2384 matches found
Command injection
PyGIT.py in the Trac Git plugin trac-git before 0.0.20080710-3+lenny1 and before 0.0.20090320-1 on Debian GNU/Linux, when enabled in Trac, allows remote attackers to execute arbitrary commands via shell metacharacters in a crafted HTTP query that is used to generate a certain git command...
CVE-2010-0394
PyGIT.py in the Trac Git plugin trac-git before 0.0.20080710-3+lenny1 and before 0.0.20090320-1 on Debian GNU/Linux, when enabled in Trac, allows remote attackers to execute arbitrary commands via shell metacharacters in a crafted HTTP query that is used to generate a certain git command...
CVE-2010-0394
PyGIT.py in the Trac Git plugin trac-git before 0.0.20080710-3+lenny1 and before 0.0.20090320-1 on Debian GNU/Linux, when enabled in Trac, allows remote attackers to execute arbitrary commands via shell metacharacters in a crafted HTTP query that is used to generate a certain git command...
[SECURITY] [DSA 1991-1] New squid/squid3 packages fix denial of service
------------------------------------------------------------------------ Debian Security Advisory DSA-1991-1 [email protected] http://www.debian.org/security/ Steffen Joeris February 04, 2010 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1981-1] New maildrop packages fix privilege escalation
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1981-1 [email protected] http://www.debian.org/security/ Steffen Joeris January 28, 2010 http://www.debian.org/security/faq -...
[SECURITY] [DSA-1990-2] New trac-git package fixes regression
------------------------------------------------------------------------ Debian Security Advisory DSA-1990-2 [email protected] http://www.debian.org/security/ Stefan Fritsch February 04, 2010 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1978-1] New phpgroupware packages fix several vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1978-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff January 26, 2010 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1980-1] New ircd-hybrid/ircd-ratbox packages fix arbitrary code execution
------------------------------------------------------------------------ Debian Security Advisory DSA-1980-1 [email protected] http://www.debian.org/security/ Steffen Joeris January 27, 2010 http://www.debian.org/security/faq -...
[SECURITY] [DSA-1975-1] Security Support for Debian 4.0 to be discontinued on February 15th
------------------------------------------------------------------------ Debian Security Advisory DSA-1975-1 [email protected] http://www.debian.org/security/ Stefan Fritsch January 20, 2010 http://www.debian.org/security/faq -...
KloNews Cross Site Scripting
KloNews Cross-Site Scripting XSS Author : cr4wl3r Download : http://easy-script.com/scripts-dl/klonews2.rar Tested on: GNU/LINUX PoC : KloNewspath/cat.php?cat=alertdocument.cookie;...
DSA-1975-1 etch - end of life
Security Support for Debian GNU/Linux 4.0 to be discontinued on February 15th One year after the release of Debian GNU/Linux 5.0 alias 'lenny' and nearly three years after the release of Debian GNU/Linux 4.0 alias 'etch' the security support for the old distribution 4.0 alias 'etch' is coming to ...
[SECURITY] [DSA 1973-1] New glibc packages fix information disclosure
------------------------------------------------------------------------ Debian Security Advisory DSA-1973-1 [email protected] http://www.debian.org/security/ Aurelien Jarno January 19, 2010 http://www.debian.org/security/faq -...
[SECURITY] [DSA-1970-1] New openssl packages fix denial of service
------------------------------------------------------------------------ Debian Security Advisory DSA-1970-1 [email protected] http://www.debian.org/security/ Stefan Fritsch January 13, 2010 http://www.debian.org/security/faq -...
[SECURITY] [DSA-1969-1] New krb5 packages fix denial of service
------------------------------------------------------------------------ Debian Security Advisory DSA-1969-1 [email protected] http://www.debian.org/security/ Giuseppe Iuculano January 12, 2010 http://www.debian.org/security/faq -...
[SECURITY] [DSA-1965-1] New phpldapadmin packages fix remote file inclusion
------------------------------------------------------------------------ Debian Security Advisory DSA-1965 [email protected] http://www.debian.org/security/ Giuseppe Iuculano January 06, 2010 http://www.debian.org/security/faq -...
[SECURITY] [DSA-1953-2] New expat packages fix regression
------------------------------------------------------------------------ Debian Security Advisory DSA-1953-2 [email protected] http://www.debian.org/security/ Stefan Fritsch December 31, 2009 http://www.debian.org/security/faq -...
Mandriva Security Advisory MDVSA-2009:244-1 (xfig)
The remote host is missing an update to xfig announced via advisory MDVSA-2009:244-1. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...
Ptag 4.0.0 Remote File Inclusion
Exploit Title: Ptag sqltable = ptagprefix."session"; $this - cookiename = ptagprefix."session"; //If RSS mode, switch session to non-viewed tracker. if ptagoutput == "rss" parent::construct$ptagsql, sha1""; else parent::construct$ptagsql; ? PoC Ptagpath/lib/session.php?ptagdir=Shell Code sql.php...
FestOS 2.2.1 Remote File Inclusion
Exploit Title: FestOs $reports header"Location:index.php"; include "includes/reportheader.php"; ? 3xplo!t : festospath/admin/reportsplacement.php?ABSOLUTEFILEPATH=Shell Code : FestOS.php requireonce$config'ABSOLUTEFILEPATH'."core/sessions.php"; 3xplo!t :...
60cycleCMS 2.5.0 Remote File Inclusion
60cycleCMS = 2.5.0 Remote File Include Exploit Date: 19-12-2009 Author: cr4wl3r Software Link: http://60cycle.net Tested on: GNU/LINUX 60cycleCMSpath/common/sqlConnect.php?DOCUMENTROOT=SHELL DIRECTORY/something...