CVE-2016-10243

TeX Live allows remote attackers to execute arbitrary commands by leveraging inclusion of mpost in shellescapecommands in the texmf.cnf config file...

CVE-2016-10243

TeX Live allows remote attackers to execute arbitrary commands by leveraging inclusion of mpost in shellescapecommands in the texmf.cnf config file...

CVE-2016-10243

TeX Live allows remote attackers to execute arbitrary commands by leveraging inclusion of mpost in shellescapecommands in the texmf.cnf config file...

UBUNTU-CVE-2016-10243

TeX Live allows remote attackers to execute arbitrary commands by leveraging inclusion of mpost in shellescapecommands in the texmf.cnf config file...

Solarwinds LEM 6.3.1 Shell Escape Command Injection

KL-001-2017-007 : Solarwinds LEM Management Shell Escape via Command Injection Title: Solarwinds LEM Management Shell Escape via Command Injection Advisory ID: KL-001-2017-007 Publication Date: 2017.04.24 Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2017-007.txt 1...

CVE-2017-7722

In SolarWinds Log & Event Manager LEM before 6.3.1 Hotfix 4, a menu system is encountered when the SSH service is accessed with "cmc" and "password" the default username and password. By exploiting a vulnerability in the restrictssh feature of the menuing script, an attacker can escape from the...

CVE-2017-7722

In SolarWinds Log & Event Manager LEM before 6.3.1 Hotfix 4, a menu system is encountered when the SSH service is accessed with "cmc" and "password" the default username and password. By exploiting a vulnerability in the restrictssh feature of the menuing script, an attacker can escape from the...

Billion 7700NR4 Router - Remote Command Execution

Title : Billion Router 7700NR4 Remote Root Command Execution Date : 06/10/2016 Author : R-73eN Tested on: Billion Router 7700NR4 Vendor : http://www.billion.com/ Vulnerability Description: This router is a widely used here in Albania. It is given by a telecom provider to the home and bussiness...

OracleVM 3.3 / 3.4 : foomatic (OVMSA-2016-0040)

The remote OracleVM system is missing necessary patches to address critical security updates : - Also consider back tick and semicolon as illegal shell escape characters. - CVE-2015-8327, CVE-2015-8560 - Prevent foomatic-rip overrun bug 1214534. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

foomatic security update

4.0.4-5 - Also consider back tick and semicolon as illegal shell escape characters. - CVE-2015-8327, CVE-2015-8560 4.0.4-4 - Prevent foomatic-rip overrun bug 1214534...

openSUSE Security Update : cups-filters (openSUSE-2016-67)

This update fixes the following security issue : CVE-2015-8327 adds backtick and semicolon to the list of illegal shell escape characters bsc957531. This update was imported from the SUSE:SLE-12:Update update project. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...

SUSE SLED11 / SLES11 Security Update : foomatic-filters (SUSE-SU-2016:0112-1)

This update fixes the following security issues : - CVE-2015-8327: adds backtick and semicolon to the list of illegal shell escape characters bsc957531. CVE-2015-8560: fixed code execution via improper escaping of ; bsc957531. Note that Tenable Network Security has extracted the preceding...

SUSE-SU-2016:0092-1 Security update for cups-filters

This update fixes the following security issue: CVE-2015-8327 adds backtick and semicolon to the list of illegal shell escape characters bsc957531...

Ubuntu: Security Advisory (USN-2838-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-2838-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-2831-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 12.04 LTS : foomatic-filters vulnerability (USN-2831-2)

Michal Kowalczyk discovered that the foomatic-filters foomatic-rip filter incorrectly stripped shell escape characters. A remote attacker could possibly use this issue to execute arbitrary code as the lp user. Note that Tenable Network Security has extracted the preceding description block direct...

USN-2831-1: cups-filters vulnerability

Michal Kowalczyk discovered that the cups-filters foomatic-rip filter incorrectly stripped shell escape characters. A remote attacker could possibly use this issue to execute arbitrary code as the lp user...

CVE-2007-4044

No description is available for this CVE...

Grandstream GXV3275 SSH Key / Command Execution Vulnerability

Grandstream GXV3275 ships with a default root SSH key which could be used a backdoor. It also suffers from an issue where restricted commands can be leveraged to break out into a full shell. The Grandstream GXV3275 is an Android-based VoIP phone. Several vulnerabilities were found affecting this...