731 matches found
Debian DSA-760-1 : ekg - several vulnerabilities
Several vulnerabilities have been discovered in ekg, a console Gadu Gadu client, an instant messaging program. The Common Vulnerabilities and Exposures project identifies the following vulnerabilities : - CAN-2005-1850 Marcin Owsiany and Wojtek Kaniewski discovered insecure temporary file creatio...
[SECURITY] [DSA 760-1] New ekg packages fix several vulnerabilities
-------------------------------------------------------------------------- Debian Security Advisory DSA 760-1 [email protected] http://www.debian.org/security/ Martin Schulze July 18th, 2005 http://www.debian.org/security/faq -...
[SA15985] USANet Creations Products Shell Command Injection Vulnerability
---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...
[SA15981] pngcntrp "kaiseki.cgi" Shell Command Injection Vulnerability
---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...
[SA15754] NanoBlogger Plugins Shell Command Injection Vulnerability
---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...
[SA15054] WebAPP E-Cart Module Shell Command Injection Vulnerability
---------------------------------------------------------------------- Want a new IT Security job? Vacant positions at Secunia: http://secunia.com/secuniavacancies/ ---------------------------------------------------------------------- TITLE: WebAPP E-Cart Module Shell Command Injection...
[SA14384] TWiki ImageGalleryPlugin Shell Command Injection
TITLE: TWiki ImageGalleryPlugin Shell Command Injection SECUNIA ADVISORY ID: SA14384 VERIFY ADVISORY: http://secunia.com/advisories/14384/ CRITICAL: Moderately critical IMPACT: System access WHERE: From remote SOFTWARE: ImageGalleryPlugin 1.x TWiki plugin http://secunia.com/product/4707/...
TWiki ImageGalleryPlugin Shell Command Injection
According to its version number, the instance of TWiki running on the remote host is affected by a shell command injection vulnerability in the ImageGalleryPlugin component. In addition, the wording of a 'robustness' patch released by the vendor indicates this version may be affected by other inp...
SUSE-SA:2002:036: mod_php4
The remote host is missing the patch for the advisory SUSE-SA:2002:036 modphp4. PHP is a well known and widely used web programming language. If a PHP script runs in 'safe mode' several restrictions are applied to it including limits on execution of external programs. An attacker can pass shell...
Дырка в библиотеке horde
При обработке поля From: не проверяется наличие метасимволов, что позволяет вставить шелл-команды в письмо...
Tony Greenwood WebWho+ 1.1 - Remote Command Execution
Tony Greenwood WebWho+ 1.1 - Remote Command Execution source: https://www.securityfocus.com/bid/892/info WebWho+ is a free cgi script written by Tony Greenwood for executing whois queries via the www. Though it does perform checks for shell escape characters on some parameters, it misses the 'typ...