Lucene search
+L

83 matches found

Tenable Nessus
Tenable Nessus
added 2011/04/07 12:0 a.m.24 views

SuSE9 Security Update : dhcpcd (YOU Patch Number 12696)

A rogue DHCP server could instruct clients to use a host name that contains shell meta characters. Since many scripts in the system do not expect unusal characters in the system's host name the DHCP client needs to sanitize the host name offered by the server. CVE-2011-0996 %NASLMINLEVEL 70300 C...

7.5CVSS6.4AI score0.84292EPSS
Exploits6References4
FreeBSD
FreeBSD
added 2011/04/05 12:0 a.m.39 views

isc-dhcp-client -- dhclient does not strip or escape shell meta-characters

ISC reports: ISC dhclient did not strip or escape certain shell meta-characters in responses from the dhcp server like hostname before passing the responses on to dhclient-script. Depending on the script and OS, this can result in execution of exploit code on the client...

7.5CVSS1.2AI score0.84292EPSS
Exploits6
Tenable Nessus
Tenable Nessus
added 2011/03/31 12:0 a.m.18 views

SuSE 11.1 Security Update : logwatch (SAT Patch Number 4236)

Shell meta characters in log file names could lead to execution of arbitrary code. CVE-2011-1018 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update information. The text itself is copyright C Novell, Inc...

10CVSS5.4AI score0.18321EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2011/03/09 12:0 a.m.24 views

Debian: Security Advisory (DSA-2182-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS6.4AI score0.18321EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2009/09/24 12:0 a.m.21 views

SuSE9 Security Update : gnome-vfs2,gnome-vfs2-doc (YOU Patch Number 10010)

This update fixes the following security problems : - The VFS scripts contained in GNOME are vulnerable to attacks on temporary files as well as command execution via shell meta-characters. These bugs can be exploited by accessing a malformated archive file. CVE-2004-0494 - Insufficient checks wh...

7.5CVSS5.7AI score0.04621EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2009/06/25 12:0 a.m.55 views

Ubuntu 8.04 LTS / 8.10 : moodle vulnerabilities (USN-791-1)

Thor Larholm discovered that PHPMailer, as used by Moodle, did not correctly escape email addresses. A local attacker with direct access to the Moodle database could exploit this to execute arbitrary commands as the web server user. CVE-2007-3215 Nigel McNie discovered that fetching https URLs di...

10CVSS8.3AI score0.54003EPSS
Exploits23References15
Ubuntu
Ubuntu
added 2009/06/24 8:0 p.m.110 views

USN-791-1: Moodle vulnerabilities

Thor Larholm discovered that PHPMailer, as used by Moodle, did not correctly escape email addresses. A local attacker with direct access to the Moodle database could exploit this to execute arbitrary commands as the web server user. CVE-2007-3215 Nigel McNie discovered that fetching https URLs di...

10CVSS8.3AI score0.54003EPSS
Exploits23
OpenVAS
OpenVAS
added 2009/04/09 12:0 a.m.18 views

Mandriva Update for hplip MDKSA-2007:201 (hplip)

Check for the Version of hplip OpenVAS Vulnerability Test Mandriva Update for hplip MDKSA-2007:201 hplip Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

7.6CVSS0.2AI score0.67264EPSS
Exploits4References2
OpenVAS
OpenVAS
added 2009/03/23 12:0 a.m.14 views

Ubuntu Update for xfce4-terminal vulnerability USN-497-1

Ubuntu Update for Linux kernel vulnerabilities USN-497-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN4971.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for xfce4-terminal vulnerability USN-497-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...

7.8CVSS0.02239EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2009/03/23 12:0 a.m.9 views

Ubuntu: Security Advisory (USN-530-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.6CVSS6.6AI score0.67264EPSS
Exploits4References2
OpenVAS
OpenVAS
added 2009/03/23 12:0 a.m.14 views

Ubuntu: Security Advisory (USN-526-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.2CVSS6.7AI score0.00346EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2008/01/17 12:0 a.m.29 views

Debian Security Advisory DSA 694-1 (xloadimage)

The remote host is missing an update to xloadimage announced via advisory DSA 694-1. OpenVAS Vulnerability Test $Id: deb6941.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 694-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

7.5CVSS0.6AI score0.03603EPSS
Exploits0
Ubuntu
Ubuntu
added 2007/10/12 5:59 p.m.42 views

USN-530-1: hplip vulnerability

It was discovered that the hpssd tool of hplip did not correctly handle shell meta-characters. A local attacker could exploit this to execute arbitrary commands as the hplip user...

7.6CVSS5.3AI score0.67264EPSS
Exploits4
Ubuntu
Ubuntu
added 2007/10/04 9:37 p.m.41 views

USN-526-1: debian-goodies vulnerability

Thomas de Grenier de Latour discovered that the checkrestart program included in debian-goodies did not correctly handle shell meta-characters. A local attacker could exploit this to gain the privileges of the user running checkrestart...

7.2CVSS5.3AI score0.00346EPSS
Exploits0
Ubuntu
Ubuntu
added 2007/08/14 3:32 a.m.45 views

USN-497-1: xfce4-terminal vulnerability

Lasse Kärkkäinen discovered that the Xfce Terminal did not correctly escape shell meta-characters during "Open Link" actions. If a remote attacker tricked a user into opening a specially crafted URI, they could execute arbitrary commands with the user's privileges...

7.8CVSS5.4AI score0.02239EPSS
Exploits1
OpenVAS
OpenVAS
added 2006/03/26 12:0 a.m.22 views

The Includer RCE Vulnerability

The Includer is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2005 David Maciejak Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.5AI score0.09906EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2005/04/19 12:0 a.m.18 views

GLSA-200504-17 : XV: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200504-17 XV: Multiple vulnerabilities Greg Roelofs has reported multiple input validation errors in XV image decoders. Tavis Ormandy of the Gentoo Linux Security Audit Team has reported insufficient validation in the PDS Planetar...

6AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2005/03/21 12:0 a.m.21 views

Debian DSA-695-1 : xli - buffer overflow, input sanitising, integer overflow

Several vulnerabilities have been discovered in xli, an image viewer for X11. The Common Vulnerabilities and Exposures project identifies the following problems : - CAN-2001-0775 A buffer overflow in the decoder for FACES format images could be exploited by an attacker to execute arbitrary code...

7.5CVSS5.9AI score0.16344EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2005/03/21 12:0 a.m.31 views

Debian DSA-694-1 : xloadimage - missing input sanitising, integer overflow

Several vulnerabilities have been discovered in xloadimage, an image viewer for X11. The Common Vulnerabilities and Exposures project identifies the following problems : - CAN-2005-0638 Tavis Ormandy of the Gentoo Linux Security Audit Team has reported a flaw in the handling of compressed images,...

7.5CVSS5.3AI score0.03603EPSS
Exploits0References4
Gentoo Linux
Gentoo Linux
added 2004/09/08 12:0 a.m.24 views

LHa: Multiple vulnerabilities

Background LHa is a console-based program for packing and unpacking LHarc archives. Description The command line argument as well as the archive parsing code of LHa lack sufficient bounds checking. Furthermore, a shell meta character command execution vulnerability exists in LHa, since it does no...

10CVSS7.4AI score0.18827EPSS
Exploits1
Rows per page
Query Builder