YaBB 9.11.2000 - 'search.pl' Arbitrary Command Execution

source: https://www.securityfocus.com/bid/1921/info YaBB Yet Another Bulletin Board is a popular perl-based bulletin board scripting package. search. pl, one of several perl scripts which comprise YaBB, fails to properly validate user input which arguments a call to open. A malicious user could...

Wang/Kodak Image Thumbnail ActiveX Control

Overview Description The Image Thumbnail control is incorrectly marked safe for scripting. This control is sometimes identified as from "Kodak" and other times as from "Wang". The Image Thumbnail control is one of several controls used to provide image editting services through a web site. Becaus...

Cisco Catalyst 3500 XL - Arbitrary Command Execution

Cisco Catalyst 3500 XL - Arbitrary Command Execution source: https://www.securityfocus.com/bid/1846/info A vulnerability exists in the webserver configuration interface which will allow an anonymous user to execute commands. A http request which includes /exec and a known filename will reveal the...

Cisco Catalyst 3500 XL - Arbitrary Command Execution

source: https://www.securityfocus.com/bid/1846/info A vulnerability exists in the webserver configuration interface which will allow an anonymous user to execute commands. A http request which includes /exec and a known filename will reveal the contents of the particular file. In addition to...

CVE-2000-0776

Mediahouse Statistics Server 5.02x allows remote attackers to execute arbitrary commands via a long HTTP GET request...

CVE-2000-0781

uagentsetup in ARCServeIT Client Agent 6.62 does not properly check for the existence or ownership of a temporary file which is moved to the agent.cfg configuration file, which allows local users to execute arbitrary commands by modifying the temporary file before it is moved...

BSD lpr 0.54 -4 - Arbitrary Command Execution

BSD lpr 0.54 -4 - Arbitrary Command Execution source: https://www.securityfocus.com/bid/1834/info lpr is a set of printing tools for unix systems. The lpr package that ships with RedHat Linux 6.2 and possibly earlier versions contains a vulnerability that will allow an attacker to execute arbitra...

BSD 'lpr' 0.54 -4 - Arbitrary Command Execution

source: https://www.securityfocus.com/bid/1834/info lpr is a set of printing tools for unix systems. The lpr package that ships with RedHat Linux 6.2 and possibly earlier versions contains a vulnerability that will allow an attacker to execute arbitrary commands with the privileges of group 'lp'...

CVE-2000-0828

CVE-2000-0828 describes a buffer overflow in Mobius DocumentDirect for the Internet 1.2 ’s ddicgi.exe . An attacker can trigger arbitrary command execution by sending a specially long User-Agent header, i.e., a remote code execution vulnerability. The entry lists a network attack vector with a hi...

CVE-2000-0322

The passwd.php3 CGI script in the Red Hat Piranha Virtual Server Package allows local users to execute arbitrary commands via shell metacharacters...

CVE-2000-0494

Veritas Volume Manager creates a world writable .serverpids file, which allows local users to add arbitrary commands into the file, which is then executed by the vmsaserver script...

CVE-2000-0561

Buffer overflow in WebBBS 1.15 allows remote attackers to execute arbitrary commands via a long HTTP GET request...

CVE-2000-0727

xpdf PDF viewer client earlier than 0.91 does not properly launch a web browser for embedded URL's, which allows an attacker to execute arbitrary commands via a URL that contains shell metacharacters...

CVE-1999-0247

Buffer overflow in nnrpd program in INN up to version 1.6 allows remote users to execute arbitrary commands...

CVE-2000-0009

The bnapass program in Optivity NETarchitect uses the PATH environmental variable for finding the "rm" program, which allows local users to execute arbitrary commands...

CVE-2000-0525

CVE-2000-0525: OpenSSH does not properly drop privileges when UseLogin is enabled, allowing local users to execute arbitrary commands by supplying the command to the ssh daemon. Affected: OpenSSH with UseLogin enabled. Root cause: privileges not dropped correctly after authentication. Impact: pot...

CVE-2000-0743

Buffer overflow vulnerability in University of Minnesota (UMN) gopherd 2.x. A remote attacker can trigger command execution by sending a DES key generation request (GDESkey) that contains a long ticket value. Affected component: gopherd 2.x; root cause: overflow in handling DES key generation req...

CVE-2000-0655

CVE-2000-0655 affects Netscape Communicator 4.73 and earlier. The vulnerability allows remote attackers to cause a denial of service or execute arbitrary commands through a JPEG image containing a comment with an illegal field length of 1. The connected documents corroborate the affected software...

CVE-2000-0663

The CVE-2000-0663 issue concerns Windows NT/2000 where the registry entry for Explorer.exe uses a relative path name, enabling a local user to cause arbitrary commands to run by placing a Trojan named Explorer.exe in the %Systemdrive% directory (the “Relative Shell Path” vulnerability). Affected ...

CVE-2000-0727

CVE-2000-0727 affects the xpdf PDF viewer client older than 0.91. The flaw: when handling embedded URLs, the client does not correctly launch a web browser, enabling an attacker to execute arbitrary commands via a URL containing shell metacharacters. NVD assigns a base CVSS v2.0 score of 7.6 (HIG...