Debian Security Advisory DSA 1486-1 (gnatsweb)

The remote host is missing an update to gnatsweb announced via advisory DSA 1486-1. OpenVAS Vulnerability Test $Id: deb14861.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1486-1 gnatsweb Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

Debian Security Advisory DSA 650-1 (sword)

The remote host is missing an update to sword announced via advisory DSA 650-1. OpenVAS Vulnerability Test $Id: deb6501.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 650-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

Debian: Security Advisory (DSA-650-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

ht://dig htsearch sort Parameter XSS

The htsearch CGI script is accessible through the remote web server. htsearch is a component of ht://Dig used to index and search documents such as web pages. The version of htsearch installed on the remote host fails to sanitize user-supplied input to the 'sort' parameter before using it to...

Alcatel-Lucent OmniPCX Remote Command Execution

Advisory: Alcatel-Lucent OmniPCX Remote Command Execution RedTeam Pentesting discovered a remote command execution in the Alcatel-Lucent OmniPCX during a penetration test. The masterCGI script of the OmniPXC integrated communication solution web interface is vulnerable to a remote command...

rt-sa-2007-001.txt

Advisory: Alcatel-Lucent OmniPCX Remote Command Execution RedTeam Pentesting discovered a remote command execution in the Alcatel-Lucent OmniPCX during a penetration test. The masterCGI script of the OmniPXC integrated communication solution web interface is vulnerable to a remote command...

[Full-disclosure] Secure Computing - Security Reporter Auth Bypass and Directory Traversal Vulnerability

SECURITYREPORTER - AUTHENTICATION BYPASS AND DIRECTORY TRAVERSAL VULNERABILITY Product: SecurityReporter Version: 4.6.3 Build Date: 04/20/2007 Platform: Win32 Vendor: Secure Computing www.securecomputing.com Product Description ------------------- "SecurityReporter is a security event analysis an...

Code injection

The DBAsciiAccess CGI Script in the web interface in Fujitsu-Siemens Computers ServerView before 4.50.09 allows remote attackers to execute arbitrary commands via shell metacharacters in the Servername subparameter of the ParameterList parameter...

CVE-2007-3011

Summary (concrete details): CVE-2007-3011 affects Fujitsu-Siemens ServerView prior to v4.50.09 where the DBAsciiAccess CGI script in the web interface processes the Servername subparameter of the ParameterList and fails to sanitize input, enabling remote command execution. An attacker can inject ...

Fujitsu ServerView DBASCIIAccess脚本远程代码执行漏洞

BUGTRAQ ID: 24762 CVECAN ID: CVE-2007-3011 ServerView是用于进行自动分析和版本维护的资产管理工具。 ServerView的Web接口处理用户数据时存在输入验证漏洞，远程攻击者可能利用此漏洞在服务器上以Web进程的权限执行任意命令。 DBAsciiAccess CGI脚本提供了ping功能，该脚本Parameterlist参数的Servername子参数给出了所要ping的IP地址，但没有对这个IP地址执行任何检查。如果在IP后添加了拖尾分号，攻击者就可以注入任意shell命令并以Web服务器进程的权限执行。 Fujitsu...

[Full-disclosure] Fujitsu-Siemens ServerView Remote Command Execution

Advisory: Fujitsu-Siemens ServerView Remote Command Execution RedTeam Pentesting discovered a remote command execution in the Fujitsu- Siemens ServerView during a penetration test. The DBAsciiAccess CGI script is vulnerable to a remote command execution because of a parameter which is not properl...

Fujitsu-Siemens ServerView code execution

Shell characters filtering problem in Web interface "ping" CGI script...

[SECURITY] Fedora Core 6 Update: mod_perl-2.0.2-6.2.fc6

Modperl incorporates a Perl interpreter into the Apache web server, so that the Apache web server can directly execute Perl code. Modperl links the Perl runtime library into the Apache web server and provides an object-oriented Perl interface for Apache's C language API. The end result is a quick...

[SECURITY] Fedora 7 Update: mod_perl-2.0.3-9.1.fc7

Modperl incorporates a Perl interpreter into the Apache web server, so that the Apache web server can directly execute Perl code. Modperl links the Perl runtime library into the Apache web server and provides an object-oriented Perl interface for Apache's C language API. The end result is a quick...

CVE-2007-2649

Deutsche Telekom T-com Speedport W 700v uses JavaScript delays for invalid authentication attempts to the CGI script, which allows remote attackers to bypass the delays and conduct brute-force attacks via direct calls to the authentication CGI script...

Authentication flaw

Deutsche Telekom T-com Speedport W 700v uses JavaScript delays for invalid authentication attempts to the CGI script, which allows remote attackers to bypass the delays and conduct brute-force attacks via direct calls to the authentication CGI script...

CVE-2007-2649

Deutsche Telekom T-com Speedport W 700v uses JavaScript delays for invalid authentication attempts to the CGI script, which allows remote attackers to bypass the delays and conduct brute-force attacks via direct calls to the authentication CGI script...

CVE-2007-2649

The CVE-2007-2649 entry concerns Deutsche Telekom Speedport W 700v. The device uses JavaScript delays to throttle invalid authentication attempts against a CGI script, but remote attackers can bypass these delays by issuing direct calls to the authentication CGI script, enabling brute-force attem...

OPeNDAP code execution vulnerability

Overview OPeNDAP server version 3 contains a vulnerability that allows an attacker to execute comands on the server. Description From the OPenNDAP website:OPeNDAP provides software which makes local data accessible to remote locations regardless of local storage format. OPeNDAP also provides tool...

Debian Linux apache privilege escalation

User can inject shell command into shell from where apache was started by using TIOCSTI ioctl on the ctty socket in CGI script...