4 matches found
GNU bash Environment Variable Command Injection (MSF)
No description provided by source. require 'msf/core' class Metasploit3 Msf::Auxiliary include Msf::Exploit::Remote::HttpClient def initializeinfo = superupdateinfoinfo, 'Name' = 'bashedCgi', 'Description' = %q Quick & dirty module to send the BASH exploit payload CVE-2014-6271 to CGI scripts tha...
GNU Bash - Environment Variable Command Injection (Metasploit)
GNU Bash - Environment Variable Command Injection Metasploit require 'msf/core' class Metasploit3 'bashedCgi', 'Description' = %q Quick & dirty module to send the BASH exploit payload CVE-2014-6271 to CGI scripts that are BASH-based or invoke BASH, to execute an arbitrary shell command. , 'Author...
Oracle Secure Backup Administration preauth variable command injection
Added: 12/06/2010 CVE: CVE-2010-0906 BID: 41597 OSVDB: 67128 Background Oracle Secure Backup is a centralized tape backup management solution for Oracle Database. Problem A vulnerability in the Administration server allows remote, authenticated attackers to execute arbitrary commands which are...
Oracle Secure Backup Administration selector Variable Command Injection (CVE-2010-0906)
Oracle Secure Backup is a backup solution allowing for single point of management of data present on network attached storage NAS devices and distributed hosts. A command execution vulnerability exists in Oracle Secure Backup server. The vulnerability is due to an insufficient sanitizing when...