CVE-2009-2936

The Command Line Interface aka Server CLI or administration interface in the master process in the reverse proxy server in Varnish before 2.1.0 does not require authentication for commands received through a TCP port, which allows remote attackers to 1 execute arbitrary code via a vcl.inline...

CVE-2009-2936

CVE-2009-2936 affects the Varnish reverse proxy CLI in the master process prior to 2.1.0, where the TCP-based commands do not require authentication. The vulnerability can allow remote attackers to: (1) execute arbitrary code via a vcl.inline directive containing inline C code; (2) change the mas...

Design/Logic Flaw

The command line interface in Overland Storage Snap Server 410 with GuardianOS 5.1.041 runs the "less" utility with a higher-privileged uid than the CLI user and without sufficient restriction on shell escapes, which allows local users to gain privileges using the "!" character within less to...

Design/Logic Flaw

Unspecified vulnerability in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A21.2 and Cisco ACE 4710 Application Control Engine Appliance before A18a allows remote authenticated users to execute arbitrary operating-system commands through a command...

CVE-2008-3947

DCL aka the CLI in OpenVMS Alpha 8.3 allows local users to gain privileges via a long command line...

[oCERT-2008-014] WordNet stack and heap overflows

2008/08/25 2008-014 WordNet stack and heap overflows Description: The WordNet 3.0 Unix library and command-line interface suffer from a number of stack overflows due to their handling of command line arguments, environment variables and data read from user supplied dictionaries. The oCERT team wa...

CVE-2008-2158

Multiple stack-based buffer overflows in the Command Line Interface process in the Server Agent in EMC AlphaStor 3.1 SP1 for Windows allow remote attackers to execute arbitrary code via crafted TCP packets to port 41025...

Debian: Security Advisory (DSA-1440-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Command injection

The Command Line Interface CLI, aka Adonis Administration Console, on the BlueCat Networks Adonis DNS/DHCP appliance 5.0.2.8 allows local admin users to gain root privileges on the underlying operating system via shell metacharacters in a command...

CVE-2007-4390

The CVE-2007-4390 issue affects BlueCat Networks Adonis DNS/DHCP appliance (CLI/Adonis Administration Console) version 5.0.2.8. The vulnerability allows local admin users to gain root privileges on the underlying OS by injecting shell metacharacters in a command. Documents confirm the affected co...

Important: spamassassin security update

3.1.8-2 - Fix sa-learn regression 228968 3.1.8-1 - 3.1.8 CVE-2007-0451 3.1.7-9 - silence sa-update cron script 3.1.7-8 - only restart spamd if necessary after sa-update 227756 3.1.7-7 - requires gnupg 227738 3.1.7-6 - explicit requires on perlHTTP::Date and perlLWP::UserAgent Bug 193100 3.1.7-5 -...

Vmare workstation guest isolation weaknesses (clipboard transfer)

Suggested severity level: Low Type of Risk: isolation failure, information leakage, infection path Affected Software: VMware Workstation, version 5.5.3 build 34685 including installation of "VMware tools" of the same version on the guest OS. Other products by the vendor using the same isolation...

Multiple Cisco Unified CallManager security vulnerabilities

Multiple vulnerabilities with Command Line Interface and SIP protocol processing...

CVE-2006-2043

na-img-4.0.34.bin for the IP3 Networks NetAccess NA75 allows local users to gain Unix shell access via "" backtick characters in the appliance's command line interface CLI...

Watchguard firewall appliances security issues

Scope: WatchGuard Firewall Appliances. Vendor: WatchGuard Technologies, Inc http://www.watchguard.com . Affected: Vclass appliances running the current version of Vclass software. Legacy RSSA appliances running Vclass software. Legacy RSSA appliances that have not yet upgraded to Vclass software...