CLSA-2022-1655901847 Fix CVE(s): CVE-2022-2042

SECURITY UPDATE: Using uninitialized value and freed memory in spell command - debian/patches/CVE-2022-2042.patch: Initialize "attr" and check for empty line early - CVE-2022-2042...

CVE-2021-21503

PowerScale OneFS 8.1.2,8.2.2 and 9.1.0 contains an improper input sanitization issue in a command. The Compadmin user could potentially exploit this vulnerability, leading to potential privileges escalation...

CVE-2020-4493

IBM Maximo Asset Management 7.6.0 and 7.6.1 are affected by CVE-2020-4493, which enables an attacker to bypass authentication and issue commands via a specially crafted HTTP command. The vulnerability affects the core Maximo Asset Management product (versions 7.6.0 and 7.6.1); IBM’s bulletin deta...

CVE-2017-3138

named contains a feature which allows operators to issue commands to a running server by communicating with the server process over a control channel, using a utility program such as rndc. A regression introduced in a recent feature change has created a situation under which some versions of name...

Cannot create Store service : An error occurred running the command: 'Install-DSStoreService2'

You might receive an error:An error occurred running the command: 'Install-DSStoreService2' when creating a new Store. Citrix Subscription store service fails to start intermittently...

Command injection

An Improper Neutralization of Special Elements in an OS command issue was discovered in Geutebruck IP Camera G-Cam/EFD-2250 Version 1.11.0.12. An improper neutralization of special elements vulnerability has been identified. If special elements are not properly neutralized, an attacker can call...

CVE-2017-5173

An Improper Neutralization of Special Elements in an OS command issue was discovered in Geutebruck IP Camera G-Cam/EFD-2250 Version 1.11.0.12. An improper neutralization of special elements vulnerability has been identified. If special elements are not properly neutralized, an attacker can call...

DEBIAN-CVE-2013-6381

Buffer overflow in the qethsnmpcommand function in drivers/s390/net/qethcoremain.c in the Linux kernel through 3.12.1 allows local users to cause a denial of service or possibly have unspecified other impact via an SNMP ioctl call with a length value that is incompatible with the command-buffer...

Mandriva Update for kdebase MDVA-2008:172 (kdebase)

Check for the Version of kdebase OpenVAS Vulnerability Test Mandriva Update for kdebase MDVA-2008:172 kdebase Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...

CVE-2002-2245

NetBSD ftpd is affected on versions 1.5 through 1.5.3 and 1.6. The issue arises because the FTP server does not properly quote a digit in the response to a STAT command for a filename containing a carriage return followed by a digit, which can cause firewalls and other intermediary devices to los...

HP-UX PHCO_23083 : HP-UX newgrp(1), Local Increased Privilege (HPSBUX00147 SSRT071380 rev.2)

s700800 11.11 newgrp1 patch : the newgrp1 command doesn't function properly. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and patch checks in this plugin were extracted from HP patch PHCO23083. The text itself is copyright C Hewlett-Packard Development Company, L.P...

Cyrus IMAPd -- APPEND command uses undefined programming construct

To support MULTIAPPENDS the cmdappend handler uses the global stage array. This array is one of the things that gets destructed when the fatal function is triggered. When the Cyrus IMAP code adds new entries to this array this is done with the help of the postfix increment operator in combination...

Ipswitch WS_FTP Server 5.0.x - CD Command Malformed File Path Remote Denial of Service

source: https://www.securityfocus.com/bid/11065/info WSFTP Server is reported prone to a remote denial of service vulnerability. This issue presents itself when the application processes a malformed file path through the 'cd' command. WSFTP Server version 5.0.2 is reported prone to this issue,...

PHP-Nuke 6.x7.07.1 - Image Tag Admin Command Execution

PHP-Nuke 6.x7.07.1 - Image Tag Admin Command Execution source: https://www.securityfocus.com/bid/9895/info It has been reported that PHP-Nuke is prone to a remote admin command execution vulnerability. This issue is due to a design error that allows an attacker to specify arbitrary URI values in...

[Full-Disclosure] Vulnerability in Terminal.app

There is a vulnerability in Apple's Terminal.app for OS X which affects Apple laptops. When running from the Terminal within the Unix shell, the command sudo normally will not prompt for a password for five minutes after the password was last given. The vulnerability occurs when putting an Apple...

iDEFENSE Security Advisory 03.04.03: Locally Exploitable Buffer Overflow in file(1)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 iDEFENSE Security Advisory 03.04.03: http://www.idefense.com/advisory/03.04.03.txt Locally Exploitable Buffer Overflow in file1 March 4, 2003 I. BACKGROUND file1 is an application that utilizes a magic file typically located in /usr/share/magic to...

Moderate: Red Hat Security Advisory: wget security update

The wget packages shipped with Red Hat Linux Advanced Server 2.1 contain a security bug which, under certain circumstances, can cause local files to be written outside the download directory. Updated 09 Jan 2003 Added fixed packages for the Itanium IA64 architecture. Updated 06 Feb 2003 Added fix...

rpcbind/fsr_efs/mv/errhook/uux vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- SGI Security Advisory Title: rpcbind/fsrefs/mv/errhook/uux vulnerabilities Number: 20020903-01-P Date: October 3, 2002 - ----------------------- - --- Issue Specifics --- - ----------------------- It's been reported that there are several vulnerabilities in...

Shambala FTP Server does not adequately validate user input thereby allowing directory traversal

Overview Shambala FTP server has a directory traversal vulnerability in its handling of the CWD command. Description Shambala FTP server contains a directory traversal vulnerability in its handling of the CWD command. Attackers may exploit this vulnerability to read directories and files outside ...

Buffer overflow in YoungZSoft CMailServer

Buffer overflow on long USER command...