ftpd Gem for Ruby Shell Character Handling Remote Command Injection

ftpd Gem for Ruby contains a flaw that is triggered when handling a specially crafted option or filename that contains a shell character. This may allow a remote attacker to inject arbitrary commands...

Microsoft IIS FTP Service CVE-2012-2532 Remote Command Injection Vulnerability

Description Microsoft IIS is prone to a remote command-injection vulnerability because it fails to adequately sanitize user-supplied input data. Remote attackers can exploit this issue to execute arbitrary commands with the privileges of the application; this may disclose sensitive information...

Microsoft Windows File/Directory Names Handling Arbitrary Command Injection Vulnerability

Description Microsoft Windows is prone to a remote command-injection that affects the Windows Shell component vulnerability because it fails to adequately sanitize user-supplied input data. Attackers can exploit this issue to execute arbitrary shell commands with user-level privileges. This may...

Munin 2.0~rc4-1 - Remote Command Injection

source: https://www.securityfocus.com/bid/53032/info Munin is prone to a remote command-injection vulnerability. Attackers can exploit this issue to inject and execute arbitrary commands in the context of the application. printf 'GET /cgi-bin/munin-cgi-graph/%%0afoo%%0a/x/x-x.png HTTP/1.0\r\nHost...

Munin 2.0~rc4-1 - Remote Command Injection

Munin 2.0rc4-1 - Remote Command Injection source: https://www.securityfocus.com/bid/53032/info Munin is prone to a remote command-injection vulnerability. Attackers can exploit this issue to inject and execute arbitrary commands in the context of the application. printf 'GET...

WebGlimpse 2.14.1/2.18.8 - 'webglimpse.cgi' Remote Command Injection

source: https://www.securityfocus.com/bid/52627/info WebGlimpse is prone to a remote command-injection vulnerability. Attackers can exploit this issue to execute arbitrary commands in the context of the application. WebGlimpse versions prior to 20.20.0 are affected...

WebGlimpse 2.14.12.18.8 - webglimpse.cgi Remote Command Injection

WebGlimpse 2.14.12.18.8 - webglimpse.cgi Remote Command Injection source: https://www.securityfocus.com/bid/52627/info WebGlimpse is prone to a remote command-injection vulnerability. Attackers can exploit this issue to execute arbitrary commands in the context of the application. WebGlimpse...

Centreon 'command_name' Parameter Remote Command Execution Vulnerability

Centreon is prone to a remote command-injection vulnerability. Attackers can exploit this issue to execute arbitrary commands in the context of the application. Centreon 2.3.1 is affected; other versions may also be vulnerable. OpenVAS Vulnerability Test $Id: gbcentreon50568.nasl 7044 2017-09-01...

Centreon 'command_name' Parameter RCE Vulnerability

Centreon is prone to a remote command-injection vulnerability. Attackers can exploit this issue to execute arbitrary commands in the context of the application. Centreon 2.3.1 is affected. Other versions may also be vulnerable. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions migh...

Centreon 2.3.1 - 'command_name' Remote Command Execution

source: https://www.securityfocus.com/bid/50568/info Centreon is prone to a remote command-injection vulnerability. Attackers can exploit this issue to execute arbitrary commands in the context of the application. Centreon 2.3.1 is affected; other versions may also be vulnerable...

SuSE 11.1 Security Update : vpnc (SAT Patch Number 5027)

This update of vpnc fixes a flaw in the modifyresolvconfsuse script that could potentially allow remote attackers to inject commands through specially crafted DNS domains. CVE-2011-2660 Also a rekeying during reconnect was improved. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

Symantec System Center Alert Management System (xfr.exe) Arbitrary Command Execution

$Id: amsxfr.rb 13591 2011-08-19 18:35:29Z mc $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require...

Symantec System Alert Management System (xfr.exe) Command Execution

Exploit for windows platform in category remote exploits $Id: amsxfr.rb 13591 2011-08-19 18:35:29Z mc $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing an...

Symantec System Center Alert Management System (hndlrsvc.exe) Arbitrary Command Execution

Symantec System Center Alert Management System is prone to a remote command-injection vulnerability because the application fails to properly sanitize user-supplied input. This is part of Symantec AntiVirus Corporate Edition 8.0 - 10.1.7. This module requires Metasploit:...

Symantec System Center Alert Management System (xfr.exe) Arbitrary Command Execution

Symantec System Center Alert Management System is prone to a remote command-injection vulnerability because the application fails to properly sanitize user-supplied input. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framewo...

Symantec System Center Alert Management System - 'hndlrsvc.exe' Arbitrary Command Execution (Metasploit)

$Id: amshndlrsvc.rb 13591 2011-08-19 18:35:29Z mc $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...

Microsoft Lync Server 2010 - ReachJoin.aspx Remote Command Injection

Microsoft Lync Server 2010 - ReachJoin.aspx Remote Command Injection source: https://www.securityfocus.com/bid/48235/info Microsoft Lync Server 2010 is prone to a remote command-injection vulnerability because it fails to properly sanitize user-supplied input. Attackers can exploit this issue to...

Microsoft Lync Server 2010 - 'ReachJoin.aspx' Remote Command Injection

source: https://www.securityfocus.com/bid/48235/info Microsoft Lync Server 2010 is prone to a remote command-injection vulnerability because it fails to properly sanitize user-supplied input. Attackers can exploit this issue to execute arbitrary commands in the context of the application. Microso...

WebSVN 2.3.2 - Unproper Metacharacters Escaping exec() Remote Command Injection

WebSVN 2.3.2 - Unproper Metacharacters Escaping exec Remote Command Injection WebSVN 2.3.2 Unproper Metacharacters Escaping exec Remote Commands Injection Vulnerability tested against: Microsoft Windows Server R2 SP2 PHP 5.3.6 VC9 with magicquotesgpc = off default Apache 2.2.17 VC9 Introduction:...

WebSVN 2.3.2 - Unproper Metacharacters Escaping 'exec()' Remote Command Injection

WebSVN 2.3.2 Unproper Metacharacters Escaping exec Remote Commands Injection Vulnerability tested against: Microsoft Windows Server R2 SP2 PHP 5.3.6 VC9 with magicquotesgpc = off default Apache 2.2.17 VC9 Introduction: This is a very special vulnerabilty, given the incredibly high number of...