Matt Wright guestbook.pl Arbitrary Command Execution

The 'guestbook.pl' is installed. This CGI has a well known security flaw that lets anyone execute arbitrary commands with the privileges of the HTTP daemon root or nobody. %NASLMINLEVEL 70300 This script was written by Mathieu Perrin See the Nessus Scripts License for details Changes by Tenable: ...

CVE-1999-1058

Buffer overflow in Vermillion FTP Daemon VFTPD 1.23 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via several long CWD commands...

CVE-1999-1511

Buffer overflows in Xtramail 1.11 allow attackers to cause a denial of service crash and possibly execute arbitrary commands via 1 a long PASS command in the POP3 service, 2 a long HELO command in the SMTP service, or 3 a long user name in the Control Service...

The Matt Wright Guestbook.pl 2.3.1 - Server-Side Include

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Matt Wright...

Alibaba tst.bat Arbitrary Command Execution

The 'tst.bat' CGI script is installed on this machine. This CGI has a well known security flaw that would allow an attacker to read arbitrary files on the remote system. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; ifdescription...

CVE-1999-0150

The Perl fingerd program allows arbitrary command execution from remote users...

CVE-1999-0202

The GNU tar command, when used in FTP sessions, may allow an attacker to execute arbitrary commands...

CVE-1999-0148

The IRIX environment is affected by CVE-1999-0148 due to the installed /cgi-bin/handler CGI, which has a well-known flaw that allows arbitrary command execution. The vulnerability can execute commands with the privileges of the HTTP daemon (root or nobody). Documents consistently describe it as r...

CVE-1999-0176

CVE-1999-0176 concerns the WebGais CGI, where the CGI script is installed on a web server and may allow a remote attacker to execute arbitrary commands. The core detail across connected documents is that the vulnerability enables code execution with the privileges of the web server process (e.g.,...

CVE-1999-0048

Talkd, when given corrupt DNS information, can be used to execute arbitrary commands with root privileges...

CVE-1999-0005

Arbitrary command execution via IMAP buffer overflow in authenticate command...

CVE-1999-0252

The CVE-1999-0252 entry concerns a buffer overflow in Listserv that allows arbitrary command execution. Connected sources corroborate: Red Hat and CVE ecosystems reference a buffer overflow in Listserv enabling arbitrary command execution. EUVD-1999-0252 adds a malware note, but no explicit vendo...

CVE-1999-0048

Technical details about CVE-1999-0048 are not publicly available in the provided documents. Monitor for updates from vendors and security advisories.

CVE-1999-0551

HP OpenMail can be misconfigured to allow users to run arbitrary commands using malicious print requests...

Microsoft MSN Messenger Service 1.0 Setup BBS - ActiveX Control Buffer Overflow

source: https://www.securityfocus.com/bid/668/info There is a buffer overflow in the 4.71.0.10 version of the MSN Setup BBS ActiveX control setupbbs.ocx.. This ActiveX control is marked 'Safe for Scripting' . Arbitrary commands may be executed if the ActiveX control is run in a malicious manner...

Microsoft Internet Explorer 4 (Windows 95/NT 4.0) - Setupctl ActiveX Control Buffer Overflow

Microsoft Internet Explorer 4.0 for Windows 95/Windows NT 4 Setupctl ActiveX Control Buffer Overflow source: https://www.securityfocus.com/bid/667/info There is a buffer overflow in the setupctl ActiveX control that used to ship with some versions of Microsoft's Internet Explorer. This ActiveX...

Microsoft Internet Explorer 4.15 - Registration Wizard Buffer Overflow

Microsoft Internet Explorer 4.15 - Registration Wizard Buffer Overflow Microsoft Internet Explorer 4.1/5.0 for Windows 95/Windows NT 4,Windows 98 Registration Wizard Buffer Overflow Vulnerability source: https://www.securityfocus.com/bid/671/info There is a buffer overflow in the Internet Explore...

Microsoft Internet Explorer 4.1/5 - Registration Wizard Buffer Overflow

Microsoft Internet Explorer 4.1/5.0 for Windows 95/Windows NT 4,Windows 98 Registration Wizard Buffer Overflow Vulnerability source: https://www.securityfocus.com/bid/671/info There is a buffer overflow in the Internet Explorer Registration Wizard control regwizc.dll. This control is marked 'Safe...

CVE-1999-0689

The CDE dtspcd daemon allows local users to execute arbitrary commands via a symlink attack...

CVE-1999-1064

Multiple buffer overflows in WindowMaker 0.52 through 0.60.0 allow attackers to cause a denial of service and possibly execute arbitrary commands by executing WindowMaker with a long program name argv0...