CVE-1999-1437

ePerl 2.2.12 allows remote attackers to read arbitrary files and possibly execute certain commands by specifying a full pathname of the target file as an argument to bar.phtml...

ReBB 1.0 - Image Tag Cross-Agent Scripting

source: https://www.securityfocus.com/bid/4220/info ReBB is web forum software which will run on most Unix and Linux variants, as well as Microsoft Windows operating systems. It is written in PHP and may be back-ended by a number of databases. ReBB allows users to include images in forum messages...

CVE-2001-0944

DDE in mIRC allows local users to launch applications under another user's account via a DDE message that executes a command, which may be executed by the other user's process...

DistCC Daemon Command Execution

No description provided by source. $Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require...

13 December 2001 Cumulative Patch for IE

---------------------------------------------------------------------- Title: 13 December 2001 Cumulative Patch for IE Date: 13 December 2001 Software: Internet Explorer Impact: Run Code of an Attacker's Choice Max Risk: Critical Bulletin: MS01-058 Microsoft encourages customers to review the...

CVE-2001-0475

index.php in Jelsoft vBulletin does not properly initialize a PHP variable that is used to store template information, which allows remote attackers to execute arbitrary PHP code via special characters in the templatecache parameter...

CVE-1999-1501

1 ipxchk and 2 ipxlink in SGI OS2 IRIX 6.3 does not properly clear the IFS environmental variable before executing system calls, which allows local users to execute arbitrary commands...

CVE-1999-1179

Vulnerability in man.sh CGI script, included in May 1998 issue of SysAdmin Magazine, allows remote attackers to execute arbitrary commands...

Microsoft IIS 3.04.05.0 - PWS Escaped Characters Decoding Command Execution (6)

Microsoft IIS 3.04.05.0 - PWS Escaped Characters Decoding Command Execution 6 source: https://www.securityfocus.com/bid/2708/info Due to a flaw in the handling of CGI filename program requests, remote users can execute arbitrary commands on an IIS host. When IIS receives a CGI filename request, i...

CVE-2001-0021

MailMan Webmail 3.0.25 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the alternatetemplate parameter...

HIS AUktion auktion.cgi Traversal Arbitrary Command Execution

The 'auktion.cgi' cgi is installed. This CGI has a well known security flaw that lets an attacker execute arbitrary commands with the privileges of the http daemon usually root or nobody. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc';...

CVE-2001-0060

Format string vulnerability in stunnel 3.8 and earlier allows attackers to execute arbitrary commands via a malformed ident username...

Debian 2.2 - splitvt Format String

// source: https://www.securityfocus.com/bid/2210/info splitvt is a VT100 window splitter, designed to allow the user two command line interfaces in one terminal window, originally written by Sam Lantinga. It is freely available, open source, and included with many variants of the Linux Operating...

sonata-teleconf-2.txt

Here you go alan! -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Vulnerability Report 2 For Voyant Technologies Sonata Conferencing product. Larry W. Cashdollar Vapid Labs Date Published: 12/18/2000 Advisory ID: 12182000-02 CVE CAN: None currently assigned. Title: Sonata doroot command...

CVE-2000-0910

Horde library 1.02 allows attackers to execute arbitrary commands via shell metacharacters in the "from" address...

CVE-2000-0769

O'Reilly WebSite Pro 2.3.7 installs the uploader.exe program with execute permissions for all users, which allows remote attackers to create and execute arbitrary files by directly calling uploader.exe...

CVE-2000-0592

Buffer overflows in POP3 service in WinProxy 2.0 and 2.0.1 allow remote attackers to execute arbitrary commands via long USER, PASS, LIST, RETR, or DELE commands...

CVSweb 1.80 cvsweb.cgi Arbitrary Command Execution

The version of CVSweb on the remote host is = 1.85. This version allows a remote attacker to execute arbitrary commands in the context of the web server. This version of CVSweb is no longer maintained. Please consider switching to the latest version of FreeBSD CVSweb. %NASLMINLEVEL 70300 C Tenabl...

CVE-2000-0527

userreg.cgi CGI program in MailStudio 2000 2.0 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters...

3R Soft MailStudio 2000 2.0 - Arbitrary File Access

3R Soft MailStudio 2000 2.0 - Arbitrary File Access source: https://www.securityfocus.com/bid/1335/info MailStudio 2000 is vulnerable to multiple attacks. It is possible for a remote user to gain read access to all files located on the server via the usage of the "/.." string passed to a CGI,...