8691 matches found
USN-178-1: Linux kernel vulnerabilities
Oleg Nesterov discovered a local Denial of Service vulnerability in the timer handling. When a non group-leader thread called exec to execute a different program while an itimer was pending, the timer expiry would signal the old group leader task, which did not exist any more. This caused a kerne...
man2web Multiple Scripts Arbitrary Command Execution
The remote host appears to be running man2web, a program for dynamically converting unix man pages to HTML. The installed version of man2web allows attackers to execute arbitrary shell commands on the remote host subject to the privileges of the web server user id. %NASLMINLEVEL 70300 C Tenable...
FreeStyle Wiki Arbitrary Command Injection Vulnerability
Secunia Advisory: SA16612 Release Date: 2005-08-30 Critical: Moderately critical Impact: System access Where: From remote Solution Status: Vendor Patch Software: FreeStyle Wiki 3.x Select a product and view a complete list of all Patched/Unpatched Secunia advisories affecting it. Description: A...
Netquery <= 3.11 nquser.php host Parameter Arbitrary Command Execution
The remote host is running Netquery, a suite of network information utilities written in PHP. The installed version of Netquery lets an attacker execute arbitrary commands within the context of the affected web server user id by passing them through the 'host' parameter of the 'nquser.php' script...
[SECURITY] [DSA 782-1] New bluez-utils packages fix arbitrary command execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 782-1 [email protected] http://www.debian.org/security/ Martin Schulze August 23rd, 2005 http://www.debian.org/security/faq -...
Multiple MacOS X vulnerabilities
Apple Mac OS X Directory Services contains a buffer overflow, Apple Mac OS X Server servermgrd authentication vulnerable to buffer overflow, Apple Mac OS X AppKit vulnerable to buffer overflow via the handling of maliciously crafted rich text files, Apple Mac OS X AppKit vulnerable to buffer...
Zorum 3.5 remote code execution poc exploit
Zorum 3.5 remote code execution poc exploit software: description: Zorum is a freely available, open source Web-based forum application implemented in PHP. It is available for UNIX, Linux, and any other platform that supports PHP script execution. author site: http://zorum.phpoutsourcing.com/ 1...
GLSA-200508-09 : bluez-utils: Bluetooth device name validation vulnerability
The remote host is affected by the vulnerability described in GLSA-200508-09 bluez-utils: Bluetooth device name validation vulnerability The name of a Bluetooth device is improperly validated by the hcid utility when a remote device attempts to pair itself with a computer. Impact : An attacker...
PHPOutsourcing Zorum 3.5 - 'Prod.php' Arbitrary Command Execution
source: https://www.securityfocus.com/bid/14601/info Zorum is prone to an arbitrary command execution vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. This issue may facilitate unauthorized remote access in the context of the Web server to...
PHPOutsourcing Zorum 3.5 - Prod.php Arbitrary Command Execution
PHPOutsourcing Zorum 3.5 - Prod.php Arbitrary Command Execution source: https://www.securityfocus.com/bid/14601/info Zorum is prone to an arbitrary command execution vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. This issue may facilitat...
[Full-disclosure] [ GLSA 200508-09 ] bluez-utils: Bluetooth device name validation vulnerability
Gentoo Linux Security Advisory GLSA 200508-09 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity:...
gforgeexec.txt
-------------------------------------------------------------------------- Vendor : Gforge http://gforge.org Product : gforge Affected versions : = 4.0 & Debian pkg 3.1-30 Vulnerability : Input validation flaw Problem-Type : remote Severity : High, arbitrary command execution Author : Filippo Spi...
AWStats Referrer Header Arbitrary Command Execution
The remote host is running AWStats, an open source web analytics tool used for analyzing data from internet services such as web, streaming, media, mail and FTP servers. The version of AWStats installed on the remote host collects data about the web referrers and uses them without proper sanitati...
[SECURITY] [DSA 772-1] New apt-cacher package fixes arbitrary command execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 772-1 [email protected] http://www.debian.org/security/ Martin Schulze August 3rd, 2005 http://www.debian.org/security/faq -...
WPS Web-Portal-System wps_shop.cgi art Parameter Arbitrary Command Injection
The remote host is running the WPS Web-Portal-System. The version of this software installed on the remote host is vulnerable to remote command execution flaw through the argument 'art' of the script 'wpsshop.cgi'. A malicious user could exploit this flaw to execute arbitrary commands on the remo...
[SECURITY] [DSA 762-1] New affix packages fix arbitrary command and code execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 762-1 [email protected] http://www.debian.org/security/ Martin Schulze July 19th, 2005 http://www.debian.org/security/faq -...
phpBB 2.0.15 Remote PHP Code Execution Exploit (metasploit)
Exploit for unknown platform in category web applications =========================================================== phpBB 2.0.15 Remote PHP Code Execution Exploit metasploit =========================================================== Title: phpBB 2.0.15 arbitrary command execution eXploit Name:...
phpBB 2.0.15 - PHP Remote Code Execution (Metasploit)
phpBB 2.0.15 - PHP Remote Code Execution Metasploit Title: phpBB 2.0.15 arbitrary command execution eXploit Name: phpphpbb2015.pm License: Artistic/BSD/GPL Info: Coded because of boredom. - This is an exploit module for the Metasploit Framework, please see http://metasploit.com/projects/Framework...
phpBB 2.0.15 - PHP Remote Code Execution (Metasploit)
Title: phpBB 2.0.15 arbitrary command execution eXploit Name: phpphpbb2015.pm License: Artistic/BSD/GPL Info: Coded because of boredom. - This is an exploit module for the Metasploit Framework, please see http://metasploit.com/projects/Framework for more information. package...
DSA-762-1 affix - several
Bulletin has no description...