14 matches found
EUVD-2017-6002
Malware in sbrugna...
SUSE CVE-2017-14500
Improper Neutralization of Special Elements used in an OS Command in the podcast playback function of Podbeuter in Newsbeuter 0.3 through 2.9 allows remote attackers to perform user-assisted code execution by crafting an RSS item with a media enclosure i.e., a podcast file that includes shell...
Debian: Security Advisory (DLA-1104-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DLA-1104-1 : newsbeuter security update
It was discovered that podbeuter, the podcast fetcher in newsbeuter, a text-mode RSS feed reader, did not properly escape the name of the media enclosure the podcast file, allowing a remote attacker to run an arbitrary shell command on the client machine. This is only exploitable if the file is...
Newsbeuter Remote Command Execution Vulnerability
Newsbeuter is an open source RSS/Atom reader for text terminals running on Unix-like operating systems such as Linux, FreeBSD, and Mac OS X. It can be used in a variety of applications, such as mobile phones, mobile devices, and mobile phones. A security vulnerability exists in the blog playback...
[SECURITY] [DSA 3977-1] newsbeuter security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3977-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso September 18, 2017 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3977-1] newsbeuter security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3977-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso September 18, 2017 https://www.debian.org/security/faq -...
CVE-2017-14500
Improper Neutralization of Special Elements used in an OS Command in the podcast playback function of Podbeuter in Newsbeuter 0.3 through 2.9 allows remote attackers to perform user-assisted code execution by crafting an RSS item with a media enclosure i.e., a podcast file that includes shell...
ALPINE-CVE-2017-14500
Improper Neutralization of Special Elements used in an OS Command in the podcast playback function of Podbeuter in Newsbeuter 0.3 through 2.9 allows remote attackers to perform user-assisted code execution by crafting an RSS item with a media enclosure i.e., a podcast file that includes shell...
CVE-2017-14500
Improper Neutralization of Special Elements used in an OS Command in the podcast playback function of Podbeuter in Newsbeuter 0.3 through 2.9 allows remote attackers to perform user-assisted code execution by crafting an RSS item with a media enclosure i.e., a podcast file that includes shell...
UBUNTU-CVE-2017-14500
Improper Neutralization of Special Elements used in an OS Command in the podcast playback function of Podbeuter in Newsbeuter 0.3 through 2.9 allows remote attackers to perform user-assisted code execution by crafting an RSS item with a media enclosure i.e., a podcast file that includes shell...
CVE-2017-14500
CVE-2017-14500 concerns Newsbeuter/Podbeuter: improper neutralization of shell metacharacters in a podcast enclosure filename within an RSS item can enable user-assisted remote code execution. Affected range: Newsbeuter 0.3–2.9; exploitation relies on crafting a feed item with a malicious filenam...
CVE-2017-14500
Improper Neutralization of Special Elements used in an OS Command in the podcast playback function of Podbeuter in Newsbeuter 0.3 through 2.9 allows remote attackers to perform user-assisted code execution by crafting an RSS item with a media enclosure i.e., a podcast file that includes shell...
CVE-2017-14500
Removed by vendor...