[SECURITY] Fedora 20 Update: perl-CGI-Application-4.50-9.fc20

CGI::Application is an Object-Oriented Perl module which implements an Abstract Class. It is not intended that this package be instantiated directly. Instead, it is intended that your Application Module will be implemented as a Sub-Class of CGI::Application...

Fedora 20 : perl-CGI-Application-4.50-9.fc20 (2014-2999)

CGI::Application suffers from a flaw where, in certain cases, it would unexpectedly dump a complete set of web query data and server environment information as an error page. This could allow unintended disclosure of sensitive information. This update patches CGI::Application to no longer do so...

Fedora 19 : perl-CGI-Application-4.50-7.fc19 (2014-2998)

CGI::Application suffers from a flaw where, in certain cases, it would unexpectedly dump a complete set of web query data and server environment information as an error page. This could allow unintended disclosure of sensitive information. This update patches CGI::Application to no longer do so...

Updated perl-CGI-Application packages fix CVE-2013-7329

Updated perl-CGI-Application package fixes security vulnerability: When applications using CGI::Application overload setup, which is normally the case, CGI::Application since version 4.19 has dumphtml as a default run-mode unless the application explicitly redefines it. This unexpectedly dumps a...

MGASA-2014-0098 Updated perl-CGI-Application packages fix CVE-2013-7329

Updated perl-CGI-Application package fixes security vulnerability: When applications using CGI::Application overload setup, which is normally the case, CGI::Application since version 4.19 has dumphtml as a default run-mode unless the application explicitly redefines it. This unexpectedly dumps a...

HP OpenView Network Node Manager Multiple Code Execution Vulnerabilities (HPSBMU02712 SSRT100649)

The installed version of HP Network Node Manager is affected by the following vulnerabilities : - A remote code execution vulnerability exists because the 'nnmRptConfig.exe' CGI application does not adequately validate user-supplied input. CVE-2011-3165 - A remote code execution vulnerability...

CGI Generic XSS (persistent, 3rd Pass)

The remote web server hosts one or more CGI scripts that fail to adequately sanitize request strings containing malicious JavaScript. By leveraging this issue, an attacker may be able to cause arbitrary HTML and script code to be executed in a user's browser within the security context of the...

HP OpenView Network Node Manager Remote Execution of Arbitrary Code (HPSBMA02621 SSRT100352)

The version of HP OpenView Network Node Manager installed on the remote Windows host contains several vulnerabilities that can be exploited remotely to allow execution of arbitrary code within the context of the affected web server userid. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

HP OpenView Network Node Manager OvJavaLocale Buffer Overflow (CVE-2010-2709)

HP OpenView product consists of a suite of network and system management software applications developed by HP. It includes several optional modules and components, such as OpenView Quality Manager, OpenView Performance Insight, and OpenView Network Node Manager. A buffer overflow vulnerability h...

HP OpenView NNM OvJavaLocale Buffer Overflow Vulnerability

Advisory ID Internal CORE-2010-0608 1. Advisory Information Title: HP OpenView NNM OvJavaLocale Buffer Overflow Vulnerability Advisory Id: CORE-2010-0608 Date published: 2010-08-03 Date of last update: 2010-08-03 Vendors contacted: HP Release mode: Coordinated release 2. Vulnerability Information...

HP OpenView NNM ovet_demandpoll sel CGI Variable Format String Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ovetdemandpoll.exe process. This process can be started by invoking the...

Trouble Ticket Express fid Parameter Arbitrary Remote Code Execution

The remote host is running Trouble Ticket Express, an open source web-based trouble ticket application written in Perl. At least one module included with the version of Trouble Ticket Express hosted on the remote web server fails to sanitize input to the 'fid' parameter of the 'ttx.cgi' script...

HP OpenView Network Node Manager OVwSelection Buffer Overflow (CVE-2009-4181)

The HP OpenView product consists of a suite of network and system management software applications developed by HP. It includes several optional modules and components, such as OpenView Quality Manager, OpenView Performance Insight, OpenView Network Node Manager, etc. A buffer overflow...

Update Protection against HP OpenView Network Node Manager ovlogin.exe Buffer Overflow

A buffer overflow vulnerability exists in HP OpenView Network Node Manager NNM. The vulnerability is due to a boundary error in ovlogin.exe, the login process of a CGI application shipped with OpenView NNM. A remote unauthenticated attacker can exploit this vulnerability by sending a crafted HTTP...

Red Hat Directory Server Accept-Language HTTP Header Parsing Buffer Overflow (CVE-2008-2928)

Red Hat Directory Server is an LDAP-based server that centralizes application settings, user profiles, group data, policies, and access control information into an operating system-independent, network-based registry. Fedora Directory Server is a free version of Red Hat Directory Server. There...

TPTI-09-12: HP OpenView NNM ovalarm.exe CGI Accept-Language Stack Overflow Vulnerability

TPTI-09-12: HP OpenView NNM ovalarm.exe CGI Accept-Language Stack Overflow Vulnerability http://dvlabs.tippingpoint.com/advisory/TPTI-09-12 December 9, 2009 -- CVE ID: CVE-2009-4179 -- Affected Vendors: Hewlett-Packard -- Affected Products: Hewlett-Packard OpenView Network Node Manager --...

TPTI-09-10: HP OpenView NNM webappmon.exe CGI Host Header Buffer Overflow Vulnerability

TPTI-09-10: HP OpenView NNM webappmon.exe CGI Host Header Buffer Overflow Vulnerability http://dvlabs.tippingpoint.com/advisory/TPTI-09-10 December 9, 2009 -- CVE ID: CVE-2009-4177 -- Affected Vendors: Hewlett-Packard -- Affected Products: Hewlett-Packard OpenView Network Node Manager --...

HP Openview connectedNodes.ovpl Remote Command Execution

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'HP Openview...

HP OpenView Network Node Manager远程命令执行漏洞

BUGTRAQ ID: 33666 CVE ID：CVE-2008-4559 CNCVE ID：CNCVE-20084559 HP OpenView Network Node Manager是一款HP公司开发和维护的网络管理系统软件，具有强大的网络节点管理功能。 HP OpenView Network Node Manager CGI应用程序存在多个命令注入漏洞，远程攻击者可以利用漏洞执行任意SHELL命令。...

Real IIS always the back door decryption-bug warning-the black bar safety net

IIS is more popular in the www server, set the undue vulnerability on the lot. The invasion of the iis server after leaving the back door, since you can always control. Generally the backdoor is open a special Port to monitor, such as a nc,ntlm,rnc, etc. are based on a class telnet mode on the...