1774 matches found
MMM mmm_agentd shell command injection vulnerability (CNVD-2018-15649)
MySQL Multi-Master Replication Manager MMM is a set of flexible scripts that performs monitoring/failover and management of MySQL master-master replication configurations. mmmagentd is an agent daemon that runs on each MySQL server and provides a simple set of remote services to the monitoring...
MMM mmm_agentd shell command injection vulnerability (CNVD-2018-15653)
MySQL Multi-Master Replication Manager MMM is a set of flexible scripts that performs monitoring/failover and management of MySQL master-master replication configurations. mmmagentd is an agent daemon that runs on each MySQL server and provides a simple set of remote services to the monitoring...
MMM mmm_agentd shell command injection vulnerability (CNVD-2018-15651)
MySQL Multi-Master Replication Manager MMM is a set of flexible scripts that performs monitoring/failover and management of MySQL master-master replication configurations. mmmagentd is an agent daemon that runs on each MySQL server and provides a simple set of remote services to the monitoring...
CVE-2017-14476
In the MMM::Agent::Helpers::Network::addip function in MySQL Multi-Master Replication Manager MMM mmmagentd 2.2.1 for Solaris, a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\agentd process. An...
CVE-2017-14479
In the MMM::Agent::Helpers::Network::clearip function in MySQL Multi-Master Replication Manager MMM mmmagentd 2.2.1 for Solaris, a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\agentd process. An...
CVE-2017-14478
In the MMM::Agent::Helpers::Network::clearip function in MySQL Multi-Master Replication Manager MMM mmmagentd 2.2.1 for Linux, a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\agentd process. An...
Command injection
In the MMM::Agent::Helpers::Network::addip function in MySQL Multi-Master Replication Manager MMM mmmagentd 2.2.1 for FreeBSD, a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\agentd process. An...
CVE-2017-14475
In the MMM::Agent::Helpers::Network::addip function in MySQL Multi-Master Replication Manager MMM mmmagentd 2.2.1 for Linux, a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\agentd process. An...
CVE-2017-14477
In the MMM::Agent::Helpers::Network::addip function in MySQL Multi-Master Replication Manager MMM mmmagentd 2.2.1 for FreeBSD, a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\agentd process. An...
CVE-2017-14479
In the MMM::Agent::Helpers::Network::clearip function in MySQL Multi-Master Replication Manager MMM mmmagentd 2.2.1 for Solaris, a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\agentd process. An...
CVE-2017-14476
In the MMM::Agent::Helpers::Network::addip function in MySQL Multi-Master Replication Manager MMM mmmagentd 2.2.1 for Solaris, a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\agentd process. An...
CVE-2017-14478
In the MMM::Agent::Helpers::Network::clearip function in MySQL Multi-Master Replication Manager MMM mmmagentd 2.2.1 for Linux, a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\agentd process. An...
Command injection
In the MMM::Agent::Helpers::Network::addip function in MySQL Multi-Master Replication Manager MMM mmmagentd 2.2.1 for Linux, a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\agentd process. An...
CVE-2017-14474
Summary: CVE-2017-14474 and related MMM vulnerabilities affect MMM mmm_agentd 2.2.1, where _execute() constructs a shell command without sanitizing the $params, enabling an unauthenticated attacker who can open a TCP session to execute arbitrary commands with the privileges of mmm_agentd. Related...
CVE-2017-14480
MMM Agent exposure: A set of remote command injection flaws in MMM::Agent::Helpers::Network (clear_ip/add_ip, check_ip) in mmm_agentd 2.2.1 (FreeBSD; Linux/Solaris variants in related code paths) allows unauthenticated TCP clients to execute arbitrary commands with mmm_agentd privileges. Root cau...
CVE-2017-14481
The CVE-2017-14481 entry concerns a shell command injection in MMM (MySQL MMM) mmm_agentd 2.2.1 (Solaris). The vulnerability resides in MMM::Agent::Helpers::Network::send_arp (and related functions in MMM) where un-sanitized input from MMM protocol messages can be interpolated into shell commands...
CVE-2017-14474
In the MMM::Agent::Helpers::execute function in MySQL Multi-Master Replication Manager MMM mmmagentd 2.2.1, a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\agentd process. An attacker that can...
CVE-2017-14480
In the MMM::Agent::Helpers::Network::clearip function in MySQL Multi-Master Replication Manager MMM mmmagentd 2.2.1 for FreeBSD, a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\agentd process. An...
CVE-2017-14476
CVE-2017-14476 affects MySQL MMM MMM agent (mmm_agentd) v2.2.1. Multiple remote command-injection vulnerabilities exist in the MMM Agent helpers, notably in MMM::Agent::Helpers::Network::add_ip(), with variants across Linux, Solaris, and FreeBSD, plus related helpers (clear_ip, check_ip) and _exe...
CVE-2017-14477
CVE-2017-14477 relates to a shell-command injection in MMM::Agent::Helpers::Network::add_ip within MMM mmm_agentd 2.2.1 (FreeBSD). A specially crafted MMM protocol message over TCP can trigger arbitrary command execution with the privileges of mmm_agentd. Connected sources (Talos, CNVD/CVE record...