7628 matches found
SecureCRT SSH1 protocol version string overflow
The remote host is using a vulnerable version of SecureCRT, a SSH/Telnet client built for Microsoft Windows operation systems. SPDX-FileCopyrightText: 2004 David Maciejak Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
guestbook.pl
The SPDX-FileCopyrightText: 1999 Mathieu Perrin Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.10099";...
Open WebMail vacation.pl Arbitrary Command Execution
The target is running at least one instance of Open WebMail in which the vacation.pl component fails to sufficiently validate user input. SPDX-FileCopyrightText: 2004 George A. Theall Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...
Fedora Core 3 : gdb-6.1post-1.20040607.43.0.1 (2005-1032)
This is an fc3 update for gdb regarding security issues : CVE-2005-1704 Integer Overflow in gdb This problem is that gdb's internal copy of bfd does not protect against heap-based overflow. CVE-2005-1705 gdb arbitrary command execution This problem allows unprotected .gdbinit files to execute...
ATutor 1.x - forum.inc.php Arbitrary Command Execution
ATutor 1.x - forum.inc.php Arbitrary Command Execution source: https://www.securityfocus.com/bid/15221/info ATutor is prone to multiple vulnerabilities. These issues can allow remote attackers to execute arbitrary PHP commands and carry out local file include and cross-site scripting attacks...
ATutor < 1.5.1-pl1 Multiple Remote Vulnerabilities (XSS, RFI, Command Exe)
The remote host is running ATutor, an open source, web-based Learning Content Management System LCMS written in PHP. The version of ATutor installed on the remote host may be vulnerable to arbitrary command execution, arbitrary file access, and cross-site scripting attacks. Successful exploitatio...
ATutor 1.x - 'forum.inc.php' Arbitrary Command Execution
source: https://www.securityfocus.com/bid/15221/info ATutor is prone to multiple vulnerabilities. These issues can allow remote attackers to execute arbitrary PHP commands and carry out local file include and cross-site scripting attacks. ATutor 1.5.1-pl1 and prior versions are affected...
Snoopy 0.9x/1.0/1.2 - Arbitrary Command Execution
source: https://www.securityfocus.com/bid/15213/info Snoopy is prone to a vulnerability that lets attackers execute arbitrary commands because the application fails to properly sanitize user-supplied input. This issue may facilitate unauthorized remote access to the application in the context of...
Snoopy 0.9x1.01.2 - Arbitrary Command Execution
Snoopy 0.9x1.01.2 - Arbitrary Command Execution source: https://www.securityfocus.com/bid/15213/info Snoopy is prone to a vulnerability that lets attackers execute arbitrary commands because the application fails to properly sanitize user-supplied input. This issue may facilitate unauthorized...
[SECURITY] [DSA 870-1] New sudo packages fix arbitrary command execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 870-1 [email protected] http://www.debian.org/security/ Martin Schulze October 25th, 2005 http://www.debian.org/security/faq -...
CVE-2004-2532
CVE-2004-2532 affects the Serv-U FTP Server prior to version 5.1.0.0. The issue arises from a default administrator account and password that allow a local user to authenticate to the server, create a new user, log in as that user, and then issue a SITE EXEC command to execute arbitrary commands ...
WebGUI 6.x - Arbitrary Command Execution
WebGUI 6.x - Arbitrary Command Execution source: https://www.securityfocus.com/bid/15083/info WebGUI is prone to an arbitrary command execution vulnerability. This is due to insufficient sanitization of user-supplied data. This issue can facilitate unauthorized remote access...
WebGUI 6.x - Arbitrary Command Execution
source: https://www.securityfocus.com/bid/15083/info WebGUI is prone to an arbitrary command execution vulnerability. This is due to insufficient sanitization of user-supplied data. This issue can facilitate unauthorized remote access...
SGI IRIX runpriv utility unfiltered shell characters vulnerability
Unfiltered shell characters allow to execute any command...
DEBIAN-CVE-2005-2966
The Python SVG import plugin diasvgimport.py for DIA 0.94 and earlier allows user-assisted attackers to execute arbitrary commands via a crafted SVG file...
security flaw
gdb before 6.3 searches the current working directory to load the .gdbinit configuration file, which allows local users to execute arbitrary commands as the user running gdb...
security flaw
fixproc in Net-snmp 5.x before 5.2.1-r1 creates temporary files insecurely, which allows local users to modify the contents of those files to execute arbitrary commands, or overwrite arbitrary files via a symlink attack...
Mandrake Linux Security Advisory : netpbm (MDKSA-2005:133)
Max Vozeler discovered that pstopnm, a part of the netpbm graphics utility suite, would call the GhostScript interpreter on untrusted PostScript files without using the -dSAFER option when converting a PostScript file into a PBM, PGM, or PNM file. This could result in the execution of arbitrary...
Low: Red Hat Security Advisory: net-snmp security update
Updated net-snmp packages that fix two security issues and various bugs are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. SNMP Simple Network Management Protocol is a protocol used for network management. A denial of service bug was...
Alkalay.Net Multiple Scripts Arbitrary Command Execution
The remote host appears to be running at least one CGI script written by Avi Alkalay that allows attackers to execute arbitrary commands or read arbitrary files on the remote host subject to the privileges of the web server user id. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...