EUVD-2007-0349

Malware in sbrugna...

EUVD-2004-1144

Malware in sbrugna...

CVSTrac FileDiff v2 Parameter Command Execution - Ver2 (CVE-2004-1456)

A command execution vulnerability has been reported in CVSTrac. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

CVSTrac Detection

This host is running CVSTrac, a Web-Based Bug And Patch-Set Tracking System For CVS, Subversion and GIT. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

CVSTrac Detection

This host is running CVSTrac, a Web-Based Bug And Patch-Set Tracking System For CVS, Subversion and GIT. OpenVAS Vulnerability Test $Id: cvstracdetect.nasl 5721 2017-03-24 14:42:01Z cfi $ cvstrac Detection Authors: Michael Meyer Copyright: Copyright c 2009 Greenbone Networks GmbH This program is...

CVSTrac text output formatter DoS

The remote web server contains a CGI script or is itself subject to a denial of service attack. Description : According to its version number, the version of CVSTrac installed on the remote host contains a flaw related to its Wiki-style text output formatter that may allow an attacker to cause a...

CVSTrac < 2.0.1 DoS Vulnerability

CVSTrac is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2008 David Maciejak Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:cvstrac:cvstrac";...

[Full-disclosure] CVSTrac 2.0.0 Denial of Service &#40;DoS&#41; vulnerability

SECURITY ADVISORY ================= Application: CVSTrac Version: 2.0.0 Vulnerability: Denial of Service DoS Identification: CVE-2007-0347 Date: 2007-01-29 12:00 UTC DESCRIPTION ----------- A Denial of Service DoS vulnerability exists in CVSTrac http://www.cvstrac.org/ version 2.0.0, a web-based...

CVSTrac Text Output Formatter SQL Injection DoS

According to its version number, the version of CVSTrac installed on the remote host contains a flaw related to its Wiki-style text output formatter that may allow an attacker to cause a partial denial of service, depending on the pages requested, via limited SQL injection. %NASLMINLEVEL 70300 C...

CVSTrac远程拒绝服务漏洞

CVSTrac是一个为CVS设计的补丁和错误跟踪系统。 CVSTrac在处理用户请求时存在输入验证漏洞，远程攻击者可能利用此漏洞执行拒绝服务攻击。 CVSTrac的format.c文件中iseow函数没有检查用户提供字符串的first!字符中的End-Of-Word终止字符，而是迭代字符串，这可能允许跳过单个嵌入的问号。然后isrepositoryfile函数假设文件名字符串中不会包含单个问号，因此可能出现SQL转义问题。...

CVSTrac 2.0.0 Post-Attack Database Resurrection DoS Exploit

No description provided by source. cvstrack-resurrect.pl -- CVSTrac Post-Attack Database Resurrection Copyright c 2007 Ralf S. Engelschall [email protected] use DBI; requires OpenPKG perl-dbi use DBD::SQLite; requires OpenPKG perl-dbi, perl-dbi::withdbdsqlite=yes use DBIx::Simple; requires...

Sql injection

The iseow function in format.c in CVSTrac before 2.0.1 does not properly check for the "'" quote character, which allows remote authenticated users to execute limited SQL injection attacks and cause a denial of service database error via a ' character in certain messages, tickets, or Wiki entries...

CVE-2007-0347

The iseow function in format.c in CVSTrac before 2.0.1 does not properly check for the "'" quote character, which allows remote authenticated users to execute limited SQL injection attacks and cause a denial of service database error via a ' character in certain messages, tickets, or Wiki entries...

CVE-2007-0347

The iseow function in format.c in CVSTrac before 2.0.1 does not properly check for the "'" quote character, which allows remote authenticated users to execute limited SQL injection attacks and cause a denial of service database error via a ' character in certain messages, tickets, or Wiki entries...

CVE-2007-0347

The iseow function in format.c in CVSTrac before 2.0.1 does not properly check for the "'" quote character, which allows remote authenticated users to execute limited SQL injection attacks and cause a denial of service database error via a ' character in certain messages, tickets, or Wiki entries...

CVE-2007-0347

CVSTrac

CVSTrac < 2.0.1 Text Output Formatter DoS

Binary data 3896.prm...

CVSTrac 2.0.0 - Defacement Denial of Service

cvstrack-resurrect.pl -- CVSTrac Post-Attack Database Resurrection Copyright c 2007 Ralf S. Engelschall use DBI; requires OpenPKG perl-dbi use DBD::SQLite; requires OpenPKG perl-dbi, perl-dbi::withdbdsqlite=yes use DBIx::Simple; requires OpenPKG perl-dbix use Date::Format; requires OpenPKG...

CVSTrac 2.0.0 Post-Attack Database Resurrection DoS Exploit

Exploit for cgi platform in category web applications =========================================================== CVSTrac 2.0.0 Post-Attack Database Resurrection DoS Exploit =========================================================== cvstrack-resurrect.pl -- CVSTrac Post-Attack Database...

CVSTrac 2.0.0 - Defacement Denial of Service

CVSTrac 2.0.0 - Defacement Denial of Service cvstrack-resurrect.pl -- CVSTrac Post-Attack Database Resurrection Copyright c 2007 Ralf S. Engelschall use DBI; requires OpenPKG perl-dbi use DBD::SQLite; requires OpenPKG perl-dbi, perl-dbi::withdbdsqlite=yes use DBIx::Simple; requires OpenPKG...