Vulnerability of Cisco Nexus 7000 software, allowing attackers to access confidential information

The GNU Bash command shell, as of version 4.3 bash43-025 and later, incorrectly handles lines that follow the declaration of a specially crafted function, which is exported as a variable. This allows a malicious actor to read and write arbitrary files, as well as perform other undefined actions...

The vulnerability of Cisco Nexus 1000V software allows a malicious actor to execute arbitrary code.

The GNU Bash command shell, as of version 4.3 and later, incorrectly handles lines that follow the declaration of a function exported as a variable. This allows a malicious actor to execute arbitrary code by interfering with environment variables. Security researchers have confirmed that this...

DEBIAN-CVE-2014-6277

GNU Bash through 4.3 bash43-026 does not properly parse function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code or cause a denial of service uninitialized memory access, and untrusted-pointer read and write operations via a crafted...

httpd: mod_cgid denial of service

A denial of service flaw was found in the way httpd's modcgid module executed CGI scripts that did not read data from the standard input. A remote attacker could submit a specially crafted request that would cause the httpd child process to hang indefinitely...

Path traversal

Absolute path traversal vulnerability in the webproc cgi module on the Belkin N150 F9K1009 v1 router with firmware before 1.00.08 allows remote attackers to read arbitrary files via a full pathname in the getpage parameter...

CVE-2014-2962

The Belkin N150 router (F9K1009, v1) contains a path traversal flaw in the webproc CGI module. The getpage parameter accepts an unrestricted file path, and the web server runs with root privileges, enabling an unauthenticated attacker on the LAN to read arbitrary files. Affected firmwares are bef...

Amazon Linux AMI : perl (ALAS-2013-177)

A heap overflow flaw was found in Perl. If a Perl application allowed user input to control the count argument of the string repeat operator, an attacker could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application...

Oracle Linux 5 : perl (ELSA-2011-1797)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2011-1797 advisory. - CVE-2010-2761 CVE-2010-4410 perl: CGI module multiple issues fixed by security patch based on commit from version 3.50 - CVE-2010-2761 CVE-2010-4410...

Mandriva Linux Security Advisory : munin (MDVSA-2013:105)

Updated munin packages fix security vulnerabilities : The qmailscan plugin for Munin before 2.0 rc6 allows local users to overwrite arbitrary files via a symlink attack on temporary files with predictable names CVE-2012-2103. Munin before 2.0.6 stores plugin state files that run as root in the sa...

Medium: perl

Issue Overview: A heap overflow flaw was found in Perl. If a Perl application allowed user input to control the count argument of the string repeat operator, an attacker could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the...

CentOS Update for perl CESA-2013:0685 centos6

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scripttagname:"affected", value:"per...

CentOS 5 / 6 : perl (CESA-2013:0685)

Updated perl packages that fix multiple security issues now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

RHEL 5 / 6 : perl (RHSA-2013:0685)

Updated perl packages that fix multiple security issues now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

perl security update

CentOS Errata and Security Advisory CESA-2013:0685 Updated perl packages that fix multiple security issues now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base...

Moderate: Red Hat Security Advisory: perl security update

Updated perl packages that fix multiple security issues now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

Sonicwall OEM Scrutinizer v9.5.2 - Multiple Vulnerabilities

Title: ====== Sonicwall OEM Scrutinizer v9.5.2 - Multiple Vulnerabilities Date: ===== 2013-02-14 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=786 VL-ID: ===== 786 Common Vulnerability Scoring System: ==================================== 5.2 Introduction: ============...

Active Perl CGI.pm 'Set-Cookie' and 'P3P' HTTP Header Injection Vulnerability (Windows)

The host is installed with Active Perl and is prone to HTTP header injection vulnerability. OpenVAS Vulnerability Test $Id: gbactiveperlcgipmmoduleheaderinjevulnwin.nasl 6086 2017-05-09 09:03:30Z teissa $ Active Perl CGI.pm 'Set-Cookie' and 'P3P' HTTP Header Injection Vulnerability Windows Author...

Debian DSA-2587-1 : libcgi-pm-perl - HTTP header injection

It was discovered that the CGI module for Perl does not filter LF characters in the Set-Cookie and P3P headers, potentially allowing attackers to inject HTTP headers. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...

[SECURITY] Fedora 18 Update: perl-CGI-3.51-10.fc18

CGI.pm is a stable, complete and mature solution for processing and prepari ng HTTP requests and responses. Major features including processing form submissions, file uploads, reading and writing cookies, query string genera tion and manipulation, and processing and preparing HTTP headers. Some...

CVE-2012-3513

munin-cgi-graph in Munin before 2.0.6, when running as a CGI module under Apache, allows remote attackers to load new configurations and create files in arbitrary directories via the logdir command...