4 matches found
CVE-2015-0859
The Debian build procedure for the smokeping package in wheezy before 2.6.8-2+deb7u1 and jessie before 2.6.9-1+deb8u1 does not properly configure the way Apache httpd passes arguments to smokepingcgi, which allows remote attackers to execute arbitrary code via crafted CGI arguments...
CVE-2015-0859
The Debian build procedure for the smokeping package in wheezy before 2.6.8-2+deb7u1 and jessie before 2.6.9-1+deb8u1 does not properly configure the way Apache httpd passes arguments to smokepingcgi, which allows remote attackers to execute arbitrary code via crafted CGI arguments...
CVE-2015-0859
The CVE-2015-0859 entry affects the smokeping package (smokeping_cgi) used with Apache httpd, where the CGI argument handling by mod_cgi allows remote code execution. The Debian advisory notes the issue arises from the build/packaging where Apache httpd passes extra arguments to smokeping_cgi, en...
[SECURITY] [DSA 3405-1] smokeping security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3405-1 [email protected] https://www.debian.org/security/ Florian Weimer November 25, 2015 https://www.debian.org/security/faq -...