2631 matches found
Fedora 25 : perl-Net-Ping-External (2017-c7514691cb)
Fixes a command injection vulnerability CVE-2008-7319 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...
Fedora 26 : perl-Net-Ping-External (2017-69e06543c1)
Fixes a command injection vulnerability CVE-2008-7319 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...
[SECURITY] Fedora 27 Update: perl-Net-Ping-External-0.15-11.fc27
Net::Ping::External is a module which interfaces with the "ping" command on many systems. It presently provides a single function, ping, that takes in a hostname and optionally a timeout and returns true if the host is alive, and false otherwise. Unless you have the ability and willingness to run...
Perl Net::Ping::External extension command injection vulnerability
Perl is a free and powerful cross-platform programming language developed by American programmer Larry Wall.Net::Ping::External extension is one of the cross-platform Ping tools. A security vulnerability exists in Perl Net::Ping::External extension version 0.15 and earlier, which is caused by the...
OracleVM 3.3 : Unbreakable / etc (OVMSA-2017-0168)
The remote OracleVM system is missing necessary patches to address critical security updates : - nvme: Drop nvmeq-qlock before dmapoolalloc, so as to prevent hard lockups Aruna Ramakrishna Orabug: 25409587 - nvme: Handle PM1725 HIL reset Martin K. Petersen Orabug: 26277600 - char: lp: fix possibl...
CVE-2008-7319
The Net::Ping::External extension through 0.15 for Perl does not properly sanitize arguments e.g., invalid hostnames containing shell metacharacters before use of backticks in External.pm, allowing for shell command injection and arbitrary command execution if untrusted input is used...
UBUNTU-CVE-2008-7319
The Net::Ping::External extension through 0.15 for Perl does not properly sanitize arguments e.g., invalid hostnames containing shell metacharacters before use of backticks in External.pm, allowing for shell command injection and arbitrary command execution if untrusted input is used...
Command injection
The Net::Ping::External extension through 0.15 for Perl does not properly sanitize arguments e.g., invalid hostnames containing shell metacharacters before use of backticks in External.pm, allowing for shell command injection and arbitrary command execution if untrusted input is used...
CVE-2008-7319
The Net::Ping::External extension through 0.15 for Perl does not properly sanitize arguments e.g., invalid hostnames containing shell metacharacters before use of backticks in External.pm, allowing for shell command injection and arbitrary command execution if untrusted input is used...
CVE-2008-7319
The Net::Ping::External extension through 0.15 for Perl does not properly sanitize arguments e.g., invalid hostnames containing shell metacharacters before use of backticks in External.pm, allowing for shell command injection and arbitrary command execution if untrusted input is used...
CVE-2008-7319
The CVE-2008-7319 issue affects the Perl Net::Ping::External extension (up to version 0.15) where External.pm does not properly sanitize inputs containing shell metacharacters before using backticks, enabling shell command injection and arbitrary command execution when untrusted input is supplied...
Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2017-3636)
The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-3636 advisory. - char: lp: fix possible integer overflow in lpsetup Willy Tarreau Orabug: 26403940 CVE-2017-1000363 - ALSA: timer: Fix missing queue indices reset...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.19.12 - nvme: Drop nvmeq-qlock before dmapoolalloc, so as to prevent hard lockups Aruna Ramakrishna Orabug: 25409587 3.8.13-118.19.11 - nvme: Handle PM1725 HIL reset Martin K. Petersen Orabug: 26277600 - char: lp: fix possible integer overflow in lpsetup Willy Tarreau Orabug...
The vulnerability of D-Link and TRENDnet’s microprogrammed router services allows attackers to execute arbitrary commands or bypass authentication mechanisms, thereby gaining full control over the device.
The vulnerability of D-Link and TRENDnet’s microprogrammed router software services is related to deficiencies in the authentication process when processing the ping command. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using the pingaddr parameter...
The vulnerability of D-Link and TRENDnet’s microprogrammed router services allows attackers to execute arbitrary commands or bypass authentication mechanisms, thereby gaining full control over the device.
The vulnerability of D-Link and TRENDnet’s microprogrammed router software services is related to deficiencies in the authentication process when processing the ping command. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using the pingaddr parameter...
The vulnerability of D-Link and TRENDnet’s microprogrammed router services allows attackers to execute arbitrary commands or bypass authentication mechanisms, thereby gaining full control over the device.
The vulnerability of D-Link and TRENDnet’s microprogrammed router software services is related to deficiencies in the authentication process when processing the ping command. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using the pingaddr parameter...
The vulnerability of D-Link and TRENDnet’s microprogrammed router services allows attackers to execute arbitrary commands or bypass authentication mechanisms, thereby gaining full control over the device.
The vulnerability of D-Link and TRENDnet’s microprogrammed router software services is related to deficiencies in the authentication process when processing the ping command. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using the pingaddr parameter...
The vulnerability of D-Link and TRENDnet’s microprogrammed router services allows attackers to execute arbitrary commands or bypass authentication mechanisms, thereby gaining full control over the device.
The vulnerability of D-Link and TRENDnet’s microprogrammed router software services is related to deficiencies in the authentication process when processing the ping command. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using the pingaddr parameter...
The vulnerability of D-Link and TRENDnet’s microprogrammed router services allows attackers to execute arbitrary commands or bypass authentication mechanisms, thereby gaining full control over the device.
The vulnerability of D-Link and TRENDnet’s microprogrammed router software services is related to deficiencies in the authentication process when processing the ping command. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using the pingaddr parameter...
The vulnerability of D-Link and TRENDnet’s microprogrammed router services allows attackers to execute arbitrary commands or bypass authentication mechanisms, thereby gaining full control over the device.
The vulnerability of D-Link and TRENDnet’s microprogrammed router software services is related to deficiencies in the authentication process when processing the ping command. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using the pingaddr parameter...