CGI bugs

No description provided...

CGI bugs

No description provided...

Apache descriptor leakage

Few descriptors, including descriptor to log file are leaked on CGI application execution...

Apache 2.x leaked descriptors

Hello, I noticed a problem with apache 2.x back in October and contacted the apache security team with the problem. They've had about 4 months to do something with the problem but haven't seen fit to fix it yet. The last time I tried to status their progress no one replied to my query. I was...

cPanel 5.0 - Guestbook.cgi Remote Command Execution (3)

cPanel 5.0 - Guestbook.cgi Remote Command Execution 3 source: https://www.securityfocus.com/bid/6882/info A remote command execution vulnerability has been discovered in the cPanel CGI Application. This issue occurs due to insufficient sanitization of externally supplied data to the 'guestbook.cg...

cPanel 5.0 - 'Guestbook.cgi' Remote Command Execution (3)

source: https://www.securityfocus.com/bid/6882/info A remote command execution vulnerability has been discovered in the cPanel CGI Application. This issue occurs due to insufficient sanitization of externally supplied data to the 'guestbook.cgi' script. An attacker may exploit this vulnerability ...

cPanel 5.0 - 'Guestbook.cgi' Remote Command Execution (2)

source: https://www.securityfocus.com/bid/6882/info A remote command execution vulnerability has been discovered in the cPanel CGI Application. This issue occurs due to insufficient sanitization of externally supplied data to the 'guestbook.cgi' script. An attacker may exploit this vulnerability ...

PHP < 4.3.1 CGI Module Force Redirect Settings Bypass Arbitrary File Access

The remote host is running PHP 4.3.0. There is a flaw in this version that could allow an attacker to execute arbitrary PHP code on this host. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid11237;...

PHP CGI unauthorized access

--enable-force-cgi-redirect option doesn't work. It allows remote file access and custom PHP code execution...

PHP Security Advisory: CGI vulnerability in PHP version 4.3.0

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 PHP Security Advisory: CGI vulnerability in PHP version 4.3.0 Issued on: February 17, 2003 Software: PHP/CGI version 4.3.0 Platforms: All The PHP Group has learned of a serious security vulnerability in the CGI SAPI of PHP version 4.3.0. Description P...

CGI bugs

No description provided...

CGI::Lite protection bypass

Not all dangerous shell characters are filtered by CGI::Lite::escapedangerouschars...

Security bug in CGI::Lite::escape_dangerous_chars&#40;&#41; function

SUBJECT Security bug in CGI::Lite::escapedangerouschars function, part of the CGI::Lite 2.0 package, and earlier revisions thereof. SUMMARY The CGI::Lite::escapedangerouschars function fails to escape the entire set of special characters that may have significance to the underlying shell command...

CGI bugs

No description provided...

CVE-2003-0057

Multiple buffer overflows in Hypermail 2 before 2.1.6 allows remote attackers to cause a denial of service and possibly execute arbitrary code 1 via a long attachment filename that is not properly handled by the hypermail executable, or 2 by connecting to the mail CGI program from an IP address...

CGI bugs

No description provided...

Hypermail buffer overflows

Hypermail buffer overflows PROGRAM: Hypermail HOMEPAGE: http://www.hypermail.org/ SOURCEFORGE PAGE: http://sourceforge.net/projects/hypermail/ VULNERABLE VERSIONS: 2.1.3, 2.1.4, 2.1.5, possibly others IMMUNE VERSIONS: 2.1.6 DESCRIPTION: "Hypermail 2 is a much enhanced version of the popular tool...

CGI bugs

No description provided...

Trend Micro OfficeScan 3.x - CGI Directory Insufficient Permissions

Trend Micro OfficeScan 3.x - CGI Directory Insufficient Permissions source: https://www.securityfocus.com/bid/6616/info A vulnerability has been reported for Trend Micro OfficeScan that may allow attackers to access programs residing in the cgi directory of the OfficeScan installation...

Trend Micro OfficeScan 3.x - CGI Directory Insufficient Permissions

source: https://www.securityfocus.com/bid/6616/info A vulnerability has been reported for Trend Micro OfficeScan that may allow attackers to access programs residing in the cgi directory of the OfficeScan installation. http://x.x.x.x/officescan/cgi/cgiMasterPwd.exe...