174 matches found
CVE-2016-5685
Dell iDRAC7 and iDRAC8 devices with firmware before 2.40.40.40 allow authenticated users to gain Bash shell access through a string injection...
CVE-2016-5685
Dell iDRAC7 and iDRAC8 devices with firmware before 2.40.40.40 allow authenticated users to gain Bash shell access through a string injection...
Sql injection
Dell iDRAC7 and iDRAC8 devices with firmware before 2.40.40.40 allow authenticated users to gain Bash shell access through a string injection...
CVE-2016-5685
Dell iDRAC7 and iDRAC8 devices with firmware before 2.40.40.40 allow authenticated users to gain Bash shell access through a string injection...
CVE-2016-5685
Dell iDRAC7 and iDRAC8 devices are affected when running firmware versions older than 2.40.40.40. The vulnerability is a string injection that allows authenticated users to gain Bash shell access. The issue is documented across multiple sources (NVD/NIST, CNVD, CVE records, and vendor/plugin refe...
Bash Shell X - Possible privilege escalation, Runtime command execution, Runtime privilege escalation vulnerabilities
HackApp vulnerability scanner discovered that application Bash Shell X published at the 'play' market has multiple vulnerabilities...
Windows 10 Attack Surface Grows with Linux Support in Anniversary Update
Microsoft’s release of Windows Anniversary Update last week included an optional feature called Windows Subsystem for Linux that allows native support for Linux binaries. That has some security experts concerned the Windows 10 attack surface has been expanded. The threat, according to Alex Ionesc...
How to run Graphical Ubuntu Linux from Bash Shell in Windows 10
You might be aware of Microsoft and Canonical's partnership to integrate "Bash on Ubuntu on Windows 10," which is typically a non-graphical Ubuntu running over Windows Subsystem for Linux. Windows 10 doesn’t officially support graphical Linux desktop applications. But, now we have noticed a very...
GNU Bash Environment Variable Command Injection Vulnerability
On September 24, 2014, a vulnerability in the Bash shell was publicly announced. The vulnerability is related to the way in which shell functions are passed though environment variables. The vulnerability may allow an attacker to inject commands into a Bash shell, depending on how the shell is...
Microsoft adds Linux Bash Shell and Ubuntu Binaries to Windows 10
'Microsoft loves Linux' so much that now the company is bringing the popular Bash shell, alongside the entire Linux command environment, to its newest Windows 10 OS in the upcoming 'Anniversary Update,' Redstone. The rumours before the Microsoft’s Build 2016 developer conference were true...
Bash environment variable command injection in Cisco UCS Manager
Added: 03/24/2016 CVE: CVE-2014-6278 BID: 70166 Background GNU Bash Bourne Again SHell is a command shell commonly used on Linux and Unix systems. Cisco UCS Manager is a product for management of Cisco UCS and Cisco HyperFlex infrastructure. Problem The Bash shell executes commands injected after...
iOS song of ice and fire fan outside the post - App Hook the Q & A and iOS 9 bash shell-vulnerability warning-the black bar safety net
In the previous Chapter we talked about in a non-jailbreak iOS on the App Hook. Using this technique, you can be in a non-jailbreak iOS on the system to achieve a variety of hook features, e.g., micro-channel auto-grab a red envelope, the automatic chat robot, game plug-in, etc. But because of...
Cisco Nexus 3000 Series and 3500 Platform Switches Insecure Default Credentials Vulnerability (cisco-sa-20160302-n3k)
A vulnerability in Cisco NX-OS Software running on Cisco Nexus 3000 Series Switches and Cisco Nexus 3500 Platform Switches could allow an unauthenticated, remote attacker to log in to the device with the privileges of the root user with bash shell access. Copyright C 2016 Greenbone Networks GmbH...
Cisco Nexus 3000/3500 Switch Default Credentials Vulnerability
Cisco Nexus is Cisco's family of network switches designed for data centers. A security vulnerability exists in NX-OS on Cisco Nexus 3000 series switches and Cisco Nexus 3500 platform switches, which originates from a user account that is created during installation and cannot be deleted or...
Advantech Switch Bash Environment Variable Code Injection Exploit
This Metasploit module exploits the Shellshock vulnerability, a flaw in how the Bash shell handles external environment variables. This Metasploit module targets the 'ping.sh' CGI script, accessible through the Boa web server on Advantech switches. This Metasploit module was tested against firmwa...
SolarWinds Log and Event Manager < 6.2.0 Multiple Remote Command Execution Vulnerabilities
According to its self-reported version number, the SolarWinds Log and Event Manager installed on the remote host is prior to version 6.2.0. It is, therefore, affected by multiple vulnerabilities : - A flaw exists in the messagebroker/nonsecurestreamingamf service when using the traceroute...
WedgeOS 4.0.4 Arbitrary File Read / Command Execution
, , . '.' '. ', . , '. , .', , / / / \ \ ==/ /\ \ / / \ / \ / / | \ \ Y Y \ / /| / \ /||| / / /.-. / /:wq x.0 '=.|w|.=' =''"''=. presents.. WedgeOS Multiple Vulnerabilities Affected versions: WedgeOS = 4.0.4 PDF: http://www.security-assessment.com/files/documents/advisory/WedgeOS-Final.pdf...
Important: Red Hat Security Advisory: bash Shift_JIS security update
Updated bash ShiftJIS packages that fix one security issue are now available for Red Hat Enterprise Linux 5.9 Extended Update Support. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...
Bash Environment Variable Handling Shell Command Injection Via CUPS
Added: 11/05/2014 CVE: CVE-2014-6271 BID: 70103 OSVDB: 112004 Background GNU Bash Bourne Again SHell is a command shell commonly used on Linux and Unix systems. CUPS is printing software for UNIX-like systems that allows a computer to act as a print server. Problem The Bash shell executes command...
VMware Workspace Portal Multiple Bash Shell Vulnerabilities (VMSA-2014-0010) (Shellshock)
The version of VMware Workspace Portal formerly known as VMware Horizon Workspace installed on the remote host is missing package updates. It is, therefore, affected by the following vulnerabilities in the Bash shell : - A command injection vulnerability exists in GNU Bash known as Shellshock,...