5 matches found
EUVD-2008-6520
Malware in sbrugna...
Command injection
cgi-bin/webutil.pl in The Puppet Master WebUtil 2.7 allows remote attackers to execute arbitrary commands via shell metacharacters in the details command...
CVE-2008-6557
cgi-bin/webutil.pl in The Puppet Master WebUtil 2.7 allows remote attackers to execute arbitrary commands via shell metacharacters in the details command...
CVE-2008-6556
cgi-bin/webutil.pl in The Puppet Master WebUtil 2.3 allows remote attackers to execute arbitrary commands via shell metacharacters in the whois command...
CVE-2008-6556
CVE-2008-6556 affects The Puppet Master WebUtil 2.3 via cgi-bin/webutil.pl . The vulnerability allows remote attackers to execute arbitrary commands by supplying shell metacharacters in the whois parameter. The root cause is improper handling of user-supplied input in the whois command, enabling ...