FreeBSD : konversation -- shell script command injection (5c7bb4dd-6a56-11d9-97ec-000c6e8f12ef)

Konversation comes with Perl scripts that do not properly escape shell characters on executing a script. This makes it possible to attack Konversation with shell script command injection. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin...

B2 0.6 - 'b2edit.showposts.php?b2inc' Remote File Inclusion

source: https://www.securityfocus.com/bid/4673/info B2 is a news/weblog tool written in php. b2 allows webmasters to quickly post news on the frontpage, and let viewers interact with each other. It is available primarily for Unix and Linux. A variable that is referenced in the PHP scripts does no...

PT-2001-1015 · Util Linux +1 · Util-Linux +1

Name of the Vulnerable Software and Affected Versions: util-linux versions prior to 2.11n Red Hat Enterprise Linux affected versions not specified Description: The issue allows local users to overwrite arbitrary files by setting a hardlink from the typescript log file to any file on the system,...

script.command.txt

------------------------------------------------------------- Title: Silly hardlink vulnerability in UNIX 'script' command Linux version maintainer: Andries Brouwer [email protected] Bug found by: Marco van Berkum [email protected] Date: 17-12-2001 Priority: low...