[SECURITY] Fedora 25 Update: bash-4.3.43-3.fc25

The GNU Bourne Again shell Bash is a shell or command language interpreter that is compatible with the Bourne shell sh. Bash incorporates useful features from the Korn shell ksh and the C shell csh. Most sh scripts can be run by bash without modification...

[SECURITY] Fedora 19 Update: bash-4.2.48-2.fc19

The GNU Bourne Again shell Bash is a shell or command language interpreter that is compatible with the Bourne shell sh. Bash incorporates useful features from the Korn shell ksh and the C shell csh. Most sh scripts can be run by bash without modification...

GlimpseHTTP 1.0/2.0 and WebGlimpse 1.0 Piped Command Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2026/info WebGlimpse and GlimpseHTTP are web indexing and search engine programs with some associated management scripts. GlimpseHTTP up to and including 2.0, and WebGlimpse prior to version 1.5, suffer from a common...

WEBgais 1.0 - Remote Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2058/info WEBgais is a script that provides a web interface to the gais Global Area Intelligent Search search engine tool. All versions up to 1.0B2 are vulnerable. The vulnerable script is /cgi-bin/webgais: due to imprope...

Bharat desi - Indian Community Hacked By Unix Shell Codrr !

Bharat desi - Indian Community Hacked By Unix Shell Codrr ! Statement By Unix Shell Codrr,"I hack this site to save its data,site is completely safe !". Site link : News Source : Unix Shell Codrr | Via Email Found this article interesting? Follow us on Twitter  and LinkedIn to read more exclusiv...

Sun IDM Arbitrary Commands Execution Vulnerability

1 Summary Affected Software: Sun IDM 7.1, 8.0 Vendor URL: http://www.sun.com/ Severity: Medium 2 Description Sun Identity Manager facilitates centralized identity provisioning for variety of application and platforms. Its web interface allows end users to request password change. To handle such...

F5 BIG-IP管理接口NEW_VALUE参数远程代码注入漏洞

BUGTRAQ ID: 28639 F5 BIG-IP是集成了网络流量管理、应用程序安全管理器、负载均衡等功能的多合一网络设备。 BIG-IP的配置工具实现上存在输入验证漏洞，远程攻击者可能利用此漏洞在系统上执行任意命令。 Web管理接口和CLI所使用的F5 BIG-IP重新配置工具没有正确地过滤某些重新配置请求，如果登录用户拥有Resource Manager或Administrator权限的话，就可以注入任意Perl代码，生成Unix shell命令并以root用户权限执行。 这个漏洞的起因是未经转义NEWVALUE中的单引号便使用了包含有类似于以下内容模板的Perl EP3：...

SOL7164 - Execution of UNIX shell commands from a URL without authentication

A URL that is accessible without first authenticating to the FirePass controller may be modified to inject UNIX shell commands. Under certain conditions, the commands can then be executed with user-level privileges. Any attacker with access to the FirePass logon page can theoretically launch this...

SOL7147 - Execution of UNIX shell commands from the URL in the Admin UI

A URL that is accessible from the Device Management Maintenance Troubleshooting Tools page can be modified to inject UNIX shell commands, which are then executed with user-level privileges. Only FirePass Administrators with permission to access this URL can perform this action. Standard FirePass...

Command injection

na-img-4.0.34.bin for the IP3 Networks NetAccess NA75 allows local users to gain Unix shell access via "" backtick characters in the appliance's command line interface CLI...

CVE-2006-2043

na-img-4.0.34.bin for the IP3 Networks NetAccess NA75 allows local users to gain Unix shell access via "" backtick characters in the appliance's command line interface CLI...

CVE-2006-2043

na-img-4.0.34.bin for the IP3 Networks NetAccess NA75 allows local users to gain Unix shell access via "" backtick characters in the appliance's command line interface CLI...

CVE-2006-2043

CVE-2006-2043 affects IP3 Networks NetAccess NA75 with the na-img-4.0.34.bin image; backtick characters in the appliance CLI enable local users to gain Unix shell access, indicating a command-injection-style vulnerability in the CLI parsing. No remediation details are provided in the supplied doc...

CVE-2005-0130

Certain Perl scripts in Konversation 0.15 allow remote attackers to execute arbitrary commands via shell metacharacters in 1 channel names or 2 song names that are not properly quoted when the user runs IRC scripts...

linux/x86 unix/SPARC execve /bin/sh 80 bytes

Exploit for multiple platform in category shellcode ============================================ linux/x86 unix/SPARC execve /bin/sh 80 bytes ============================================ / Linux/x86 and Unix/Sparc execve of /bin/sh by dymitri!!! / include char wcode=...

CVE-2000-1134

Multiple shell programs on various Unix systems, including 1 tcsh, 2 csh, 3 sh, and 4 bash, follow symlinks when processing redirects aka here-documents or in-here documents, which allows local users to overwrite files of other users via a symlink attack...

Apple Mac OSX 10 HP-UX 91011 Mandriva 67 RedHat 56 SCO 5 IRIX 6 - Shell Redirection Race Condition

Apple Mac OSX 10 HP-UX 91011 Mandriva 67 RedHat 56 SCO 5 IRIX 6 - Shell Redirection Race Condition source: https://www.securityfocus.com/bid/2006/info bash, tcsh, cash, ksh and sh are all variations of the Unix shell distributed with many Unix and Unix clone operating systems. A vulnerability...

shell-modem-access.txt

Date: Wed, 27 Jan 1999 09:01:51 +0100 From: Marc SCHAEFER To: [email protected] Subject: UNIX shell modem access vulnerabilities NAME ptylogin AUTHOR Marc SCHAEFER with the help of the author of mgetty, Gert DOERING, and Theodore Y TSO. VERSION $Id: ANNOUNCEMENT,v 1.7 1999/01/27 08:00:28...