the execution of arbitrary shell commands. OpenVAS Vulnerability...
Debian Security Advisory DSA 1204-1 (ingo1)
The remote host is missing an update to ingo1 announced via advisory DSA 1204-1. It was discovered that the Ingo email filter rules manager performs insufficient escaping of user-provided data in created procmail rules files, which allows the execution of arbitrary shell commands. OpenVAS...