Lucene search
K

77 matches found

Cvelist
Cvelist
added 2015/02/03 4:0 p.m.22 views

CVE-2015-1457

Fortinet FortiAuthenticator 3.0.0 allows local users to read arbitrary files via the -f flag to the dig command...

6.2AI score0.00489EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2014/12/26 12:0 a.m.45 views

OracleVM 3.3 : bind (OVMSA-2014-0084)

The remote OracleVM system is missing necessary patches to address critical security updates : - Fix CVE-2014-8500 1171973 - Use /dev/urandom when generating rndc.key file 951255 - Remove bogus file from /usr/share/doc, introduced by fix for bug 1092035 - Add support for TLSA resource records...

7.8CVSS6.9AI score0.65683EPSS
Exploits4References6
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.30 views

ht://Dig 3.2 Htsearch Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/26610/info ht://Dig is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue allows an attacker to execute arbitrary HTML or script code in a...

7.1AI score
Exploits0
UbuntuCve
UbuntuCve
added 2014/06/13 11:19 a.m.32 views

CVE-2014-3859

libdns in ISC BIND 9.10.0 before P2 does not properly handle EDNS options, which allows remote attackers to cause a denial of service REQUIRE assertion failure and daemon exit via a crafted packet, as demonstrated by an attack against named, dig, or delv...

5CVSS7.1AI score0.06978EPSS
Exploits0References2
NVD
NVD
added 2009/03/30 8:30 p.m.19 views

CVE-2008-6555

cgi-bin/webutil.pl in The Puppet Master WebUtil allows remote attackers to execute arbitrary commands via shell metacharacters in the dig command...

10CVSS7.6AI score0.04457EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2009/02/27 12:0 a.m.18 views

Fedora Update for htdig FEDORA-2007-3907

Check for the Version of htdig OpenVAS Vulnerability Test Fedora Update for htdig FEDORA-2007-3907 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...

4.3CVSS6.4AI score0.04386EPSS
Exploits0References2
seebug.org
seebug.org
added 2007/12/04 12:0 a.m.41 views

ht://Dig Htsearch跨站脚本漏洞

ht://Dig是一款用来webserver的索引和搜索文件的应用程序。 ht://Dig不正确过滤用户提交的URI数据,远程攻击者可以利用漏洞进行跨站脚本攻击,获得敏感信息。 问题是由于'sytnax.html'脚本对用户提交的WEB参数缺少过滤,提交恶意脚本代码作为参数数据,可导致获得目标用户敏感信息。 测试方法 http://foo.bar/cgi-bin/htsearch?config=&restrict=&exclude=&method=and&format=builtin-long&sort=scriptalert"foo"/script&words=foo ht://Dig...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2007/11/27 12:0 a.m.37 views

ht:Dig 3.2 - Htsearch Cross-Site Scripting

ht:Dig 3.2 - Htsearch Cross-Site Scripting source: https://www.securityfocus.com/bid/26610/info ht://Dig is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue allows an attacker to execute arbitrary HTML or script code...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2007/11/27 12:0 a.m.66 views

ht://Dig 3.2 - Htsearch Cross-Site Scripting

source: https://www.securityfocus.com/bid/26610/info ht://Dig is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue allows an attacker to execute arbitrary HTML or script code in a user's browser session in the context...

7.4AI score
Exploits0
Prion
Prion
added 2007/11/05 4:46 p.m.23 views

Integer overflow

Integer underflow in the dnsnamefromtext function in 1 libdnsnonsecure.a and 2 libdnssecure.a in IBM AIX 5.2 allows local users to gain privileges via a crafted "-y" TSIG key command line argument to dig...

7.2CVSS6.9AI score0.00333EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2007/11/05 4:0 p.m.21 views

CVE-2007-4622

Integer underflow in the dnsnamefromtext function in 1 libdnsnonsecure.a and 2 libdnssecure.a in IBM AIX 5.2 allows local users to gain privileges via a crafted "-y" TSIG key command line argument to dig...

6.4AI score0.00333EPSS
Exploits0References8
CVE
CVE
added 2007/11/05 4:0 p.m.49 views

CVE-2007-4622

CVE-2007-4622 describes an integer underflow in the dns_name_fromtext function within IBM AIX 5.2’s dig program (libdns_nonsecure.a and libdns_secure.a). The vulnerability enables local users to gain root privileges by supplying a crafted -y TSIG key argument to dig, due to an underflow in dns_na...

7.2CVSS6.4AI score0.00333EPSS
Exploits0References8Affected Software1
securityvulns
securityvulns
added 2007/10/30 12:0 a.m.50 views

iDefense Security Advisory 10.30.07: IBM AIX dig dns_name_fromtext Integer Underflow Vulnerability

IBM AIX dig dnsnamefromtext Integer Underflow Vulnerability iDefense Security Advisory 10.30.07 http://labs.idefense.com/intelligence/vulnerabilities/ Oct 30, 2007 I. BACKGROUND dig is a utility that is commonly used for DNS diagnostics. Under AIX 5.2, the dig program is installed by default and ...

7.2CVSS0.8AI score0.00333EPSS
Exploits0
NVD
NVD
added 2005/09/08 10:3 a.m.19 views

CVE-2005-2849

Argument injection vulnerability in Barracuda Spam Firewall running firmware 3.1.16 and 3.1.17 allows remote attackers to 1 read portions of source code via the -f option to Dig digdevice.cgi, 2 determine file existence via the -r argument to Tcpdump tcpdumpdevice.cgi or 3 modify files in the...

6.4CVSS7.2AI score0.01387EPSS
Exploits0References4
Cvelist
Cvelist
added 2005/09/08 4:0 a.m.24 views

CVE-2005-2849

Argument injection vulnerability in Barracuda Spam Firewall running firmware 3.1.16 and 3.1.17 allows remote attackers to 1 read portions of source code via the -f option to Dig digdevice.cgi, 2 determine file existence via the -r argument to Tcpdump tcpdumpdevice.cgi or 3 modify files in the...

7.2AI score0.01387EPSS
Exploits0References4
CVE
CVE
added 2005/09/08 4:0 a.m.48 views

CVE-2005-2849

CVE-2005-2849 affects Barracuda Spam Firewall firmware 3.1.16 and 3.1.17. The vulnerability is an argument injection in CGI scripts that grant attackers the following capabilities: read portions of source code via the -f option to Dig (dig_device.cgi); determine file existence via the -r option t...

6.4CVSS7.6AI score0.01387EPSS
Exploits0References4Affected Software1
Packet Storm
Packet Storm
added 2005/09/05 12:0 a.m.36 views

2005.1.txt

ID : 2005.1 Product : Barracuda Spam Firewall Appliance Vendor : Barracuda networks Affected product : firmware Published date : 01/09/2005 Initial Vendor contact 2005-06-14 CVE : CVE-MAP-NOMATCH Solution : Install Firmware 3.1.18 Reference URL :...

7.4AI score
Exploits0
Cvelist
Cvelist
added 2005/08/23 4:0 a.m.16 views

CVE-2005-2684

nquser.php in Virtual Edge Netquery 3.11 allows remote attackers to execute arbitrary commands via shell metacharacters in the host parameter to a dig query...

7.6AI score0.01938EPSS
Exploits1References1
NVD
NVD
added 2005/08/23 4:0 a.m.9 views

CVE-2005-2684

nquser.php in Virtual Edge Netquery 3.11 allows remote attackers to execute arbitrary commands via shell metacharacters in the host parameter to a dig query...

7.5CVSS7.6AI score0.01938EPSS
Exploits1References1
NVD
NVD
added 2005/04/27 4:0 a.m.19 views

CVE-2005-0085

Cross-site scripting XSS vulnerability in ht://dig htdig before 3.1.6-r7 allows remote attackers to execute arbitrary web script or HTML via the config parameter, which is not properly sanitized before it is displayed in an error message...

6.8CVSS5.8AI score0.02273EPSS
Exploits0References18
Rows per page
Query Builder