20 matches found
EUVD-2017-5982
Malware in sbrugna...
EUVD-2017-5984
Malware in sbrugna...
EUVD-2017-5980
Malware in sbrugna...
CVE-2017-14476
In the MMM::Agent::Helpers::Network::addip function in MySQL Multi-Master Replication Manager MMM mmmagentd 2.2.1 for Solaris, a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\agentd process. An...
Fedora 26 : mysql-mmm (2018-92f04c6b61)
Multi-Master Replication Manager for MySQL mmmagentd Remote Command Injection Vulnerabilities This update adds data sanitization to inputs for the mmm agent. Multiple exploitable remote command injection vulnerabilities exist in the MySQL Master-Master Replication Manager MMM mmmagentd daemon...
CVE-2017-14476
In the MMM::Agent::Helpers::Network::addip function in MySQL Multi-Master Replication Manager MMM mmmagentd 2.2.1 for Solaris, a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\agentd process. An...
Command injection
In the MMM::Agent::Helpers::Network::clearip function in MySQL Multi-Master Replication Manager MMM mmmagentd 2.2.1 for Linux, a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\agentd process. An...
Command injection
In the MMM::Agent::Helpers::Network::clearip function in MySQL Multi-Master Replication Manager MMM mmmagentd 2.2.1 for FreeBSD, a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\agentd process. An...
Command injection
In the MMM::Agent::Helpers::Network::addip function in MySQL Multi-Master Replication Manager MMM mmmagentd 2.2.1 for FreeBSD, a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\agentd process. An...
Command injection
In the MMM::Agent::Helpers::Network::clearip function in MySQL Multi-Master Replication Manager MMM mmmagentd 2.2.1 for Solaris, a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\agentd process. An...
Command injection
In the MMM::Agent::Helpers::execute function in MySQL Multi-Master Replication Manager MMM mmmagentd 2.2.1, a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\agentd process. An attacker that can...
CVE-2017-14478
In the MMM::Agent::Helpers::Network::clearip function in MySQL Multi-Master Replication Manager MMM mmmagentd 2.2.1 for Linux, a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\agentd process. An...
CVE-2017-14479
In the MMM::Agent::Helpers::Network::clearip function in MySQL Multi-Master Replication Manager MMM mmmagentd 2.2.1 for Solaris, a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\agentd process. An...
CVE-2017-14480
MMM Agent exposure: A set of remote command injection flaws in MMM::Agent::Helpers::Network (clear_ip/add_ip, check_ip) in mmm_agentd 2.2.1 (FreeBSD; Linux/Solaris variants in related code paths) allows unauthenticated TCP clients to execute arbitrary commands with mmm_agentd privileges. Root cau...
CVE-2017-14481
The CVE-2017-14481 entry concerns a shell command injection in MMM (MySQL MMM) mmm_agentd 2.2.1 (Solaris). The vulnerability resides in MMM::Agent::Helpers::Network::send_arp (and related functions in MMM) where un-sanitized input from MMM protocol messages can be interpolated into shell commands...
CVE-2017-14474
Summary: CVE-2017-14474 and related MMM vulnerabilities affect MMM mmm_agentd 2.2.1, where _execute() constructs a shell command without sanitizing the $params, enabling an unauthenticated attacker who can open a TCP session to execute arbitrary commands with the privileges of mmm_agentd. Related...
CVE-2017-14476
CVE-2017-14476 affects MySQL MMM MMM agent (mmm_agentd) v2.2.1. Multiple remote command-injection vulnerabilities exist in the MMM Agent helpers, notably in MMM::Agent::Helpers::Network::add_ip(), with variants across Linux, Solaris, and FreeBSD, plus related helpers (clear_ip, check_ip) and _exe...
CVE-2017-14475
In the MMM::Agent::Helpers::Network::addip function in MySQL Multi-Master Replication Manager MMM mmmagentd 2.2.1 for Linux, a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\agentd process. An...
CVE-2017-14479
CVE-2017-14479 affects MMM MMM Agent (mmm_agentd) 2.2.1 on Solaris, with a shell command injection in MMM::Agent::Helpers::Network::clear_ip triggered by specially crafted protocol messages via a TCP session. The vulnerability arises from unsafely passing untrusted input (IP/if, etc.) through she...
CVE-2017-14478
In the MMM::Agent::Helpers::Network::clearip function in MySQL Multi-Master Replication Manager MMM mmmagentd 2.2.1 for Linux, a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\agentd process. An...