462 matches found
Multiple Tor World CGI scripts vulnerable to arbitrary script execution
Overview Multiple Tor World CGI scripts contain a vulnerability which may allow an arbitrary script execution. Tor World provides CGI scripts for implementing search engines, message boards, and other tools. Multiple Tor World CGI scripts contain a vulnerability which may allow an attacker to...
CVE-2008-4077
The CGI scripts in 1 LedgerSMB LSMB before 1.2.15 and 2 SQL-Ledger 2.8.17 and earlier allow remote attackers to cause a denial of service resource exhaustion via an HTTP POST request with a large Content-Length...
CVE-2008-4077
The CGI scripts in 1 LedgerSMB LSMB before 1.2.15 and 2 SQL-Ledger 2.8.17 and earlier allow remote attackers to cause a denial of service resource exhaustion via an HTTP POST request with a large Content-Length...
Code injection
The CGI scripts in 1 LedgerSMB LSMB before 1.2.15 and 2 SQL-Ledger 2.8.17 and earlier allow remote attackers to cause a denial of service resource exhaustion via an HTTP POST request with a large Content-Length...
CVE-2008-4077
The CGI scripts in 1 LedgerSMB LSMB before 1.2.15 and 2 SQL-Ledger 2.8.17 and earlier allow remote attackers to cause a denial of service resource exhaustion via an HTTP POST request with a large Content-Length...
CVE-2008-4077
The CGI scripts in 1 LedgerSMB LSMB before 1.2.15 and 2 SQL-Ledger 2.8.17 and earlier allow remote attackers to cause a denial of service resource exhaustion via an HTTP POST request with a large Content-Length...
CVE-2008-4077
LedgerSMB pre-1.2.15 and SQL-Ledger 2.8.17 and earlier are affected by CVE-2008-4077. The issue arises in the CGI scripts, where an HTTP POST with a large Content-Length can cause resource exhaustion (DoS). The vulnerability is exploited remotely via crafted requests to the CGI endpoints. Remedia...
Red Hat Fedora目录服务器HTTP非转义函数缓冲区溢出漏洞
BUGTRAQ ID: 31106 CVE ID:CVE-2008-2932 CNCVE ID:CNCVE-20082932 Red Hat Fedora Directory Server是一款目录服务程序。 Red Hat Fedora Directory Server adminutil不正确处理用户输入,远程攻击者可以利用漏洞进行缓冲区溢出,以应用程序权限执行任意指令。 adminutil是一款Red Hat / Fedora Directory Server附带的多个CGI脚本使用的通用函数库。 adminutil...
CVE-2008-2932
Heap-based buffer overflow in Red Hat adminutil 1.1.6 allows remote attackers to cause a denial of service daemon crash or possibly execute arbitrary code via % percent encoded HTTP input to unspecified CGI scripts in Fedora Directory Server. NOTE: this vulnerability exists because of an incorrec...
CVE-2008-2932
Heap-based buffer overflow in Red Hat adminutil 1.1.6 allows remote attackers to cause a denial of service daemon crash or possibly execute arbitrary code via % percent encoded HTTP input to unspecified CGI scripts in Fedora Directory Server. NOTE: this vulnerability exists because of an incorrec...
PT-2008-4370 · Red Hat · Red Hat Adminutil
Name of the Vulnerable Software and Affected Versions: Red Hat adminutil version 1.1.6 Description: A heap-based buffer overflow issue exists, allowing remote attackers to cause a denial of service or possibly execute arbitrary code via percent encoded HTTP input to unspecified CGI scripts in...
JVN#18616622 Multiple Tor World CGI scripts vulnerable to arbitrary script execution
Tor World provides CGI scripts for implementing search engines, message boards, and other tools. Multiple Tor World CGI scripts contain a vulnerability which may allow an attacker to inject an arbitrary script into the web page which is generated by the affected product. This vulnerability is...
[SECURITY] Fedora 9 Update: perl-5.10.0-27.fc9
Perl is a high-level programming language with roots in C, sed, awk and shell scripting. Perl is good at handling processes and files, and is especially good at handling text. Perl's hallmarks are practicality and efficiency. While it is used to do a lot of different things, Perl's most common...
JVN#45389864 CGIWrap error page cross-site scripting vulnerability
CGIWrap is a gateway program that allows general users to use CGI scripts and HTML forms on the web server. CGIWrap contains a cross-site scripting vulnerability as it does not specify charset in the error page. Impact An arbitrary script may be executed on the user's web browser. Solution Update...
Cross-site scripting vulnerability in multiple Tor World CGI scripts
Overview Multiple Tor World CGI scripts contain a cross-site scripting vulnerability. Tor World provides CGI scripts for implementing search engines, message boards, and other tools. Multiple Tor World CGI scripts contain a cross-site scripting vulnerability. Impact An arbitrary script can be...
[SECURITY] Fedora 7 Update: perl-5.8.8-29.fc7
Perl is a high-level programming language with roots in C, sed, awk and shell scripting. Perl is good at handling processes and files, and is especially good at handling text. Perl's hallmarks are practicality and efficiency. While it is used to do a lot of different things, Perl's most common...
Fedora 7 : fedora-ds-admin-1.1.4-1.fc7 (2008-3214)
This release addresses two security vulerabilities in the package: - shell command injection in CGI replication monitor CVE-2008-0892 - unrestricted access to CGI scripts CVE-2008-0893 Fix Description: Remove ScriptAlias for bin/admin/admin/bin - do not use that directory for CGI URIs - use only...
WEBrick Encoded Traversal Arbitrary CGI Source Disclosure
The remote instance of WEBrick, a standard library of Ruby to implement HTTP servers, allows an attacker to view the source of CGI scripts hosted by the affected application by appending to the URL certain characters, such as '+', '%2b', '.', '%2e', or '%20'. Note that successful exploitation may...
Design/Logic Flaw
Red Hat Administration Server, as used by Red Hat Directory Server 8.0 EL4 and EL5, does not properly restrict access to CGI scripts, which allows remote attackers to perform administrative actions...
CVE-2008-0893
Red Hat Administration Server, as used by Red Hat Directory Server 8.0 EL4 and EL5, does not properly restrict access to CGI scripts, which allows remote attackers to perform administrative actions...