[SECURITY] [DSA 3854-1] bind9 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3854-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 14, 2017 https://www.debian.org/security/faq -...

ISC BIND 9 < 9.9.9-P8 / 9.9.9-S10 / 9.9.10rc3 / 9.10.4-P8 / 9.10.5rc3 / 9.11.0-P5 / 9.11.1r3 Multiple Vunlerabilities

According to its self-reported version, the instance of ISC BIND 9 running on the remote name server is 9.9.x prior to 9.9.9-P8 or 9.9.9-S10, 9.10.x prior to 9.10.4-P8, or 9.11.x prior to 9.11.0-P5. It is, therefore, affected by multiple vulnerabilities : - A denial of service vulnerability exist...

CVE-2016-5017

Buffer overflow in the C cli shell in Apache Zookeeper before 3.4.9 and 3.5.x before 3.5.3, when using the "cmd:" batch mode syntax, allows attackers to have unspecified impact via a long command string...

CVE-2016-5017

Buffer overflow in the C cli shell in Apache Zookeeper before 3.4.9 and 3.5.x before 3.5.3, when using the "cmd:" batch mode syntax, allows attackers to have unspecified impact via a long command string...

Buffer overflow

Buffer overflow in the C cli shell in Apache Zookeeper before 3.4.9 and 3.5.x before 3.5.3, when using the "cmd:" batch mode syntax, allows attackers to have unspecified impact via a long command string...

CVE-2016-5017

Buffer overflow in the C cli shell in Apache Zookeeper before 3.4.9 and 3.5.x before 3.5.3, when using the "cmd:" batch mode syntax, allows attackers to have unspecified impact via a long command string...

The vulnerability of the PHP interpreter allows attackers to execute arbitrary operating system commands.

The vulnerability of the escapeshellarg function ext/standard/exec.c in the PHP interpreter exists because measures to neutralize the special elements used in operating system commands are not taken. Exploiting this vulnerability allows a malicious actor to execute arbitrary operating system...

CVE-2015-0717

Cisco Unified Communications Manager 10.01.10000.12 allows local users to gain privileges via a command string in an unspecified parameter, aka Bug ID CSCut19546...

CVE-2013-0715

The WebCLI component in Wind River VxWorks 5.5 through 6.9 allows remote authenticated users to cause a denial of service CLI session crash via a crafted command string...

Command injection

The WebCLI component in Wind River VxWorks 5.5 through 6.9 allows remote authenticated users to cause a denial of service CLI session crash via a crafted command string...

MOAB-01-01-2007.rb.txt

!/usr/bin/ruby Copyright c LMH Kevin Finisterre Notes: Our command string is loaded on memory at a static address normally, but this depends on execution method and the string length. The address set in this exploit will be likely successful if we open the resulting QTL file directly, without...

Apple Quicktime (rtsp URL Handler) Stack Buffer Overflow Exploit

Exploit for multiple platform in category remote exploits ================================================================ Apple Quicktime rtsp URL Handler Stack Buffer Overflow Exploit ================================================================ !/usr/bin/ruby Copyright c LMH Kevin Finisterr...

Platinum FTP Server

Platinum FTP server for Win32 has several vulnerabilities in the way it checks the format of command strings passed to it. This leads to the following vulnerabilities in the server: The 'dir' command can be used to examine the filesystem of the machine and gather further information about the hos...

Citadel/UX - Remote Buffer Overflow

/ Citadel/UX remote exploit By nebunu: pppppppal at yahoo dot com home.ro lamerz erased my [email protected] address for hosting exploits there.. Citadel/UX is a very well known client/server messaging for BBS which runs on port 504 by default. It has been discovered that is suffers for a buffer...

Buffer overflow in libX11 for OpenUnix

Buffer overflow during -xrm command string argument parsing...