27 matches found
Alcatel-Lucent OmniPCX Enterprise Communication Server <= 7.1 masterCGI Command Injection
No description provided by source. $Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require...
Alcatel-Lucent OmniPCX Enterprise 7.1 - Remote Command Execution
Alcatel-Lucent OmniPCX Enterprise 7.1 - Remote Command Execution source: https://www.securityfocus.com/bid/25694/info Alcatel-Lucent OmniPCX Enterprise is prone to a remote command-execution vulnerability because it fails to adequately sanitize user-supplied data. Attackers can exploit this issue...
Debian DSA-935-1 : libapache2-mod-auth-pgsql - format string vulnerability
iDEFENSE reports that a format string vulnerability in modauthpgsql, a library used to authenticate web users against a PostgreSQL database, could be used to execute arbitrary code with the privileges of the httpd user. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...
[SECURITY] [DSA 935-1] New libapache2-mod-auth-pgsql packages fix arbitrary code execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 935-1 [email protected] http://www.debian.org/security/ Michael Stone January 10, 2006 http://www.debian.org/security/faq -...
JVN#30451602 HTTPD-User-Manage cross-site scripting vulnerability
Impact A malicious script may be executed on the web browser of the user who can access HTTPD-User-Manage. Solution Products Affected HTTPD-User-Manage 1.62 and earlier...
sendtemp.pl - Read Access to Files
sendtemp.pl - Read Access to Files !/usr/bin/perl -w sendtemp.pl: A part of the Amaya Web development server contains a file disclosure vulnerability, which allows remote, read access to files on the servers file system, as whichever user the httpd is running as. The Vulnerability is really quite...
Linux_mini-sql_bof.txt
hi, i was looking for an exploitable buffer overflow in w3-msql from Hughes Technology since there was many security flaws inside. There is a static variable named PrivateScript in main function with a 255 chars size length. No luck ! main finish everywhere with an exit call. The http internal...