Lucene search
K

4 matches found

Debian
Debian
added 2007/01/21 1:6 p.m.17 views

[SECURITY] [DSA 1251-1] New netrik packages fix arbitary shell command execution

------------------------------------------------------------------------ Debian Security Advisory DSA-1251-1 [email protected] http://www.debian.org/security/ Steve Kemp January 21, 2007 - ------------------------------------------------------------------------ Package : netrik Vulnerability :...

7.5CVSS7AI score0.01771EPSS
Exploits0
securityvulns
securityvulns
added 2007/01/21 12:0 a.m.48 views

[Full-disclosure] [SECURITY] [DSA 1251-1] New netrik packages fix arbitary shell command execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1251-1 [email protected] http://www.debian.org/security/ Steve Kemp January 21, 2007 -...

7.5CVSS2.3AI score0.01771EPSS
Exploits0
OSV
OSV
added 2006/12/21 1:28 a.m.0 views

DEBIAN-CVE-2006-6678

The edittextarea function in form-file.c in Netrik 1.15.4 and earlier does not properly verify temporary filenames when editing textarea fields, which allows attackers to execute arbitrary commands via shell metacharacters in the filename...

7.5CVSS7.7AI score0.01771EPSS
Exploits0References1
CVE
CVE
added 2006/12/21 1:0 a.m.54 views

CVE-2006-6678

Summary: CVE-2006-6678 affects netrik prior to 1.15.5 (noted fixes in 1.15.4-1sarge1 per Debian DSA-1251-1). The edit_textarea function in form-file.c does not properly sanitize temporary filenames when editing textarea fields, enabling an attacker to inject shell metacharacters in the filename t...

7.5CVSS7.2AI score0.01771EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder