8 matches found
SunSolve CD CGI user input validation
Sunsolve CD CGI scripts does not validate user input. SPDX-FileCopyrightText: 2002 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SunSolve CD CGI user input validation
Sunsolve CD CGI scripts does not validate user input. Crackers may use them to execute some commands on your system. Note: OpenVAS did not try to perform the attack. OpenVAS Vulnerability Test $Id: sscdinput.nasl 8023 2017-12-07 08:36:26Z teissa $ Description: SunSolve CD CGI user input validatio...
Sun Sunsolve CD Pack sscd_suncourier.pl email Parameter Arbitrary Command Execution
The Sunsolve CD is part of the Solaris Media pack. It is included as a documentation resource, and is available for the Solaris Operating Environment. Sunsolve CD CGI scripts does not validate user input. Crackers may use them to execute some commands on your system. Note: Nessus did not try to...
CVE-2002-0436
sscdsuncourier.pl CGI script in the Sun Sunsolve CD pack allows remote attackers to execute arbitrary commands via shell metacharacters in the email address parameter...
CVE-2002-0436
The CVE-2002-0436 entry maps to the SunSolve CD package: the CGI script sscd_suncourier.pl does not validate the email parameter, enabling remote command execution via shell metacharacters. Documented by NVD/Nessus/OpenVAS references, this is a clientless, remote issue affecting Sunsolve CD CGI i...
SunSolve CD cgi scripts...
Sun never responded to this mail so I guess they don't consider the bug too be serious ... could be worth mentioning though. ----- Forwarded message from Fyodor [email protected] ----- Date: Sat, 16 Jun 2001 23:24:45 +0700 From: Fyodor [email protected] To: [email protected] Subject:...
Solaris 7.08 Sunsolve CD - SSCD_SunCourier.pl CGI Script Arbitrary Command Execution
Solaris 7.08 Sunsolve CD - SSCDSunCourier.pl CGI Script Arbitrary Command Execution source: https://www.securityfocus.com/bid/4269/info The Sunsolve CD is part of the Solaris Media pack. It is included as a documentation resource, and is available for the Solaris Operating Environment. A CGI scri...
Solaris 7.0/8 Sunsolve CD - SSCD_SunCourier.pl CGI Script Arbitrary Command Execution
source: https://www.securityfocus.com/bid/4269/info The Sunsolve CD is part of the Solaris Media pack. It is included as a documentation resource, and is available for the Solaris Operating Environment. A CGI script included with the CD does not adequately sanitize input. Due to a design failure...