Windows Run Command As User

This module will login with the specified username/password and execute the supplied command as a hidden process. Output is not returned by default. Unless targeting a local user either set the DOMAIN, or specify a UPN user format e.g. user@domain. This uses the CreateProcessWithLogonW WinAPI...

Ubuntu 14.04 LTS : mime-support vulnerability (USN-2453-1)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-2453-1 advisory. Timothy D. Morgan discovered that the run-mailcap tool incorrectly filtered certain shell metacharacters in filenames. If a user or automated system were tricked...

USN-2453-1: mime-support vulnerability

Timothy D. Morgan discovered that the run-mailcap tool incorrectly filtered certain shell metacharacters in filenames. If a user or automated system were tricked into opening a file with a specially-crafted filename, a remote attacker could possibly execute arbitrary code...

USN-2453-1 mime-support vulnerability

Timothy D. Morgan discovered that the run-mailcap tool incorrectly filtered certain shell metacharacters in filenames. If a user or automated system were tricked into opening a file with a specially-crafted filename, a remote attacker could possibly execute arbitrary code...

Code injection

run-mailcap in the Debian mime-support package before 3.52-1+deb7u1 allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a filename...

mime-support Package 'run-mailcap' Command Injection Vulnerability

run-mailcap is a tool that executes a program from items in a mailcap file. run-mailcap fails to properly handle shell metacharacters in filenames, allowing an attacker to exploit a vulnerability for command injection attacks that can execute arbitrary shell commands...

UBUNTU-CVE-2014-9853

Memory leak in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service memory consumption via a crafted rle file...

mime-support shell characters injection

run-mailcap special shell characters injection...

[SECURITY] [DSA 3114-1] mime-support security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3114-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso December 29, 2014 http://www.debian.org/security/faq -...

DSA-3114-1 mime-support - security update

Bulletin has no description...

DEBIAN-CVE-2014-6408

Docker 1.3.0 through 1.3.1 allows remote attackers to modify the default run profile of image containers and possibly bypass the container by applying unspecified security options to an image...

CVE-2014-6408

Docker 1.3.0 through 1.3.1 allows remote attackers to modify the default run profile of image containers and possibly bypass the container by applying unspecified security options to an image...

CVE-2014-6408

Docker 1.3.0 through 1.3.1 allows remote attackers to modify the default run profile of image containers and possibly bypass the container by applying unspecified security options to an image...

PT-2014-7211 · Docker +1 · Docker +1

Name of the Vulnerable Software and Affected Versions: Docker versions 1.3.0 through 1.3.1 Description: The issue allows remote attackers to modify the default run profile of image containers. This could possibly lead to bypassing the container by applying unspecified security options to an image...

Microsoft Internet Explorer display:run-in Use-After-Free Remote Code Execution 0day Exploit

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The vulnerability relates to how...

Oracle Linux 6 : kernel (ELSA-2014-1392)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-1392 advisory. - kernel futex: Fix errors in nested key ref-counting Denys Vlasenko 1094458 CVE-2014-0205 Tenable has extracted the preceding description block direct...

DEBIAN-CVE-2013-7329

The CGI::Application module before 4.5050 and 4.5051 for Perl, when run modes are not specified, allows remote attackers to obtain sensitive information web queries and environment details via vectors related to the dumphtml function...

CVE-2014-2886

GKSu 2.0.2, when sudo-mode is not enabled, uses " double quote characters in a gksu-run-helper argument, which allows attackers to execute arbitrary commands in certain situations involving an untrusted substring within this argument, as demonstrated by an untrusted filename encountered during...

UBUNTU-CVE-2014-2886

GKSu 2.0.2, when sudo-mode is not enabled, uses " double quote characters in a gksu-run-helper argument, which allows attackers to execute arbitrary commands in certain situations involving an untrusted substring within this argument, as demonstrated by an untrusted filename encountered during...

CVE-2014-2886

GKSu 2.0.2, when sudo-mode is not enabled, uses " double quote characters in a gksu-run-helper argument, which allows attackers to execute arbitrary commands in certain situations involving an untrusted substring within this argument, as demonstrated by an untrusted filename encountered during...