7629 matches found
Command Injection Vulnerability
A vulnerability exists whereby an authenticated user can inject arbitrary shell commands using the device management command line interface. Ref 31116 This vulnerability can result in arbitrary command execution, and can result in total compromise of the device. The attacker must still be an...
Command Injection Vulnerability
A vulnerability exists whereby an authenticated user can inject arbitrary shell commands using the device management command line interface. Ref 34502 This vulnerability can result in arbitrary command execution, and can result in total compromise of the device. This issue affects PAN-OS 4.1.1 an...
Command Injection Vulnerability
A vulnerability exists whereby an authenticated user can inject arbitrary shell commands using the device management command line interface. Ref 34299 This vulnerability can result in arbitrary command execution, and can result in total compromise of the device. The attacker must still be an...
Command Injection Vulnerability
A vulnerability exists whereby an authenticated user can inject arbitrary shell commands using the device management command line interface. Ref 30122 This vulnerability can result in arbitrary command execution, and can result in total compromise of the device. This issue affects PAN-OS 4.0.3 an...
Tivoli Provisioning Manager Express ActiveX RunAndUploadFile vulnerability
Added: 04/13/2012 CVE: CVE-2012-0198 BID: 52252 OSVDB: 79735 Background Tivoli Provisioning Manager Express for Software Distribution is a software inventory and distribution solution. Problem A buffer overflow vulnerability in the RunAndUploadFile method in the Isig.isigCtl.1 ActiveX control...
Tivoli Provisioning Manager Express ActiveX RunAndUploadFile vulnerability
Added: 04/13/2012 CVE: CVE-2012-0198 BID: 52252 OSVDB: 79735 Background Tivoli Provisioning Manager Express for Software Distribution is a software inventory and distribution solution. Problem A buffer overflow vulnerability in the RunAndUploadFile method in the Isig.isigCtl.1 ActiveX control...
Tivoli Provisioning Manager Express ActiveX RunAndUploadFile vulnerability
Added: 04/13/2012 CVE: CVE-2012-0198 BID: 52252 OSVDB: 79735 Background Tivoli Provisioning Manager Express for Software Distribution is a software inventory and distribution solution. Problem A buffer overflow vulnerability in the RunAndUploadFile method in the Isig.isigCtl.1 ActiveX control...
Tivoli Provisioning Manager Express ActiveX RunAndUploadFile vulnerability
Added: 04/13/2012 CVE: CVE-2012-0198 BID: 52252 OSVDB: 79735 Background Tivoli Provisioning Manager Express for Software Distribution is a software inventory and distribution solution. Problem A buffer overflow vulnerability in the RunAndUploadFile method in the Isig.isigCtl.1 ActiveX control...
rubygem-mail -- multiple vulnerabilities
rubygem-mail -- multiple vulnerabilities Two issues were fixed. They are a file system traversal in filedelivery method and arbitrary command execution when using exim or sendmail from the command line...
CVE-2012-2140 rubygem-mail: arbitrary command execution when using exim or sendmail from commandline
The Mail gem before 2.4.3 for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a 1 sendmail or 2 exim delivery...
CVE-2012-0992
interface/fax/faxdispatch.php in OpenEMR 4.1.0 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the file parameter...
OpenEMR 4.1 - '/Interface/patient_file/encounter/load_form.php?formname' Traversal Local File Inclusion
source: https://www.securityfocus.com/bid/51788/info OpenEMR is prone to local file-include and command-injection vulnerabilities because it fails to properly sanitize user-supplied input. A remote attacker can exploit these issues to execute arbitrary shell commands with the privileges of the us...
Juniper Junos MGD-CLI Arbitrary Command Execution (PSN-2011-11-418)
According to its self-reported version number, the version of Junos running on the remote device has a command execution vulnerability. A flaw in the logical model governing inter-process communications between the management daemon MGD and the command-line interpreter CLI could result in arbitra...
[ MDVSA-2012:009 ] perl
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2012:009 http://www.mandriva.com/security/ Package : perl Date : January 18, 2012 Affected: Enterprise Server 5.0 Problem Description: A vulnerability has been found and corrected in perl: Eval injection in the...
Gitorious Arbitrary Command Execution
Exploit for linux platform in category remote exploits This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...
op5 Portal Arbitrary Command Execution
The version of op5 Config hosted on the remote web server is earlier than 1.6.2. As such, it contains a flaw in the 'license.php' script that allows a remote, unauthenticated attacker to run arbitrary commands with the privileges of the web user simply by enclosing them in backticks in the...
op5 Config Arbitrary Command Execution
The version of op5 Config hosted on the remote web server is earlier than 2.0.3. As such, it contains a flaw on its welcome page that allows a remote, unauthenticated attacker to run arbitrary commands with root privileges simply by enclosing them in backticks in the password field. %NASLMINLEVEL...
DEBIAN-CVE-2011-3597
Eval injection vulnerability in the Digest module before 1.17 for Perl allows context-dependent attackers to execute arbitrary commands via the new constructor...
CVE-2011-3597
CVE-2011-3597 is an eval-injection vulnerability in the Perl Digest module (before 1.17). The vulnerability allows context-dependent attackers to execute arbitrary commands via the module’s new constructor. Affected component: Digest module for Perl; root cause described as improper handling/unsa...
Family Connections less.php Remote Command Execution
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Family Connection...