7 matches found
shellshocker-pocs
This is a collection of Proof of Concepts PoCs and potential targets for the ShellShocker vulnerability. The PoCs are designed to exploit the vulnerability in various products and services, including XMPP ejabberd, Mailman, MySQL, NFS, Bind9, FTP, and others. The PoCs are primarily focused on...
The vulnerability of the Apache mod_cgi module for HTTP servers in the SonicWall network device software for the SMA series (SMA 100, SMA 200, SMA 210, SMA 400, SMA 410, and SMA 500vl) allows attackers to execute arbitrary code.
The vulnerability of the Apache modcgi module for HTTP servers in the SonicWall network devices from the SMA series SMA 100, SMA 200, SMA 210, SMA 400, SMA 410, and SMA 500v is related to the execution of code outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to...
CVE-2021-20038
A Stack-based buffer overflow vulnerability in SMA100 Apache httpd server's modcgi module environment variables allows a remote unauthenticated attacker to potentially execute code as a 'nobody' user in the appliance. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances firmware...
Sonicwall SMA100 缓冲区错误漏洞
The Sonicwall SMA100 is a secure access gateway appliance from Sonicwall, Inc. A buffer error vulnerability in the modcgi module environment variable of the SonicWall SMA100 Apache httpd server allows an unauthenticated, remote attacker to potentially execute code as the nobody user in the device...
The vulnerability of Cisco Nexus 7000 software allows a malicious individual to execute arbitrary code.
The GNU Bash command shell, as of version 4.3 and later, incorrectly handles lines that follow the declaration of a function exported as a variable. This allows a malicious actor to execute arbitrary code by interfering with environment variables. Security researchers have confirmed that this...
UBUNTU-CVE-2014-6277
GNU Bash through 4.3 bash43-026 does not properly parse function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code or cause a denial of service uninitialized memory access, and untrusted-pointer read and write operations via a crafted...
UBUNTU-CVE-2014-6271
GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the modcgi and modcg...