43 matches found
EUVD-2005-3253
Malware in sbrugna...
EUVD-2001-0969
Malware in sbrugna...
EUVD-2006-0773
Malware in sbrugna...
EUVD-2008-2845
Malware in sbrugna...
EUVD-1999-1511
Malware in sbrugna...
CVE-2005-3254
The CGIwrap program before 3.9 on Debian GNU/Linux uses an incorrect minimum value of 100 for a UID to determine whether it can perform a seteuid operation, which could allow attackers to execute code as other system UIDs that are greater than the minimum value, which should be 1000 on Debian...
CGIWrap 2.x/3.x Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/3081/info CGIWrap is a free, open-source program for running CGI securely. CGIWrap does not filter embedded scripting commands from user-supplied input. A web user may submit a malicious link into any form which displays...
FreeBSD Ports: cgiwrap
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
FreeBSD Ports: cgiwrap
The remote host is missing an update to the system as announced in the referenced advisory. VID bc6a7e79-e111-11dd-afcd-00e0815b8da8 OpenVAS Vulnerability Test $ Description: Auto generated from VID bc6a7e79-e111-11dd-afcd-00e0815b8da8 Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...
FreeBSD : cgiwrap -- XSS Vulnerability (bc6a7e79-e111-11dd-afcd-00e0815b8da8)
Secunia reports : A vulnerability has been reported in CGIWrap, which can be exploited by malicious people to conduct cross-site scripting attacks. The vulnerability is caused due to the application generating error messages without specifying a charset. This can be exploited to execute arbitrary...
CGIWrap Charset Specification Weakness Error Message XSS
The remote host is running CGIWrap, a wrapper for CGI scripts to provide enhanced security. The version of CGIWrap installed on the remote host does not specify a charset when responses are for error pages. An attacker may be able to leverage this issue to inject arbitrary HTML and script code in...
CVE-2008-2852
Cross-site scripting XSS vulnerability in CGIWrap before 4.1, when an Internet Explorer based browser is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to failure to set the charset in error messages...
Cross site scripting
Cross-site scripting XSS vulnerability in CGIWrap before 4.1, when an Internet Explorer based browser is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to failure to set the charset in error messages...
CVE-2008-2852
CGIWrap before 4.1 is affected by CVE-2008-2852, an XSS due to error messages not specifying a charset. When using Internet Explorer-based browsers, attackers could inject arbitrary HTML/JS via error responses. The OpenVAS/Nessus/VM sources confirm the IE-specific vector and the CGIWrap XSS descr...
CVE-2008-2852
Cross-site scripting XSS vulnerability in CGIWrap before 4.1, when an Internet Explorer based browser is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to failure to set the charset in error messages...
CGIWrap error page cross-site scripting vulnerability
Overview CGIWrap error page is vulnerable to a cross-site scripting. CGIWrap is a gateway program that allows general users to use CGI scripts and HTML forms on the web server. CGIWrap contains a cross-site scripting vulnerability as it does not specify charset in the error page. Hirohisa Yamaguc...
JVN#45389864 CGIWrap error page cross-site scripting vulnerability
CGIWrap is a gateway program that allows general users to use CGI scripts and HTML forms on the web server. CGIWrap contains a cross-site scripting vulnerability as it does not specify charset in the error page. Impact An arbitrary script may be executed on the user's web browser. Solution Update...
cgiwrap -- XSS Vulnerability
Secunia reports: A vulnerability has been reported in CGIWrap, which can be exploited by malicious people to conduct cross-site scripting attacks. The vulnerability is caused due to the application generating error messages without specifying a charset. This can be exploited to execute arbitrary...
Information disclosure
CGIWrap before 3.10 allows remote attackers to obtain sensitive information via unknown attack vectors that cause errors in scripts that reveal system information...
CVE-2006-0767
CGIWrap before 3.10 allows remote attackers to obtain sensitive information via unknown attack vectors that cause errors in scripts that reveal system information...