770 matches found
Oracle Secure Backup login.php rbtool command injection
Added: 01/20/2009 CVE: CVE-2008-5448 BID: 33177 OSVDB: 51342 Background Oracle Secure Backup is a centralized tape backup management solution for Oracle Database. Problem A command injection vulnerability in the Oracle Secure Backup web interface allows a remote attacker to execute arbitrary...
Oracle Secure Backup login.php rbtool command injection
Added: 01/20/2009 CVE: CVE-2008-5448 BID: 33177 OSVDB: 51342 Background Oracle Secure Backup is a centralized tape backup management solution for Oracle Database. Problem A command injection vulnerability in the Oracle Secure Backup web interface allows a remote attacker to execute arbitrary...
Net-SNMP <= 5.1.4/5.2.4/5.4.1 Perl Module Buffer Overflow PoC
Exploit for linux platform in category dos / poc ============================================================= Net-SNMP = 5.1.4/5.2.4/5.4.1 Perl Module Buffer Overflow PoC ============================================================= !usr/bin/perl -w Buffer overflow in the snprintvalue function i...
Adobe Acrobat util.printf JavaScript function buffer overflow
Added: 11/10/2008 CVE: CVE-2008-2992 BID: 30035 OSVDB: 49520 Background Adobe Acrobat is software for creating PDF documents. Problem A buffer overflow vulnerability allows command execution when a user opens a PDF file which calls the util.printf JavaScript function with a specially crafted form...
Adobe Acrobat util.printf JavaScript function buffer overflow
Added: 11/10/2008 CVE: CVE-2008-2992 BID: 30035 OSVDB: 49520 Background Adobe Acrobat is software for creating PDF documents. Problem A buffer overflow vulnerability allows command execution when a user opens a PDF file which calls the util.printf JavaScript function with a specially crafted form...
Adobe Acrobat util.printf JavaScript function buffer overflow
Added: 11/10/2008 CVE: CVE-2008-2992 BID: 30035 OSVDB: 49520 Background Adobe Acrobat is software for creating PDF documents. Problem A buffer overflow vulnerability allows command execution when a user opens a PDF file which calls the util.printf JavaScript function with a specially crafted form...
Code injection
The loadModule function in lib/WebGUI/Asset.pm in WebGUI before 7.5.30 stable allows remote attackers to execute arbitrary code by uploading a Perl module and accessing it via a crafted URL...
CVE-2008-4798
The loadModule function in lib/WebGUI/Asset.pm in WebGUI before 7.5.30 stable allows remote attackers to execute arbitrary code by uploading a Perl module and accessing it via a crafted URL...
Gentoo Security Advisory GLSA 200708-06 (net-dns)
The remote host is missing updates announced in advisory GLSA 200708-06. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
Gentoo Security Advisory GLSA 200708-06 (net-dns)
The remote host is missing updates announced in advisory GLSA 200708-06. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
perl-Crypt-CBC weaker encryption with some ciphers
Crypt::CBC Perl module 2.16 and earlier, when running in RandomIV mode, uses an initialization vector IV of 8 bytes, which results in weaker encryption when used with a cipher that requires a larger block size than 8 bytes, such as Rijndael...
CVE-2008-3285
The Filesys::SmbClientParser module 2.7 and earlier for Perl allows remote SMB servers to execute arbitrary code via a folder name containing shell metacharacters...
[ISecAuditors Security Advisories] SmbClientParser Perl module allows remote command execution
============================================= INTERNET SECURITY AUDITORS ALERT 2006-006 - Original release date: February 28, 2006 - Last revised: July 18th, 2008 - Discovered by: Jesus Olmos Gonzalez - Severity: 5/5 ============================================= I. VULNERABILITY...
SmbClientParser 2.7 Perl Module - Remote Command Execution
SmbClientParser 2.7 Perl Module - Remote Command Execution source: https://www.securityfocus.com/bid/30290/info The SmbClientParser Perl module is prone to a remote command-execution vulnerability because it fails to sufficiently sanitize user-supplied data. Successfully exploiting this issue wil...
smbclientparser-exec.txt
============================================= INTERNET SECURITY AUDITORS ALERT 2006-006 - Original release date: February 28, 2006 - Last revised: July 18th, 2008 - Discovered by: Jesus Olmos Gonzalez - Severity: 5/5 ============================================= I. VULNERABILITY...
HP OpenView Network Node Manager connectedNodes.ovpl command execution
Added: 07/02/2008 CVE: CVE-2005-2773 BID: 14662 OSVDB: 19057 Background HP OpenView Network Node Manager is network availability and performance management software. Problem A command injection vulnerability in the connectedNodes.ovpl CGI script allows remote attackers to execute arbitrary comman...
HP OpenView Network Node Manager connectedNodes.ovpl command execution
Added: 07/02/2008 CVE: CVE-2005-2773 BID: 14662 OSVDB: 19057 Background HP OpenView Network Node Manager is network availability and performance management software. Problem A command injection vulnerability in the connectedNodes.ovpl CGI script allows remote attackers to execute arbitrary comman...
net-snmp: buffer overflow in perl module's Perl Module __snprint_value()
Buffer overflow in the snprintvalue function in snmpget in Net-SNMP 5.1.4, 5.2.4, and 5.4.1, as used in SNMP.xs for Perl, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a large OCTETSTRING in an attribute value pair AVP...
net-snmp security update
5.3.1-24.1 - fix buffer overflow in perl module CVE-2008-2292 449897 - fix SNMPv3 authentication checks unknown CVE 449897...
perl-Crypt-CBC weaker encryption with some ciphers
Crypt::CBC Perl module 2.16 and earlier, when running in RandomIV mode, uses an initialization vector IV of 8 bytes, which results in weaker encryption when used with a cipher that requires a larger block size than 8 bytes, such as Rijndael...