TELUS Security Labs VR - Symantec Alert Management System HNDLRSVC Arbitrary Command Execution

Symantec Alert Management System HNDLRSVC Arbitrary Command Execution TSL ID: FSC20100727-01 1. Affected Software Symantec Antivirus Corporate Edition 10.1.8.8000 and possibly prior Symantec System Center 10.1.8.8000 and possibly prior Reference:...

NewV: NewvCommon.ocx arbitrary command execution via the Runcommand attribute

Vendor: NewV http:// www.newv.com.cn/ Product: NewV smartclient http://demo.newv.com.cn/lds/module/smartclientsetting.exe Vulnerable Version: 1.0.0.18 Status: Not Fixed, Vendor Alerted Risk level: High Credit: Yu Guoyuguo.cngmail.com Description: An input validation issue exists in the NewV Activ...

Redmine SCM Repository 0.9.x/1.0.x - Arbitrary Command Execution (Metasploit)

$Id: redminescmexec.rb 11516 2011-01-08 01:13:26Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framewor...

Redmine SCM Repository Arbitrary Command Execution

$Id: redminescmexec.rb 11414 2010-12-25 14:43:13Z swtornio $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

Redmine SCM Repository Arbitrary Command Execution

This module exploits an arbitrary command execution vulnerability in the Redmine repository controller. The flaw is triggered when a rev parameter is passed to the command line of the SCM tool without adequate filtering. This module requires Metasploit: https://metasploit.com/download Current...

Citrix Access Gateway - Command Injection

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 VSR Security Advisory http://www.vsecurity.com/ - -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Advisory Name: Citrix Access Gateway Command Injection Vulnerability Release Date: 2010-12-21 Application: Citrix Access...

Citrix Access Gateway Command Injection

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 VSR Security Advisory http://www.vsecurity.com/ - -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Advisory Name: Citrix Access Gateway Command Injection Vulnerability Release Date: 2010-12-21 Application: Citrix Access...

Redmine SCM Repository - Arbitrary Command Execution (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'Redmine SCM Repository Arbitrary Command Execution', 'Description' = %q This module exploits an arbitrary command execution...

Awstats < 7.0 Configuration File Remote Arbitrary Command Execution Vulnerability

Awstats is prone to an arbitrary command-execution vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

Awstats Configuration File Remote Arbitrary Command Execution Vulnerability

Awstats is prone to an arbitrary command-execution vulnerability. This issue is due to a failure in the application to properly sanitize user- supplied input. An attacker can exploit this vulnerability to execute arbitrary shell commands in the context of the webserver process. This may help...

AWStats 6.x - Apache Tomcat Configuration File Arbitrary Command Execution

source: https://www.securityfocus.com/bid/45123/info Awstats is prone to an arbitrary command-execution vulnerability. This issue occurs when Awstats is used along with Apache Tomcat in Microsoft Windows. An attacker can exploit this vulnerability to execute arbitrary shell commands in the contex...

Openswan: Gateway arbitrary code execution via shell metacharacters in cisco_dns_info or cisco_domain_info data in packet

programs/pluto/xauth.c in the client in Openswan 2.6.25 through 2.6.28 allows remote authenticated gateways to execute arbitrary commands via shell metacharacters in 1 ciscodnsinfo or 2 ciscodomaininfo data in a packet, a different vulnerability than CVE-2010-3302...

FreeNAS exec_raw.php Arbitrary Command Execution

This module exploits an arbitrary command execution flaw in FreeNAS 0.7.2 'FreeNAS execraw.php Arbitrary Command Execution', 'Description' = %q This module exploits an arbitrary command execution flaw in FreeNAS 0.7.2 'MC' , 'License' = MSFLICENSE, 'References' = 'OSVDB', '94441' , 'URL',...

FreeNAS 'exec_raw.php' Arbitrary Command Execution

The version of FreeNAS on the remote host fails to restrict access to its 'execraw.php' script. A remote, unauthenticated attacker can pass arbitrary commands through the script's 'cmd' parameter and have them executed with administrative privileges. %NASLMINLEVEL 70300 C Tenable Network Security...

TeamSpeak Client Arbitrary command execution vulnerability (Windows)

This host is installed with TeamSpeak client and is prone to arbitrary command execution vulnerability. OpenVAS Vulnerability Test $Id: gbteamspeakclientcommandexevuln.nasl 5374 2017-02-20 16:36:11Z cfi $ TeamSpeak Client Arbitrary command execution vulnerability Windows Authors: Antu Sanadi...

TeamSpeak Client <= 2.0.32.60 Arbitrary Command Execution Vulnerability - Windows

The TeamSpeak client is prone to an arbitrary command execution vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

VERITAS NetBackup Remote Command Execution

VERITAS NetBackup Remote Command Execution. CVE-2004-1389. Remote exploits for multiple platform $Id: veritasnetbackupcmdexec.rb 10617 2010-10-09 06:55:52Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the...

hplip - &#039;hpssd.py&#039; From Address Arbitrary Command Execution (Metasploit)

$Id: hpliphpssdexec.rb 10617 2010-10-09 06:55:52Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framewor...

Irix LPD tagprinter Command Execution

Irix LPD tagprinter Command Execution. CVE-2001-0800. Remote exploit for irix platform $Id: tagprinterexec.rb 10561 2010-10-06 00:53:45Z hdm $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web si...

Update Protection against Symantec Alert Management System HNDLRSVC Arbitrary Command Execution

An arbitrary command execution vulnerability exists in Symantec Alert Management System AMS2 service shipped with multiple Symantec products. The AMS service starts an alert handler service, HNDLRSVC, that listens for commands from the AMS server. The service does not perform proper authenticatio...