12 matches found
EUVD-2001-0217
Malware in sbrugna...
EUVD-2001-0216
Malware in sbrugna...
PALS Library System WebPALS 1.0 pals-cgi Arbitrary Command Execution
No description provided by source. source: http://www.securityfocus.com/bid/2372/info A specially crafted URL composed of a known filename, will disclose the requested file residing on a machine running WebPALS. This vulnerability will also allow an attacker to execute arbitrary code with root...
CVE-2001-0216
PALS Library System pals-cgi program allows remote attackers to execute arbitrary commands via shell metacharacters in the documentName parameter...
CVE-2001-0217
Directory traversal vulnerability in PALS Library System pals-cgi program allows remote attackers to read arbitrary files via a .. dot dot in the documentName parameter...
CVE-2001-0216
The CVE-2001-0216 issue affects the PALS Library System pals-cgi program. The vulnerability arises from shell metacharacters in the documentName parameter, enabling remote attackers to execute arbitrary commands via the CGI. NVD data indicates a NETWORK attack vector with LOW complexity and no au...
CVE-2001-0217
The connected Nessus source (PALS Library System WebPALS pals-cgi Multiple Vulnerabilities) confirms a directory traversal flaw in the pals-cgi CGI of the PALS Library System. The vulnerability allows an attacker to read arbitrary files via the .. sequence in the documentName parameter, with the ...
CVE-2001-0217
Directory traversal vulnerability in PALS Library System pals-cgi program allows remote attackers to read arbitrary files via a .. dot dot in the documentName parameter...
CVE-2001-0216
PALS Library System pals-cgi program allows remote attackers to execute arbitrary commands via shell metacharacters in the documentName parameter...
PALS Library System "show files" Vulnerability and remote command execution
Name: PALS Library System "show files" Vulnerability and remote command executiom. Date: 02.02.2001 About: This script is derived from an idea originated at St.Olaf College to provide a www interface to the PALS Library System. This idea was then worked on at Georgia State University. This versio...
PALS Library System WebPALS pals-cgi Multiple Vulnerabilities
The 'pals-cgi' CGI is installed. This CGI has a well known security flaw that lets an attacker read arbitrary files with the privileges of the http daemon usually root or nobody. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc';...
PALS Library System WebPALS 1.0 - pals-cgi Traversal Arbitrary File Read
source: https://www.securityfocus.com/bid/2372/info A specially crafted URL composed of a known filename, will disclose the requested file residing on a machine running WebPALS. This vulnerability will also allow an attacker to execute arbitrary code with root privileges...