verlihub <= 0.9.8d-RC2 Remote Command Execution Vulnerability

No description provided by source. == verlihub =0.9.8d-RC2 remote r00t / command execution ======================= | ' / | / / \---'-|---\ | |' / / / '. V ,--' ':./ description:-------------------------------------------------------------------- Verlihub is a Direct Connect protocol server; runs...

Verlihub Control Panel <= 1.7.x Local File Inclusion Vulnerability

No description provided by source. Verlihub Control Panel v 1.7 PHP 4.x Local File Inclusion http://vhcp.verlihub- project.org/ Bug Found By Methodman From TEAMELITE - dchub.nemesis.te-home.net:4120 Bug: Line: 27 - inisetmagicquotesgpc,1; ............................ Line: 71 - $pagename =...

CVE-2009-2569

Verlihub Control Panel (VHCP) 1.7e contains cross-site scripting (XSS) vulnerabilities that allow remote attackers to inject arbitrary script/HTML via (1) the nick parameter in a login action to index.php and (2) the URI in a news request to index.html. The connected documents confirm these two v...

FreeBSD Ports: verlihub

The remote host is missing an update to the system as announced in the referenced advisory. VID 58997463-e012-11dd-a765-0030843d3802 OpenVAS Vulnerability Test $ Description: Auto generated from VID 58997463-e012-11dd-a765-0030843d3802 Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...

FreeBSD Ports: verlihub

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

FreeBSD : verlihub -- insecure temporary file usage and arbitrary command execution (58997463-e012-11dd-a765-0030843d3802)

securityfocus reports : An attacker with local access could potentially exploit this issue to perform symbolic-link attacks, overwriting arbitrary files in the context of the affected application. Successfully mounting a symlink attack may allow the attacker to delete or corrupt sensitive files,...

Verlihub创建不安全文件及远程代码执行漏洞

BUGTRAQ ID: 32889,32420 CVECAN ID: CVE-2008-5705,CVE-2008-5706 Verlihub是运行在Linux操作系统上的Direct Connect协议服务器。 Verlihub没有正确地过滤通过trigger机制传送给shell的用户输入，此外Verlihub守护程序还可能配置为以root用户权限运行，这就允许连接到hub的用户通过提交恶意请求执行任意命令，或允许本地攻击者通过对/tmp/trigger.tmp临时文件的符号链接攻击覆盖任意文件。以下是src/ctrigger.cpp文件的cTrigger::DoIt函数中的有漏洞代码...

CVE-2008-5706

The cTrigger::DoIt function in src/ctrigger.cpp in the trigger mechanism in the daemon in Verlihub 0.9.8d-RC2 and earlier allows local users to overwrite arbitrary files via a symlink attack on the /tmp/trigger.tmp temporary file...

CVE-2008-5705

CVE-2008-5705 affects Verlihub 0.9.8d-RC2 and earlier. The cTrigger::DoIt() code path passes user input to a shell command, appends shell metacharacters, and uses system(), enabling remote command execution when triggers are enabled. There is also evidence of a local file/temporary file handling ...

CVE-2008-5706

The CVE-2008-5706 entry concerns Verlihub (

verlihub -- insecure temporary file usage and arbitrary command execution

securityfocus reports: An attacker with local access could potentially exploit this issue to perform symbolic-link attacks, overwriting arbitrary files in the context of the affected application. Successfully mounting a symlink attack may allow the attacker to delete or corrupt sensitive files,...

verlihub-exec.txt

== verlihub Verlihub does not sanitize user input passed to the shell via its "trigger" mechanism. Furthermore, the Verlihub daemon can optionally be configured to run as root. This allows for the arbitrary execution of commands by users connected to the hub and, in the case of the daemon running...

verlihub &lt;= 0.9.8d-RC2 Remote Command Execution Vulnerability

No description provided by source. == verlihub =0.9.8d-RC2 remote r00t / command execution ======================= | ' / | / / \---'-|---\ | |' / / / '. V ,--' ':./ description:-------------------------------------------------------------------- "Verlihub is a Direct Connect protocol server; runs...

verlihub 0.9.8d-RC2 - Remote Command Execution

== verlihub Verlihub does not sanitize user input passed to the shell via its "trigger" mechanism. Furthermore, the Verlihub daemon can optionally be configured to run as root. This allows for the arbitrary execution of commands by users connected to the hub and, in the case of the daemon running...

verlihub <= 0.9.8d-RC2 Remote Command Execution Vulnerability

Exploit for linux platform in category remote exploits ============================================================= verlihub Verlihub does not sanitize user input passed to the shell via its "trigger" mechanism. Furthermore, the Verlihub daemon can optionally be configured to run as root. This...

verlihub 0.9.8d-RC2 - Remote Command Execution

verlihub 0.9.8d-RC2 - Remote Command Execution == verlihub Verlihub does not sanitize user input passed to the shell via its "trigger" mechanism. Furthermore, the Verlihub daemon can optionally be configured to run as root. This allows for the arbitrary execution of commands by users connected to...

CVE-2007-5321

Directory traversal vulnerability in index.php in Verlihub Control Panel VHCP 1.7 and earlier allows remote attackers to include arbitrary files via a .. dot dot in the page parameter...

CVE-2007-5321

CVE-2007-5321 affects Verlihub Control Panel (VHCP) versions 1.7 and earlier, where index.php is vulnerable to a directory traversal via the page parameter (..), allowing remote inclusion of arbitrary files. Root cause is improper sanitization of the page parameter, enabling directory traversal. ...

verlihub-lfi.txt

Verlihub Control Panel v 1.7 PHP 4.x Local File Inclusion http://vhcp.verlihub- project.org/ Bug Found By Methodman From TEAMELITE dchub.nemesis.te-home.net:4120 Bug: Line: 27 - iniset"magicquotesgpc","1"; ............................ Line: 71 - $pagename = isset$GET'page' ? $GET'page' :...

Verlihub Control Panel 1.7.x - Local File Inclusion

Verlihub Control Panel v 1.7 PHP 4.x Local File Inclusion http://vhcp.verlihub- project.org/ Bug Found By Methodman From TEAMELITE dchub.nemesis.te-home.net:4120 Bug: Line: 27 - iniset"magicquotesgpc","1"; ............................ Line: 71 - $pagename = isset$GET'page' ? $GET'page' :...