Nagios3 statuswml.cgi Ping Command Execution

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Nagios3...

Design/Logic Flaw

The swiotlb functionality in the r8169 driver in drivers/net/r8169.c in the Linux kernel before 2.6.27.22 allows remote attackers to cause a denial of service IOMMU space exhaustion and system crash by using jumbo frames for a large amount of network traffic, as demonstrated by a flood ping...

CVE-2009-3613

The swiotlb functionality in the r8169 driver in drivers/net/r8169.c in the Linux kernel before 2.6.27.22 allows remote attackers to cause a denial of service IOMMU space exhaustion and system crash by using jumbo frames for a large amount of network traffic, as demonstrated by a flood ping...

NetAccess IP3 - (Authenticated) Ping Option Command Injection

NetAccess IP3 - Force into shell By: r00t Shouts: G., Tee, ES, s1ngl3, and D1g1t5 Requirements: Remote access to an IP3 Any level control panel username/password Vendor Information: Thanks to Sebastian Wolfgarten sebastian at wolfgarten dot com for including vendor information in his AFD vuln...

Let the administrator help you restart the machine-vulnerability warning-the black bar safety net

Let the administrator help you restart the machine Sometimes, we go through the database backup a batch to the Startup menu, you want the server on the next restart to run our batch processing. But we, Ah, etc., the server is not restarting, what should I do? Allow administrator to help us restar...

Alcatel-Lucent OmniPCX Enterprise masterCGI Arbitrary Command Execution

This module abuses a metacharacter injection vulnerability in the HTTP management interface of the Alcatel-Lucent OmniPCX Enterprise Communication Server 7.1 and earlier. The Unified Maintenance Tool contains a 'masterCGI' binary which allows an unauthenticated attacker to execute arbitrary...

Linux Kernel 2.6.x - '/drivers/net/r8169.c' Out-of-IOMMU Error Local Denial of Service

source: https://www.securityfocus.com/bid/36706/info The Linux kernel is prone to a local denial-of-service vulnerability that attackers can exploit to cause an affected computer to panic. Versions prior to the Linux kernel 2.6.26.4 are affected. The following example is available: ping -f -s 300...

Hackers can invade Vientiane, the server of the method of analysis-vulnerability warning-the black bar safety net

Today, many Internet cafes have installed a Vientiane cafe management system, this system brings convenience is obvious. However, the more convenient the system The existence of security risks is greater, many hackers will come up with a hack of this management system approach, and some can even...

Mandrake Security Advisory MDVSA-2009:187 (nagios)

The remote host is missing an update to nagios announced via advisory MDVSA-2009:187. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...

Nagios 'statuswml.cgi' Remote Arbitrary Shell Command Injection Vulnerability

Nagios is prone to a remote command-injection vulnerability because it fails to adequately sanitize user-supplied input data. Remote attackers can exploit this issue to execute arbitrary shell commands with the privileges of the user running the application. Note that for an exploit to succeed,...

No title provided

statuswml.cgi in Nagios before 3.1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the 1 ping or 2 Traceroute parameters...

CVE-2009-2288

statuswml.cgi in Nagios before 3.1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the 1 ping or 2 Traceroute parameters...

CVE-2009-2288

statuswml.cgi in Nagios before 3.1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the 1 ping or 2 Traceroute parameters...

Code injection

statuswml.cgi in Nagios before 3.1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the 1 ping or 2 Traceroute parameters...

Nagios statuswml.cgi远程Shell命令注入漏洞

BUGTRAQ ID: 35464 Nagios是一款免费开放源代码的主机和服务监视软件，可使用在多种Linux和Unix操作系统下。 Nagios没有正确地过滤传送给statuswml.cgi的ping参数，远程攻击者可以通过tools - ping和tools- Traceroute WAP/WML页面注入并执行任意shell命令。例如，Ping主机名/地址173.45.235.65;echo $PATH会返回ping命令的输出并执行和返回echo $PATH命令的输出。 Nagios Nagios 3.1.0 Nagios Nagios 3.0.6 Nagios Nagios 2....

Solaris Update for ping 116775-03

Check for the Version of ping OpenVAS Vulnerability Test Solaris Update for ping 116775-03 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of the G...

Solaris Update for ping 116774-03

Check for the Version of ping OpenVAS Vulnerability Test Solaris Update for ping 116774-03 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of the G...

Solaris Update for /usr/sbin/ping 116986-02

Check for the Version of /usr/sbin/ping OpenVAS Vulnerability Test Solaris Update for /usr/sbin/ping 116986-02 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...

Solaris Update for /usr/sbin/ping 116987-02

Check for the Version of /usr/sbin/ping OpenVAS Vulnerability Test Solaris Update for /usr/sbin/ping 116987-02 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...

Solaris Update for /usr/sbin/ping 116987-02

Check for the Version of /usr/sbin/ping OpenVAS Vulnerability Test Solaris Update for /usr/sbin/ping 116987-02 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...