Moderate: Red Hat Security Advisory: perl-Archive-Tar security update

An updated perl-Archive-Tar package that fixes multiple security issues is now available for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

Mandriva Update for freeradius MDVA-2010:031 (freeradius)

Check for the Version of freeradius OpenVAS Vulnerability Test Mandriva Update for freeradius MDVA-2010:031 freeradius Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify...

VMware Server ISAPI Extension Remote Denial Of Service (CVE-2008-3697)

The VMware server is a server virtualization platform that allows a single physical server to run multiple virtual machines simultaneously. The server provides a web-based management interface called VMware Management Console. For VMware server hosted on windows servers, the IIS server is used to...

[SECURITY] Fedora 10 Update: ntp-4.2.4p7-2.fc10

The Network Time Protocol NTP is used to synchronize a computer's time with another reference time source. This package includes ntpd a daemon which continuously adjusts system time and utilities used to query and configure the ntpd daemon. Perl scripts ntp-wait and ntptrace are in the ntp-perl...

Design/Logic Flaw

The port-3443 HTTP server in HP OpenView Network Node Manager OV NNM 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary commands via shell metacharacters in the hostname parameter to unspecified Perl scripts...

CVE-2009-3845

HP OpenView Network Node Manager (OV NNM) vulnerable on port 3443 HTTP server for OV NNM versions 7.01, 7.51 and 7.53. The hostname parameter is not properly sanitized in Perl/CGI scripts, allowing remote attackers to inject and execute arbitrary commands. Documented components include setMon.ovp...

CVE-2009-3845

The port-3443 HTTP server in HP OpenView Network Node Manager OV NNM 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary commands via shell metacharacters in the hostname parameter to unspecified Perl scripts...

Multiple Remote Command Execution vulnerabilities on Avaya Intuity Audix LX (plus some client-side bugs)

It appears that most diagnostic CGI perl scripts that take user-supplied input are vulnerable to Remote Command Execution. These scripts are located on '/html/cswebadm/basic/cgi-bin/'. All the RCE vulnerabilities discovered were tested with an authenticated session using the 'craft' account. Thes...

[SECURITY] Fedora 11 Update: ntp-4.2.4p7-2.fc11

The Network Time Protocol NTP is used to synchronize a computer's time with another reference time source. This package includes ntpd a daemon which continuously adjusts system time and utilities used to query and configure the ntpd daemon. Perl scripts ntp-wait and ntptrace are in the ntp-perl...

[SECURITY] Fedora 9 Update: ntp-4.2.4p7-1.fc9

The Network Time Protocol NTP is used to synchronize a computer's time with another reference time source. This package includes ntpd a daemon which continuously adjusts system time and utilities used to query and configure the ntpd daemon. Perl scripts ntp-wait and ntptrace are in the ntp-perl...

[SECURITY] Fedora 10 Update: ntp-4.2.4p6-1.fc10

The Network Time Protocol NTP is used to synchronize a computer's time with another reference time source. This package includes ntpd a daemon which continuously adjusts system time and utilities used to query and configure the ntpd daemon. Perl scripts ntp-wait and ntptrace are in the ntp-perl...

[SECURITY] Fedora 9 Update: ntp-4.2.4p6-1.fc9

The Network Time Protocol NTP is used to synchronize a computer's time with another reference time source. This package includes ntpd a daemon which continuously adjusts system time and utilities used to query and configure the ntpd daemon. Perl scripts ntp-wait and ntptrace are in the ntp-perl...

Debian Security Advisory DSA 1678-2 (perl)

The remote host is missing an update to perl announced via advisory DSA 1678-2. OpenVAS Vulnerability Test $Id: deb16782.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1678-2 perl Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

[SECURITY] [DSA 1678-2] New perl packages fix regression

------------------------------------------------------------------------ Debian Security Advisory DSA-1678-2 [email protected] http://www.debian.org/security/ Florian Weimer December 21, 2008 http://www.debian.org/security/faq -...

E-Mail header Injection in HiFriend

------------------------------------ -------Header Injection---------- ------------------------------------ Script: hifriend.pl Vendor: Hibyte SoftwareVersion: The free one you get from many webpages Dork: "hifriend.pl" + "cgi-bin" ------------------------------------...

EditTag多个目录遍历漏洞

EditTag是一款WEB应用程序。 EditTag不正确过滤用户提交的输入，远程攻击者可以利用漏洞以WEB权限查看系统文件内容。 问题是多个脚本对用户提交的WEB参数缺少过滤，提交系统文件作为参数数据，可导致以WEB权限查看系统文件内容。 Greg Billock EditTag 1.2 目前没有解决方案提供： http://www.thebilberry.com/greg/edittag http://www.example.com/edittag/edittag.cgi?file=INJECT...

CVE-2004-2550

Multiple cross-site scripting XSS vulnerabilities in unspecified Perl scripts in SandSurfer before 1.7.1 allow remote attackers to inject arbitrary web script or HTML, which is later executed by a target who views reports containing the injected data...

CVE-2005-0130

Certain Perl scripts in Konversation 0.15 allow remote attackers to execute arbitrary commands via shell metacharacters in 1 channel names or 2 song names that are not properly quoted when the user runs IRC scripts...

CVE-2005-0130

Certain Perl scripts in Konversation 0.15 allow remote attackers to execute arbitrary commands via shell metacharacters in 1 channel names or 2 song names that are not properly quoted when the user runs IRC scripts...

GLSA-200501-34 : Konversation: Various vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200501-34 Konversation: Various vulnerabilities Wouter Coekaerts has discovered three vulnerabilities within Konversation: The Server::parseWildcards function, which is used by the 'Quick Buttons', does not properly handle variabl...