[SECURITY] [DSA 238-1] New kdepim packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 238-1 [email protected] http://www.debian.org/security/ Martin Schulze January 23rd, 2003 http://www.debian.org/security/faq -...

YABB SE 0.81.41.5 - Packages.php Remote File Inclusion

YABB SE 0.81.41.5 - Packages.php Remote File Inclusion source: https://www.securityfocus.com/bid/6663/info YaBB SE allows remote users to influence the location of included files. A remote attacker may exploit this condition to cause an external, attacker-supplied file to be included and executed...

YABB SE 0.8/1.4/1.5 - 'Packages.php' Remote File Inclusion

source: https://www.securityfocus.com/bid/6663/info YaBB SE allows remote users to influence the location of included files. A remote attacker may exploit this condition to cause an external, attacker-supplied file to be included and executed by YABB SE. This may allow a remote attacker to execut...

Critical: Red Hat Security Advisory: : : : Updated CVS packages available

Updated cvs packages are now available for Red Hat Linux 6.2, 7, 7.1, 7.2, 7.3, and 8.0. These updates close a vulnerability which would permit arbitrary command execution on servers configured to allow anonymous read-only access. Updated 16 April 2003 Added packages for Red Hat Linux on IBM...

Half-Life AdminMod 2.50 Plugin - Remote Format String

Half-Life AdminMod 2.50 Plugin - Remote Format String // source: https://www.securityfocus.com/bid/6580/info // A format string vulnerability has been discovered in the Half-Life AdminMod plugin. The problem occurs in commands which call the selfmessage function, which is used by other functions ...

Half-Life AdminMod 2.50 Plugin - Remote Format String

// source: https://www.securityfocus.com/bid/6580/info // A format string vulnerability has been discovered in the Half-Life AdminMod plugin. The problem occurs in commands which call the selfmessage function, which is used by other functions to write a message to the users console. The format...

[SECURITY] [DSA 222-1] New xpdf packages fix arbitrary command execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 222-1 [email protected] http://www.debian.org/security/ Martin Schulze January 6th, 2003 http://www.debian.org/security/faq -...

CVE-2002-1991

PHP file inclusion vulnerability in osCommerce 2.1 execute arbitrary commands via the includefile parameter to includeonce.php...

CVE-2002-2040

The 1 phrafx and 2 phgrafx-startup programs in QNX realtime operating system RTOS 4.25 and 6.1.0 do not properly drop privileges before executing the system command, which allows local users to execute arbitrary commands by modifying the PATH environment variable to reference a malicious crttrap...

CVE-2002-2383

SQL injection vulnerability in f2html.pl 0.1 through 0.4 allows remote attackers to execute arbitrary SQL commands via file names...

Emacs 2.1 - Local Variable Arbitrary Command Execution

Emacs 2.1 - Local Variable Arbitrary Command Execution source: https://www.securityfocus.com/bid/15375/info Emacs is susceptible to an arbitrary command execution vulnerability with local variables. This issue is due to insufficient sanitization of user-supplied input. By modifying a text file to...

Emacs 2.1 - Local Variable Arbitrary Command Execution

source: https://www.securityfocus.com/bid/15375/info Emacs is susceptible to an arbitrary command execution vulnerability with local variables. This issue is due to insufficient sanitization of user-supplied input. By modifying a text file to include local variables containing containing shell...

Cyrus IMAP Server login Command Remote Overflow

According to its banner, the remote Cyrus IMAP server is vulnerable to a pre-login buffer overrun. An attacker without a valid login could exploit this, and would be able to execute arbitrary commands as the owner of the Cyrus process. This would allow full access to all users' mailboxes. This...

[SECURITY] [DSA 207-1] New tetex-lib packages fix arbitrary command execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 207-1 [email protected] http://www.debian.org/security/ Martin Schulze December 11th, 2002 http://www.debian.org/security/faq -...

[SECURITY] [DSA 207-1] New tetex-lib packages fix arbitrary command execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 207-1 [email protected] http://www.debian.org/security/ Martin Schulze December 11th, 2002 http://www.debian.org/security/faq -...

[SECURITY] [DSA 207-1] New tetex-lib packages fix arbitrary command execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 207-1 [email protected] http://www.debian.org/security/ Martin Schulze December 11th, 2002 http://www.debian.org/security/faq -...

DSA-207 tetex-bin - arbitrary command execution

Bulletin has no description...

[SECURITY] [DSA 203-1] New smb2www packages fix arbitrary command execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 203-1 [email protected] http://www.debian.org/security/ Martin Schulze December 4th, 2002 http://www.debian.org/security/faq -...

[SECURITY] [DSA 203-1] New smb2www packages fix arbitrary command execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 203-1 [email protected] http://www.debian.org/security/ Martin Schulze December 4th, 2002 http://www.debian.org/security/faq -...

DSA-203 smb2www - arbitrary command execution

Bulletin has no description...