tnftp "savefile" Arbitrary Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'tnftp "savefile" Arbitrary Command Execution', 'Description' = %q This module exploits an arbitrary command execution vulnerability in tnftp's...

Ansible Tower Arbitrary Command Execution Vulnerability

Ansible is a computer system configuration manager from Ansible, Inc. that can be used to publish, manage, and orchestrate computer systems.Ansible Tower a.k.a. Ansible UI is one of the task control applications that provides a user interface UI, dashboard, and REST API. An arbitrary command...

tnftp "savefile" Arbitrary Command Execution

This module exploits an arbitrary command execution vulnerability in tnftp's handling of the resolved output filename - called "savefile" in the source - from a requested resource. If tnftp is executed without the -o command-line option, it will resolve the output filename from the last component...

Arbitrary Command Execution

Dulwich is vulnerable to arbitrary command execution. When using the SSH subprocess, an attacker can use an ssh URL with the - dash character in the hostname.This is related to CVE-2017-9800, CVE-2017-12836, CVE-2017-12976, CVE-2017-1000116, and CVE-2017-1000117...

The vulnerability of D-Link and TRENDnet’s microprogrammed router services allows attackers to execute arbitrary commands or bypass authentication mechanisms, thereby gaining full control over the device.

The vulnerability of D-Link and TRENDnet’s microprogrammed router software services is related to deficiencies in the authentication process when processing the ping command. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using the pingaddr parameter...

GHSA-G266-3CRH-H7GJ ldoce Gem Arbitrary Command Execution

lib/ldoce/word.rb in the ldoce 0.0.2 gem for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in 1 an mp3 URL or 2 file name...

GHSA-RFMF-RX8W-935W Sounder Contains Arbitrary Command Execution Vulnerability

lib/sounder/sound.rb in the sounder gem 1.0.1 for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a filename...

Apache James Deserialization RCE(CVE-2017-12628)

Analysis of CVE-2017-12628 This morning I spotted a tweet mentioning an “Apache James 3.0.1 JMX Server Deserialization” vulnerability, CVE-2017-12628, which caught my eye because I wrote a generic JMX deserialization exploit which is included in my RMI attack tool BaRMIe. A quick search for more...

Arbitrary Command Execution Through Java Deserialization Flaw

james-server is vulnerable to arbitrary command execution. The vulnerability exists due to a Java deserialization issue through the command line client introduced by an embedded JMX Server in james-server...

CVE-2017-12628

The JMX server embedded in Apache James, also used by the command line client is exposed to a java de-serialization issue, and thus can be used to execute arbitrary commands. As James exposes JMX socket by default only on local-host, this vulnerability can only be used for privilege escalation...

Cross site request forgery (csrf)

CSRF exists in Webmin 1.850. By sending a GET request to at/createjob.cgi containing dir=/&cmd= in the URI, an attacker to execute arbitrary commands...

CVE-2017-15645

CVE-2017-15645 : Webmin 1.850 is vulnerable to CSRF via a crafted GET request to at/create_job.cgi containing dir=/&cmd= in the URI, enabling an attacker to execute arbitrary commands. Multiple connected sources corroborate the vulnerability, including Red Hat and CVE registries; the attack vecto...

SUSE-SU-2017:2747-1 Security update for git

This update for git fixes the following issues: This security issue was fixed: - CVE-2017-14867: Git used unsafe Perl scripts to support subcommands such as cvsserver, which allowed attackers to execute arbitrary OS commands via shell metacharacters in a module name bsc1061041...

CVE-2017-11774

Microsoft Outlook 2010 SP2, Outlook 2013 SP1 and RT SP1, and Outlook 2016 allow an attacker to execute arbitrary commands, due to how Microsoft Office handles objects in memory, aka "Microsoft Outlook Security Feature Bypass Vulnerability."...

UI-Dialog Arbitrary Command Execution Vulnerability

UI-Dialog is a jQuery UI a set of JavaScript libraries in a pop-up box plugin . An arbitrary command execution vulnerability exists in UI-Dialog 1.09 and earlier versions. A remote attacker can exploit this vulnerability to execute arbitrary commands...

Important vulnerabilities early warning: the Windows DNS client in the broke multiple heap buffer overflow flaws vulnerabilities in bug-bug warning-the black bar safety net

Microsoft has in the 2017 year 10 months official fix for the vulnerability CVE-2017-11779, the vulnerability includes the Windows DNS client in the plurality of memory corruption vulnerabilities, running Windows 8/Server 2012 and an updated version ofOSthe computer will be affected by this...

[ASA-201710-15] go: arbitrary command execution

Arch Linux Security Advisory ASA-201710-15 ========================================== Severity: High Date : 2017-10-12 CVE-ID : CVE-2017-15041 Package : go Type : arbitrary command execution Remote : Yes Link : https://security.archlinux.org/AVG-442 Summary ======= The package go before version...

[ASA-201710-16] go-pie: arbitrary command execution

Arch Linux Security Advisory ASA-201710-16 ========================================== Severity: High Date : 2017-10-12 CVE-ID : CVE-2017-15041 Package : go-pie Type : arbitrary command execution Remote : Yes Link : https://security.archlinux.org/AVG-442 Summary ======= The package go-pie before...

The vulnerability of the HTTP Web-management component of Edgewater Networks Edgemarc software allows a perpetrator to execute arbitrary commands.

The vulnerability of the HTTP Web-management component of Edgewater Networks Edgemarc software is related to the lack of measures to sanitize input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands, using a hidden page as an interface for executing these...

The vulnerability of the “send and receive file” command handler in the Picocom terminal emulation software allows a hacker to execute any command they desire.

The vulnerability of the “send and receive file” command in the Picocom terminal emulation software lies in the lack of measures to sanitize input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands by using /bin/sh to launch external commands...