105 matches found
WEBgais 1.0 websendmail Remote Command Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/2077/info WEBgais is a package that provides a web interface to the gais Global Area Intelligent Search search engine tool. This package contains a vulnerable script, websendmail, which can be used to execute arbitrary...
Linux Kernel < 2.6.22 ftruncate()/open() Local Exploit
No description provided by source. / gw-ftrex.c: Linux kernel 2.6.22 open/ftruncate local exploit by gat3way at gat3way dot eu bug information: http://osvdb.org/49081 !!!This is for educational purposes only!!! To use it, you've got to find a sgid directory you've got permissions to write into...
W3Mail 1.0.6 File Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/6170/info Versions of W3Mail 1.0.6 and greater are susceptible to a file disclosure vulnerability. To view attachments, the script viewAttachment.cgi accepts the parameter file. The value of this parameter is passed to th...
Webmin show.cgi Open Function Call Command Execution
Added: 11/26/2012 CVE: CVE-2012-2982 BID: 55446 OSVDB: 85248 Background Webmin is a web-based interface for system administration of Unix systems. The Webmin web server listens by default on port 10000/tcp. Problem Webmin 1.59 and earlier are vulnerable to remote code execution as a result of...
Webmin show.cgi Open Function Call Command Execution
Added: 11/26/2012 CVE: CVE-2012-2982 BID: 55446 OSVDB: 85248 Background Webmin is a web-based interface for system administration of Unix systems. The Webmin web server listens by default on port 10000/tcp. Problem Webmin 1.59 and earlier are vulnerable to remote code execution as a result of...
QUIK email(QuarkMail)remote command execution vulnerabilities and fixes-vulnerability warning-the black bar safety net
Vulnerability Description: The QUIK e-mail(QuarkMail Beijing Xiong Zhi weiye science and Technology Company launched the e-mail system, is widely used in various areas of email solutions, webmail section Using perl cgi to write, but 80sec in their system found a major security vulnerability leads...
CVE-2009-4033
A certain Red Hat patch for acpid 1.0.4 effectively triggers a call to the open function with insufficient arguments, which might allow local users to leverage weak permissions on /var/log/acpid, and obtain sensitive information by reading this file, cause a denial of service by overwriting this...
GLSA-200809-06 : VLC: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-200809-06 VLC: Multiple vulnerabilities g reported the following vulnerabilities: An integer overflow leading to a heap-based buffer overflow in the Open function in modules/demux/tta.c CVE-2008-3732. A signedness error leading to...
Integer overflow
Integer overflow in the Open function in modules/demux/tta.c in VLC Media Player 0.8.6i allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted TTA file, which triggers a heap-based buffer overflow. NOTE: some of these details are...
CVE-2008-3732
VLC Media Player (version around 0.8.6i) is affected by CVE-2008-3732 due to an integer overflow in the Open() function (modules/demux/tta.c). This causes a heap-based buffer overflow that can lead to remote denial of service (crash) and potentially remote code execution when a crafted TTA file i...
GLSA-200807-13 : VLC: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-200807-13 VLC: Multiple vulnerabilities Remi Denis-Courmont reported that VLC loads plugins from the current working directory in an unsafe manner CVE-2008-2147. Alin Rad Pop Secunia Research reported an integer overflow error in...
CVE-2008-2430
Integer overflow in the Open function in modules/demux/wav.c in VLC Media Player 0.8.6h on Windows allows remote attackers to execute arbitrary code via a large fmt chunk in a WAV file...
Integer overflow
Integer overflow in the Open function in modules/demux/wav.c in VLC Media Player 0.8.6h on Windows allows remote attackers to execute arbitrary code via a large fmt chunk in a WAV file...
CVE-2008-2430
CVE-2008-2430 affects VLC Media Player 0.8.6h on Windows via an integer overflow in the Open() function of modules/demux/wav.c when parsing a WAV fmt chunk that is too large. This vulnerability could allow remote code execution by luring a user to open a specially crafted WAV file. Related adviso...
kernel: Missing ioctl() permission checks in aacraid driver
The 1 aaccfgopen and 2 aaccompatioctl functions in the SCSI layer ioctl path in aacraid in the Linux kernel before 2.6.23-rc2 do not check permissions for ioctls, which might allow local users to cause a denial of service or gain privileges...
shadow: Privilege escalation
Background shadow provides a set of utilities to deal with user accounts. Description When the mailbox is created in useradd, the "open" function does not receive the three arguments it expects while OCREAT is present, which leads to random permissions on the created file, before fchmod is...
CVE-2006-1174
useradd in shadow-utils before 4.0.3, and possibly other versions before 4.0.8, does not provide a required argument to the open function when creating a new user mailbox, which causes the mailbox to be created with unpredictable permissions and possibly allows attackers to read or modify the...
CVE-2006-1174
useradd in shadow-utils before 4.0.3, and possibly other versions before 4.0.8, does not provide a required argument to the open function when creating a new user mailbox, which causes the mailbox to be created with unpredictable permissions and possibly allows attackers to read or modify the...
FreeBSD : awstats -- arbitrary command execution vulnerability (2df297a2-dc74-11da-a22b-000c6ec775d9)
OS Reviews reports : If the update of the stats via web front-end is allowed, a remote attacker can execute arbitrary code on the server using a specially crafted request involving the migrate parameter. Input starting with a pipe character '|' leads to an insecure call to Perl's open function an...
AWStats migrate Parameter Arbitrary Command Execution
The remote host is running AWStats, a free logfile analysis tool written in Perl. The version of AWStats installed on the remote host fails to sanitize input to the 'migrate' parameter before passing it to a Perl 'open' function. Provided 'AllowToUpdateStatsFromBrowser' is enabled in the AWStats...