Zabbix 1.6.2 Cross Site Request Forgery

nGenuity Information Services - Security Advisory Advisory ID: NGENUITY-2009-006 - Zabbix Multiple Frontend CSRF Application: Zabbix 1.6.2 Vendor: Zabbix Vendor website: http://www.zabbix.com Author: Adam Baldwin [email protected] I. BACKGROUND "ZABBIX is an enterprise-class open source...

virtuemart 1.1.2 - Multiple Vulnerabilities

virtuemart 1.1.2 - Multiple Vulnerabilities Author: Janek Vind "waraxe" Date: 24. January 2009 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-71.html Description of vulnerable software: VirtueMart is an Open Source E-Commerce solution to be used together with a Content Management...

Mandrake Security Advisory MDVSA-2009:041 (jhead)

The remote host is missing an update to jhead announced via advisory MDVSA-2009:041. OpenVAS Vulnerability Test $Id: mdksa2009041.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:041 jhead Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...

FreeBSD : twiki -- multiple vulnerabilities (f98dea27-d687-11dd-abd1-0050568452ac)

Marc Schoenefeld and Steve Milner of RedHat SRT and Peter Allor of IBM ISS report : XSS vulnerability with URLPARAM variable SEARCH variable allows arbitrary shell command execution %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...

Gentoo Security Advisory GLSA 200701-23 (cacti)

The remote host is missing updates announced in advisory GLSA 200701-23. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Gentoo Security Advisory GLSA 200701-23 (cacti)

The remote host is missing updates announced in advisory GLSA 200701-23. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Gentoo Security Advisory GLSA 200611-22 (horde-ingo)

The remote host is missing updates announced in advisory GLSA 200611-22. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2008-4101

CVE-2008-4101 affects Vim 3.0 through 7.x prior to 7.2.010. The issue arises from improper escaping in Vim’s keyword/tag handling, allowing user-assisted arbitrary code execution via crafted input when performing certain keystrokes (e.g., ;, Ctrl-], or g]). The connected documents corroborate thi...

p5-UI-Dialog -- shell command execution vulnerability

Matthijs Kooijman reports: It seems that the whiptail, cdialog and kdialog backends apply some improper escaping in their shell commands, causing special characters present in menu item titles to be interpreted by the shell. This includes the backtick evaluation operator, so this constitutes a...

centerim-exec.txt

Application: CenterIM http://www.centerim.org/index.php/MainPage Versions: centerim = 4.22.3 OS: Linux Bug: Execution of shell commands Exploit: remote Date: 15 March 2008 Author: Brian Fonfara w00 eMail: [email protected] Web: newb.kicks-ass.net 1 Bug 2 Exploit ======= 1 Bug ======= Received...

waraxe-2008-SA065.txt

waraxe-2008-SA065 - Remote Shell Command Execution in Coppermine 1.4.14 =============================================================================== Author: Janek Vind "waraxe" Date: 30. January 2008 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-65.html Target software descriptio...

[waraxe-2008-SA#065] - Remote Shell Command Execution in Coppermine 1.4.14

waraxe-2008-SA065 - Remote Shell Command Execution in Coppermine 1.4.14 =============================================================================== Author: Janek Vind "waraxe" Date: 30. January 2008 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-65.html Target software descriptio...

Debian: Security Advisory (DSA-1364-2)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian Security Advisory DSA 1270-1 (openoffice.org)

The remote host is missing an update to openoffice.org announced via advisory DSA 1270-1. Several security related problems have been discovered in OpenOffice.org, the free office suite. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2007-0002 iDefense...

HP notebooks remote code execution vulnerability (multiple series)

Advisory: ///////// Multiple Hewlett-Packard notebook series are prone to a remote code execution attack. The manufacturer's preinstalled software contains a critical flaw within the software built to support one-touch button quick feature access. Overview: ///////// Software called "HP Info...

HP Compaq Notebooks - ActiveX Remote Code Execution

HP Compaq Notebooks - ActiveX Remote Code Execution !- Advisory: Multiple Hewlett-Packard notebook series are prone to a remote code execution attack. The manufacturer's preinstalled software contains a critical flaw within the software built to support one-touch button quick feature access...

[SECURITY] [DSA 1364-2] New vim packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 1364-2 [email protected] http://www.debian.org/security/ dann frazier September 19th, 2007 http://www.debian.org/security/faq - -...

DSA-1364-2 vim - several vulnerabilities

Bulletin has no description...

[SECURITY] [DSA 1364-1] New vim packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 1364-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff September 1st, 2007 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1297-1] New gforge-plugin-scmcvs packages fix arbitrary shell command execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 1297-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff May 24th, 2007 http://www.debian.org/security/faq -...