Hassan Consulting Shopping Cart 1.23 - Arbitrary Command Execution

Hassan Consulting Shopping Cart 1.23 - Arbitrary Command Execution source: https://www.securityfocus.com/bid/3308/info Hassan Consulting's Shopping Cart is commercial web store software. Shopping Cart does not filter certain types of user-supplied input from web requests. This makes it possible f...

Hassan Consulting Shopping Cart 1.23 - Arbitrary Command Execution

source: https://www.securityfocus.com/bid/3308/info Hassan Consulting's Shopping Cart is commercial web store software. Shopping Cart does not filter certain types of user-supplied input from web requests. This makes it possible for a malicious user to submit a request which causes arbitrary...

Network Associates CSMAP and smap/smapd vulnerable to buffer overflow thereby allowing arbitrary command execution

Overview A remotely exploitable buffer overflow exists in the Gauntlet Firewall. Description The buffer overflow occurs in the smap/smapd and CSMAP daemons. According to PGP Security, these daemons are responsible for handling email transactions for both inbound and outbound e-mail.This...

Irix LPD tagprinter - Command Execution (Metasploit)

Irix LPD tagprinter - Command Execution Metasploit $Id: tagprinterexec.rb 10561 2010-10-06 00:53:45Z hdm $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing...

Solaris 8.0 LPD - Command Execution (Metasploit)

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Solaris LPD...

Solaris 8.0 LPD - Command Execution (Metasploit)

Solaris 8.0 LPD - Command Execution Metasploit $Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...

Aladdin Ghostscript LD_RUN_PATH environment variable allows libraries to be loaded from current directory

Overview Alladin Ghostscript, a previewer for postscript files, uses an insecure value for the LDRUNPATH environment variable. This allows attackers to supply malicious libraries to be loaded from the current directory. Description Alladin Ghostscript is a previewer for postscript files. In...

SuSE Support Data Base sbsearch.cgi Arbitrary Command Execution

SuSE CGI 'sdbsearch.cgi' is installed. This CGI allows a local and possibly remote user to execute arbitrary commands with the privileges of the HTTP server. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; ifdescription scriptid10720;...

NetCode NC Book book.cgi current Parameter Arbitrary Command Execution

The CGI 'book.cgi' is installed. This CGI has a well known security flaw that lets an attacker execute arbitrary commands with the privileges of the http daemon. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include 'compat.inc' ; ifdescription scriptid10721; scriptversion"1.27";...

CVE-2001-0595

Buffer overflow in the kcsSUNWIOsolf.so library in Solaris 7 and 8 allows local attackers to execute arbitrary commands via the KCMSPROFILES environment variable, e.g. as demonstrated using the kcmsconfigure program...

SuSE 6.3/6.4/7.0 sdb - Arbitrary Command Execution

source: https://www.securityfocus.com/bid/3208/info An input validation error exists in sdb, the SuSE Support Data Base. The problem exists in the sdbsearch.cgi script, which uses data directly from the 'Referer' header field from a HTTP request as a path when opening it's "keylist.txt" file. The...

SuSE 6.36.47.0 sdb - Arbitrary Command Execution

SuSE 6.36.47.0 sdb - Arbitrary Command Execution source: https://www.securityfocus.com/bid/3208/info An input validation error exists in sdb, the SuSE Support Data Base. The problem exists in the sdbsearch.cgi script, which uses data directly from the 'Referer' header field from a HTTP request as...

Entrust - getAccess

hola friends, getAccesstm is used as a single-sign-on system often used for large internet-portals. --- snip http://www.entrust.com --- Entrust GetAccesstm offers the most comprehensive solution for consistently deploying and enforcing basic and enhanced security across online applications, from...

GNU findutils 4.04.1 - Locate Arbitrary Command Execution

GNU findutils 4.04.1 - Locate Arbitrary Command Execution // source: https://www.securityfocus.com/bid/3127/info GNU locate is an application that searches file databases for file names that match user-supplied patterns. A boundary condition error can occur when the program reads database files...

phpBB 1.x - Page Header Arbitrary Command Execution

source: https://www.securityfocus.com/bid/3167/info An input validation error exists in phpBB, a freely available WWW forums package. The problem is due to improper validation of some variables in phpBB. It is possible for users registered with the phpBB system to submit values for certain...

CVE-2001-0614

Carello E-Commerce 1.2.1 and earlier allows a remote attacker to gain additional privileges and execute arbitrary commands via a specially constructed URL...

CVE-2001-0349

CVE-2001-0349 affects Microsoft Windows 2000, specifically the Telnet Service. The Telnet Service creates named pipes to share data between session handlers, using an algorithm to name pipes that is easily predictable, and it does not properly verify the pipe names. If a local attacker with acces...

CVE-2001-0350

Microsoft Windows 2000 telnet service creates named pipes with predictable names and does not properly verify them, which allows local users to execute arbitrary commands by creating a named pipe with the predictable name and associating a malicious program with it, the second of two variants of...

CVE-2001-0980

docview before 1.0-15 allows remote attackers to execute arbitrary commands via shell metacharacters that are processed when converting a man page to a web page...

SimpleServer:WWW Encoded Traversal Arbitrary Command Execution

By sending a specially encoded string to the remote server, it is possible to execute remote commands with the privileges of the server. This script was written by Mathieu Meadele Script audit and contributions from Carmichael Security Erik Anderson nb: domain no longer exists Added BugtraqID...