Lucene search
+L

83 matches found

Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.23 views

openSUSE Security Update : python-cupshelpers (openSUSE-SU-2011:1331-2)

This update fixes a typo from the previous update : system-config-printer used an unauthenticated connection when downloading printer drivers from openprinting.org CVE-2011-4405. This update disables the printer driver download feature. system-config-printer did not properly quote shell meta...

7.5CVSS5.4AI score0.03449EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.21 views

openSUSE Security Update : aaa_base (openSUSE-SU-2011:0207-1)

shell meta characters in file names could cause interactive shells to execute arbitrary commands when performing tab expansion CVE-2011-0468. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...

6.9CVSS5.6AI score0.00326EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.24 views

openSUSE Security Update : dhcpcd (openSUSE-SU-2011:0352-1)

A rogue dhcp server could instruct clients to use a host name that contains shell meta characters. Since many scripts in the system do not expect unusal characters in the system's host name the dhcp client needs to sanitize the host name offered by the server CVE-2011-0996. This update also fixes...

6.8CVSS5.4AI score0.03748EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.27 views

openSUSE Security Update : dhcp (openSUSE-SU-2011:0321-1)

A rogue dhcp server could instruct clients to use a host name that contains shell meta characters. Since many scripts in the system do not expect unusal characters in the system's host name the dhcp client needs to sanitize the host name offered by the server CVE-2011-0997. %NASLMINLEVEL 70300 C...

7.5CVSS6.4AI score0.84292EPSS
Exploits6References6
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.23 views

openSUSE Security Update : python-cupshelpers (openSUSE-SU-2011:1331-2)

This update fixes a typo from the previous update : system-config-printer used an unauthenticated connection when downloading printer drivers from openprinting.org CVE-2011-4405. This update disables the printer driver download feature. system-config-printer did not properly quote shell meta...

7.5CVSS5.4AI score0.03449EPSS
Exploits0References5
GitLab Advisory Database
GitLab Advisory Database
added 2014/05/02 12:0 a.m.55 views

Remote Command Injection

Unsanitized input is passed to the shell. A malicious user can inject shell commands by sending shell meta characters like ';' in some variables...

7.5CVSS6.5AI score0.02188EPSS
Exploits3Affected Software1
Packet Storm
Packet Storm
added 2013/12/13 12:0 a.m.47 views

Ruby Gem Webbynode 1.0.5.3 Command Injection

Command injection in Ruby Gem Webbynode 1.0.5.3 Date: 11/11/2014 Author: Larry W. Cashdollar, @larry0 Download: http://rubygems.org/gems/webbynode Vulnerability Description: The following code located in: ./webbynode-1.0.5.3/lib/webbynode/notify.rb doesn't fully sanitize user supplied input befor...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2013/07/15 12:0 a.m.144 views

CVE-2012-6297 - Command Injection via CSRF on DD-WRT v24-sp2

DD-WRT v24-sp2 is prone to command injection from specially crafted configuration values containing shell meta-characters. A remote attacker can potentially use CSRF from an authenticated client to execute commands on the router as the root user. Successful exploitation can result in system wide...

4.2AI score0.01691EPSS
Exploits1
Packet Storm
Packet Storm
added 2013/07/12 12:0 a.m.52 views

DD-WRT 24-sp2 CSRF / Command Injection

DD-WRT v24-sp2 is prone to command injection from specially crafted configuration values containing shell meta-characters. A remote attacker can potentially use CSRF from an authenticated client to execute commands on the router as the root user. Successful exploitation can result in system wide...

0.01691EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2012/01/16 12:0 a.m.28 views

SuSE 11.1 Security Update : system-config-printer (SAT Patch Number 5607)

The following issues have been fixed : - system-config-printer used an unauthenticated connection when downloading printer drivers from openprinting.org CVE-2011-4405. This update disables the printer driver download feature. - system-config-printer did not properly quote shell meta characters in...

7.5CVSS5.4AI score0.03449EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2011/12/13 12:0 a.m.26 views

SuSE 10 Security Update : dhcp6 (ZYPP Patch Number 7465)

A rogue DHCP server could instruct clients to use a host name that contains shell meta characters. Since many scripts in the system do not expect unusal characters in the system's host name the DHCP client needs to sanitize the host name offered by the server. CVE-2011-0997 %NASLMINLEVEL 70300 C...

7.5CVSS6.4AI score0.84292EPSS
Exploits6References2
OpenVAS
OpenVAS
added 2011/05/12 12:0 a.m.22 views

Debian Security Advisory DSA 2217-1 (dhcp3)

The remote host is missing an update to dhcp3 announced via advisory DSA 2217-1. OpenVAS Vulnerability Test $Id: deb22171.nasl 6613 2017-07-07 12:08:40Z cfischer $ Description: Auto-generated from advisory DSA 2217-1 dhcp3 Authors: Thomas Reinke Copyright: Copyright c 2011 E-Soft Inc...

7.5CVSS0.2AI score0.84292EPSS
Exploits6
Tenable Nessus
Tenable Nessus
added 2011/05/05 12:0 a.m.16 views

openSUSE Security Update : dhcpcd (openSUSE-SU-2011:0385-1)

This update fixes the following security issue : A rogue DHCP server could instruct clients to use a host name that contains shell meta characters. Since many scripts in the system do not expect unusal characters in the system's host name the DHCP client needs to sanitize the host name offered by...

6.8CVSS5.4AI score0.03748EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2011/04/20 12:0 a.m.27 views

SuSE 11.1 Security Update : dhcpcd (SAT Patch Number 4389)

A rogue DHCP server could instruct clients to use a host name that contains shell meta characters. Since many scripts in the system do not expect unusal characters in the system's host name the DHCP client needs to sanitize the host name offered by the server. CVE-2011-0996 Note this update is...

6.8CVSS5.5AI score0.03748EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2011/04/20 12:0 a.m.29 views

SuSE 10 Security Update : dhcp6 (ZYPP Patch Number 7464)

A rogue DHCP server could instruct clients to use a host name that contains shell meta characters. Since many scripts in the system do not expect unusal characters in the system's host name the DHCP client needs to sanitize the host name offered by the server. CVE-2011-0997 %NASLMINLEVEL 70300 C...

7.5CVSS6.4AI score0.84292EPSS
Exploits6References2
Tenable Nessus
Tenable Nessus
added 2011/04/13 12:0 a.m.24 views

SuSE 10 Security Update : dhcp (ZYPP Patch Number 7456)

A rogue DHCP server could instruct clients to use a host name that contains shell meta characters. Since many scripts in the system do not expect unusal characters in the system's host name the DHCP client needs to sanitize the host name offered by the server. CVE-2011-0997 %NASLMINLEVEL 70300 C...

7.5CVSS6.4AI score0.84292EPSS
Exploits6References2
securityvulns
securityvulns
added 2011/04/12 12:0 a.m.71 views

[SECURITY] [DSA 2216-1] isc-dhcp security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2216-1 [email protected] http://www.debian.org/security/ Nico Golde April 10, 2011 http://www.debian.org/security/faq -...

7.5CVSS1.9AI score0.84292EPSS
Exploits6
Tenable Nessus
Tenable Nessus
added 2011/04/11 12:0 a.m.26 views

SuSE9 Security Update : dhcp (YOU Patch Number 12698)

A rogue DHCP server could instruct clients to use a host name that contains shell meta characters. Since many scripts in the system do not expect unusal characters in the system's host name the DHCP client needs to sanitize the host name offered by the server. CVE-2011-0996 %NASLMINLEVEL 70300 C...

7.5CVSS6.4AI score0.84292EPSS
Exploits6References4
Tenable Nessus
Tenable Nessus
added 2011/04/11 12:0 a.m.31 views

SuSE 11.1 Security Update : dhcp (SAT Patch Number 4315)

A rogue DHCP server could instruct clients to use a host name that contains shell meta characters. Since many scripts in the system do not expect unusal characters in the system's host name the DHCP client needs to sanitize the host name offered by the server. CVE-2011-0997 %NASLMINLEVEL 70300 C...

7.5CVSS6.4AI score0.84292EPSS
Exploits6References7
Tenable Nessus
Tenable Nessus
added 2011/04/11 12:0 a.m.80 views

FreeBSD : isc-dhcp-client -- dhclient does not strip or escape shell meta-characters (7e69f00d-632a-11e0-9f3a-001d092480a4)

ISC reports : ISC dhclient did not strip or escape certain shell meta-characters in responses from the dhcp server like hostname before passing the responses on to dhclient-script. Depending on the script and OS, this can result in execution of exploit code on the client. %NASLMINLEVEL 70300 C...

7.5CVSS6.7AI score0.84292EPSS
Exploits6References2
Rows per page
Query Builder