Ubuntu: Security Advisory (USN-1613-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

JVN#58160713: MyWebSearch vulnerable to cross-site scripting

MyWebSearch is a CGI script for searching within a website. MyWebSearch contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest version according to the information provided by the...

squidclamav -- cross-site scripting in default virus warning pages

SquidClamav developers report: This release fix several security issues by escaping CGI parameters. Prior to versions 6.7 and 5.8, CGI script clwarn.cgi was not properly sanitizing input variables, so they could be used to inject arbitrary strings to the generated page, leading to the cross-site...

php: incomplete CVE-2012-1823 fix - missing filtering of -T and -h

sapi/cgi/cgimain.c in PHP before 5.3.13 and 5.4.x before 5.4.3, when configured as a CGI script aka php-cgi, does not properly handle query strings that lack an = equals sign character, which allows remote attackers to cause a denial of service resource consumption by placing command-line options...

VulnCheck KEV: CVE-2012-1823

sapi/cgi/cgimain.c in PHP, when configured as a CGI script, does not properly handle query strings, which allows remote attackers to execute arbitrary code...

PHP CGI Query String Parameters Command Execution

Added: 05/15/2012 CVE: CVE-2012-1823 BID: 53388 OSVDB: 81633 Background PHP is a widely used general-purpose scripting language that is especially suited for Web development. Problem When configured as a CGI script aka php-cgi, PHP does not properly handle query string parameters which are passed...

Design/Logic Flaw

sapi/cgi/cgimain.c in PHP before 5.3.13 and 5.4.x before 5.4.3, when configured as a CGI script aka php-cgi, does not properly handle query strings that contain a %3D sequence but no = equals sign character, which allows remote attackers to execute arbitrary code by placing command-line options i...

EUVD-2012-2329

sapi/cgi/cgimain.c in PHP before 5.3.13 and 5.4.x before 5.4.3, when configured as a CGI script aka php-cgi, does not properly handle query strings that lack an = equals sign character, which allows remote attackers to cause a denial of service resource consumption by placing command-line options...

WebGlimpse query Parameter Command Injection

The version of WebGlimpse installed on the remote host does not sufficiently sanitize user input to the 'query' parameter of the 'webglimpse.cgi' script before using it to construct and then run a command. An unauthenticated, remote attacker can leverage this issue to execute arbitrary code on th...

Moderate: Red Hat Security Advisory: httpd security update

Updated httpd packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

AirTies-4450 Unauthorized Remote Reboot

!/usr/bin/perl Title: AirTies-4450 Unauthorized Remote Reboot DoS. Type: hardware Tested on firmware: AirTiesAir4450RUFW1.1.2.18.bin Author: rigan - imrigan sobachka gmail.com The description of the device from a site of the vendor: With its Access Point and Router functionality, the Air 4450...

AirTies-4450 - Unauthorized Remote Reboot (Denial of Service)

AirTies-4450 - Unauthorized Remote Reboot Denial of Service !/usr/bin/perl Title: AirTies-4450 Unauthorized Remote Reboot DoS. Type: hardware Tested on firmware: AirTiesAir4450RUFW1.1.2.18.bin Author: rigan - imrigan sobachka gmail.com The description of the device from a site of the vendor: With...

(CGIHTTPServer): CGI script source code disclosure

The iscgi method in CGIHTTPServer.py in the CGIHTTPServer module in Python 2.5, 2.6, and 3.0 allows remote attackers to read script source code via an HTTP GET request that lacks a / slash character at the beginning of the URI...

RHEL 4 : python (RHSA-2011:0491)

The remote Redhat Enterprise Linux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2011:0491 advisory. Python is an interpreted, interactive, object-oriented programming language. A flaw was found in the Python urllib and urllib2 libraries whe...

(CGIHTTPServer): CGI script source code disclosure

The iscgi method in CGIHTTPServer.py in the CGIHTTPServer module in Python 2.5, 2.6, and 3.0 allows remote attackers to read script source code via an HTTP GET request that lacks a / slash character at the beginning of the URI...

HTB22881: SQL injection vulnerability in CosmoShop

Vulnerability ID: HTB22881 Reference: http://www.htbridge.ch/advisory/sqlinjectionvulnerabilityincosmoshop.html Product: CosmoShop Vendor: Zaunz Publishing GmbH http://www.cosmoshop.de/ Vulnerable Version: ePRO V10.05.00 Vendor Notification: 24 February 2011 Vulnerability Type: Blind SQL Injectio...

mathTeX mathtex.cgi getdirective Function dpi Tag Arbitrary Code Execution

The remote web server hosts mathTeX, a CGI script for displaying math on the web. The version of this application installed on the remote host fails to sanitize input via the 'dpi' or 'density' tags in an expression of shell metacharacters in the 'getdirective' function before using it in a call ...

SurgeMail surgeweb XSS

The remote web server hosts a CGI script that fails to adequately sanitize request strings with malicious JavaScript. By leveraging this issue, an attacker may be able to cause arbitrary HTML and script code to be executed in a user's browser within the security context of the affected site...

[SECURITY] [DSA 2090-1] New socat packages fix arbitrary code execution

------------------------------------------------------------------------ Debian Security Advisory DSA-2090-1 [email protected] http://www.debian.org/security/ Luciano Bello August 06, 2010 http://www.debian.org/security/faq -...

DSA-2090-1 socat - arbitrary code execution

Bulletin has no description...