615 matches found
CVE-2017-1000502
Users with permission to create or configure agents in Jenkins 1.37 and earlier could configure an EC2 agent to run arbitrary shell commands on the master node whenever the agent was supposed to be launched. Configuration of these agents now requires the 'Run Scripts' permission typically only...
Debian DLA-1252-1 : couchdb security update
CVE-2017-12635 Prevent non-admin users to give themselves admin privileges. CVE-2017-12636 Blacklist some configuration options to prevent execution of arbitrary shell commands as the CouchDB user For Debian 7 'Wheezy', these problems have been fixed in version 1.2.0-5+deb7u1. We recommend that y...
Updated backintime packages fix security vulnerability
backintime aka Back in Time before 1.1.24 did improper escaping/quoting of file paths used as arguments to the 'notify-send' command, leading to some parts of file paths being executed as shell commands within an os.system call in qt4/plugins/notifyplugin.py. This could allow an attacker to craft...
Debian DLA-1212-1 : otrs2 security update
Four vulnerabilities were discovered in the Open Ticket Request System which could result in information disclosure or the execution of arbitrary shell commands by logged-in agents. For Debian 7 'Wheezy', these problems have been fixed in version 3.3.18-1deb7u2. We recommend that you upgrade your...
[SECURITY] [DLA 1212-1] otrs2 security update
Package : otrs2 Version : 3.3.18-1deb7u2 CVE ID : CVE-2017-15864 CVE-2017-16664 CVE-2017-16854 CVE-2017-16921 Four vulnerabilities were discovered in the Open Ticket Request System which could result in information disclosure or the execution of arbitrary shell commands by logged-in agents. For...
[SECURITY] [DSA 4066-1] otrs2 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4066-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff December 17, 2017 https://www.debian.org/security/faq -...
CVE-2017-16921
In OTRS 6.0.x up to and including 6.0.1, OTRS 5.0.x up to and including 5.0.24, and OTRS 4.0.x up to and including 4.0.26, an attacker who is logged into OTRS as an agent can manipulate form parameters related to PGP and execute arbitrary shell commands with the permissions of the OTRS or web...
CVE-2017-16921
In OTRS 6.0.x up to and including 6.0.1, OTRS 5.0.x up to and including 5.0.24, and OTRS 4.0.x up to and including 4.0.26, an attacker who is logged into OTRS as an agent can manipulate form parameters related to PGP and execute arbitrary shell commands with the permissions of the OTRS or web...
Debian DSA-4052-1 : bzr - security update
Adam Collard discovered that Bazaar, an easy to use distributed version control system, did not correctly handle maliciously constructed bzr+ssh URLs, allowing a remote attacker to run an arbitrary shell command. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and packag...
[SECURITY] [DSA 4052-1] bzr security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4052-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso November 29, 2017 https://www.debian.org/security/faq -...
Debian: Security Advisory (DSA-4047-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CouchDB: Multiple vulnerabilities
Background Apache CouchDB is a distributed, fault-tolerant and schema-free document-oriented database. Description Multiple vulnerabilities have been discovered in CouchDB. Please review the CVE identifiers referenced below for details. Impact A remote attacker could execute arbitrary shell...
Zeta Components Mail 1.8.1 - Remote Code Execution Vulnerability
Exploit for php platform in category web applications Vendor: Zeta Components module: Mail, returnPath-email”; If attacker assign email address like: 'email protected -X/var/www/html/cache/exploit.php' and inject payload in mail body, sendmail will transfer log-X into...
Zeta Components Mail 1.8.1 - Remote Code Execution
Vendor: Zeta Components module: Mail, returnPath-email”; If attacker assign email address like: '[email protected] -X/var/www/html/cache/exploit.php' and inject payload in mail body, sendmail will transfer log-X into /var/www/html/cache/exploit.php. The resulting file will contain t...
Apache CouchDB 1.x < 1.7.0, 2.x < 2.1.1 Multiple Vulnerabilities - Windows
Apache CouchDB is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apache:couchdb"; ifdescripti...
Zeta Components Mail 1.8.1 - Remote Code Execution
Zeta Components Mail 1.8.1 - Remote Code Execution Vendor: Zeta Components module: Mail, returnPath-email”; If attacker assign email address like: '[email protected] -X/var/www/html/cache/exploit.php' and inject payload in mail body, sendmail will transfer log-X into...
Design/Logic Flaw
CouchDB administrative users can configure the database server via HTTPS. Some of the configuration options include paths for operating system-level binaries that are subsequently launched by CouchDB. This allows an admin user in Apache CouchDB before 1.7.0 and 2.x before 2.1.1 to execute arbitra...
CVE-2017-12636
CouchDB administrative users can configure the database server via HTTPS. Some of the configuration options include paths for operating system-level binaries that are subsequently launched by CouchDB. This allows an admin user in Apache CouchDB before 1.7.0 and 2.x before 2.1.1 to execute arbitra...
CVE-2017-12636
CVE-2017-12636 affects Apache CouchDB prior to 1.7.0 and 2.x prior to 2.1.1, where an admin-configured HTTP(S) interface can point to OS binaries, enabling arbitrary shell commands to be executed as the CouchDB user. Multiple connected documents corroborate this RCE via configuration, with exploi...
CVE-2017-16667
CVE-2017-16667 - Summary : The Back in Time tool (backintime) prior to version 1.1.24 improperly escapes/quotes file paths passed to the notify-send command, causing parts of the path to be executed as shell commands inside an os.system call in qt4/plugins/notifyplugin.py. This enables a context-...