15 matches found
EUVD-2002-0608
Malware in sbrugna...
DNSTools Software DNSTools 1.0.8/1.10 Input Validation Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/1028/info A vulnerability exists in the 1.0.8 release of DNSTools labeled on some areas of their site as 1.08, from DNSTools Software. By manipulating the contents of certain post variables, arbitrary code may be executed...
DNSTools 2.0 Authentication Bypass Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/4617/info DNSTools is a web based managment tool for DNS information. It is implemented in PHP, and available for Linux and Solaris. A vulnerability has been reported in some versions of DNSTools which allows any remote...
Unfixed XSS vulnerability at www.dnstools.com
Security researcher Renoized, has submitted on 01/10/2007 a cross-site-scripting XSS vulnerability affecting www.dnstools.com, which at the time of submission ranked 89771 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 03/10/2007. It is...
CVE-2002-0613
dnstools.php for DNSTools 2.0 beta 4 and earlier allows remote attackers to bypass authentication and gain privileges by setting the userloggedin or userdnstoolsadministrator parameters...
CVE-2002-0613
CVE-2002-0613 affects DNSTools 2.0 beta 4 and earlier. The vulnerability allows remote attackers to bypass authentication and gain privileges by manipulating the user_logged_in or user_dnstools_administrator parameters. The description and linked records consistently indicate authentication bypas...
CVE-2002-0613
dnstools.php for DNSTools 2.0 beta 4 and earlier allows remote attackers to bypass authentication and gain privileges by setting the userloggedin or userdnstoolsadministrator parameters...
dnstools: authentication bypass vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ppp-design found the following authentication bypass vulnerability in dnstools: Details - ------- Product: dnstools Affected Version: 2.0 beta 4 and maybe all versions before Immune Version: 2.0 beta 5 OS affected: Linux only Vendor-URL:...
DNSTools 2.0 - Authentication Bypass
source: https://www.securityfocus.com/bid/4617/info DNSTools is a web based managment tool for DNS information. It is implemented in PHP, and available for Linux and Solaris. A vulnerability has been reported in some versions of DNSTools which allows any remote attacker to gain administrative...
Still a cgi-security hole in DNSTools (1.10)
Hi, following the notice about Version 1.08 of Dnstools I looked into the new version 1.10 that is currently downloadable on dnstools.com. It still contains a sedurity bug by not parsing input-values. Details: I saw the author improved the script by entering the subroutine ParseForSecurity. There...
CVE-2000-0177
DNSTools CGI applications allow remote attackers to execute arbitrary commands via shell metacharacters...
CVE-2000-0177
CVE-2000-0177 concerns DNSTools CGI applications where remote attackers can execute arbitrary commands due to shell metacharacters. The issue is described across NVD and CVE records as enabling complete compromise (C, I, A) with network access and no authentication, yielding a very high risk (CVS...
CVE-2000-0177
DNSTools CGI applications allow remote attackers to execute arbitrary commands via shell metacharacters...
DNSTools Software DNSTools 1.0.81.10 - Input Validation
DNSTools Software DNSTools 1.0.81.10 - Input Validation source: https://www.securityfocus.com/bid/1028/info A vulnerability exists in the 1.0.8 release of DNSTools labeled on some areas of their site as 1.08, from DNSTools Software. By manipulating the contents of certain post variables, arbitrar...
DNSTools Software DNSTools 1.0.8/1.10 - Input Validation
source: https://www.securityfocus.com/bid/1028/info A vulnerability exists in the 1.0.8 release of DNSTools labeled on some areas of their site as 1.08, from DNSTools Software. By manipulating the contents of certain post variables, arbitrary code may be executed. Note that version 1.10 is...